VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by hp at 2021-04-09 18:03:24
Microsoft Windows 8.1
System drive C: has 685 GB (73%) free of 942 GB
Total RAM: 7349 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:03:33, on 9. 4. 2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\AnyDesk\AnyDesk.exe
C:\Users\hp\AppData\Local\Facebook\Games\FacebookGameroom.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Users\hp\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
C:\Program Files\trend micro\hp.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.68\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Browsing Protection by F-Secure - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\http\1617091255\browser\fs_ie_https\fs_ie_https.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [TeamsMachineInstaller] %ProgramFiles%\Teams Installer\Teams.exe --checkInstall --source=PROPLUS
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Flvto Youtube Downloader] "C:\Users\hp\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.Redesign.exe" /minimize
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\hp\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - Startup: Facebook Gameroom.lnk = C:\Users\hp\AppData\Local\Facebook\Games\FacebookGameroom.exe
O4 - Global Startup: AnyDesk.lnk = C:\Program Files (x86)\AnyDesk\AnyDesk.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AnyDesk Service (AnyDesk) - philandro Software GmbH - C:\Program Files (x86)\AnyDesk\AnyDesk.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: F-Secure Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
O23 - Service: F-Secure Hoster (Restricted) (fsnethoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe
O23 - Service: F-Secure Ultralight Hoster (fsulhoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fshoster64.exe
O23 - Service: F-Secure Ultralight Network Hoster (fsulnethoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fshoster64.exe
O23 - Service: F-Secure Ultralight ORSP Client (fsulorsp) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsorsp64.exe
O23 - Service: F-Secure Ultralight Protected Hoster (fsulprothoster) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsulprothoster.exe
O23 - Service: Gameforge Client Service (GameforgeClientService) - Unknown owner - C:\Program Files (x86)\GameforgeClient\gfservice.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11755 bytes

======Listing Processes======





wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AnyDesk\AnyDesk.exe" --service
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe" --service --namespace default --id 0
dashost.exe {c514753e-a230-458a-9c928df480603865}
"C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe" --service --namespace default --id 2
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Browny02\BrYNSvc.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
taskhost.exe $(Arg0)
C:\Windows\system32\DllHost.exe /Processid:{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}
"C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsorsp64.exe"
"C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fshoster64.exe" --service --namespace ul_default --id 2
"C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fshoster64.exe" --service --namespace ul_default
"C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsulprothoster.exe" --service --namespace ul_default --id 5
1960
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe" /frequentupdate SCHEDULEDTASK displaylevel=False

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
taskhostex.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\skydrive.exe -Embedding

"C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe" --app --namespace default --id 1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\AnyDesk\AnyDesk.exe" --control
"C:\Users\hp\AppData\Local\Facebook\Games\FacebookGameroom.exe" fbgames://windows_startup/
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
-BootProc
"C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN
-BootProc
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="10532.0.1642142063\401030311" -parentBuildID 20210318103112 -prefsHandle 1296 -prefMapHandle 1288 -prefsLen 1 -prefMapSize 260544 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 10532 "\\.\pipe\gecko-crash-server-pipe.10532" 1384 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="10532.6.36303365\931304986" -childID 1 -isForBrowser -prefsHandle 2212 -prefMapHandle 2100 -prefsLen 393 -prefMapSize 260544 -parentBuildID 20210318103112 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 10532 "\\.\pipe\gecko-crash-server-pipe.10532" 2208 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="10532.13.977780565\388608548" -childID 2 -isForBrowser -prefsHandle 3240 -prefMapHandle 3236 -prefsLen 6524 -prefMapSize 260544 -parentBuildID 20210318103112 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 10532 "\\.\pipe\gecko-crash-server-pipe.10532" 3248 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="10532.20.2074090850\389937924" -childID 3 -isForBrowser -prefsHandle 4072 -prefMapHandle 4068 -prefsLen 7383 -prefMapSize 260544 -parentBuildID 20210318103112 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 10532 "\\.\pipe\gecko-crash-server-pipe.10532" 3892 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="10532.41.29808577\987476303" -childID 6 -isForBrowser -prefsHandle 4652 -prefMapHandle 4644 -prefsLen 7383 -prefMapSize 260544 -parentBuildID 20210318103112 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 10532 "\\.\pipe\gecko-crash-server-pipe.10532" 4656 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="10532.48.285438513\7835765" -parentBuildID 20210318103112 -prefsHandle 8764 -prefMapHandle 8700 -prefsLen 7647 -prefMapSize 260544 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 10532 "\\.\pipe\gecko-crash-server-pipe.10532" 8748 rdd
"Facebook Gameroom Browser.exe" --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Users\hp\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 CanvasFrame/1.23.7426.18586 Safari/537.36 FacebookCanvasDesktop FBAN/GamesWindowsDesktopApp FBAV/1.23.7426.18586" --gpu-vendor-id=0x1002 --gpu-device-id=0x6611 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.2401.1001 --gpu-driver-date=11-25-2015 --gpu-secondary-vendor-ids=0x1002 --gpu-secondary-device-ids=0x9901 --lang=en-US --log-file="C:\Users\hp\AppData\Local\Facebook\Games\debug.log" --log-severity=disable --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 CanvasFrame/1.23.7426.18586 Safari/537.36 FacebookCanvasDesktop FBAN/GamesWindowsDesktopApp FBAV/1.23.7426.18586" --service-request-channel-token=54998B458CD6A4EAC8C0400A2B70005A --mojo-platform-channel-handle=2456 /prefetch:2
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
C:\Windows\system32\msiexec.exe /V

"C:\Users\hp\Desktop\RSITx64.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe


=========Mozilla firefox=========

ProfilePath - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\fag465m9.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.68\BHO\ie_to_edge_bho_64.dll [2021-04-01 548240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-03-04 189248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45BBE08D-81C5-4A67-AF20-B2A077C67747}]
Browsing Protection by F-Secure - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\http\1617091255\browser\fs_ie_https\fs_ie_https64.dll [2021-03-30 1639576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.68\BHO\ie_to_edge_bho.dll [2021-04-01 416656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-04 151872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45BBE08D-81C5-4A67-AF20-B2A077C67747}]
Browsing Protection by F-Secure - C:\Program Files (x86)\F-Secure\SAFE\Ultralight\http\1617091255\browser\fs_ie_https\fs_ie_https.dll [2021-03-30 1056920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-08-22 41664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-11-20 1703424]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2020-10-16 331064]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"Flvto Youtube Downloader"=C:\Users\hp\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.Redesign.exe /minimize []
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2020-09-08 67384]
"com.squirrel.Teams.Teams"=C:\Users\hp\AppData\Local\Microsoft\Teams\Update.exe [2021-04-07 2453728]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"TeamsMachineInstaller"=C:\Program Files\Teams Installer\Teams.exe --checkInstall --source=PROPLUS []
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2014-05-22 139776]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2014-05-22 4513792]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AnyDesk.lnk - C:\Program Files (x86)\AnyDesk\AnyDesk.exe

C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Facebook Gameroom.lnk - C:\Users\hp\AppData\Local\Facebook\Games\FacebookGameroom.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SafeModeBlockNonAdmins"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktopChanges"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2021-04-09 18:03:24 ----D---- C:\rsit
2021-04-09 18:03:24 ----D---- C:\Program Files\trend micro
2021-03-23 21:04:47 ----D---- C:\Program Files (x86)\Mozilla Firefox
2021-03-11 09:26:05 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2021-03-11 09:26:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2021-03-11 09:26:05 ----A---- C:\Windows\system32\pngfilt.dll
2021-03-11 09:26:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2021-03-11 09:26:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2021-03-11 09:26:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2021-03-11 09:26:04 ----A---- C:\Windows\system32\ie4uinit.exe
2021-03-11 09:26:03 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2021-03-11 09:26:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2021-03-11 09:26:03 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2021-03-11 09:26:02 ----A---- C:\Windows\SYSWOW64\jscript.dll
2021-03-11 09:26:02 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2021-03-11 09:26:02 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2021-03-11 09:26:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2021-03-11 09:26:02 ----A---- C:\Windows\system32\vbscript.dll
2021-03-11 09:26:02 ----A---- C:\Windows\system32\urlmon.dll
2021-03-11 09:26:02 ----A---- C:\Windows\system32\msfeeds.dll
2021-03-11 09:26:02 ----A---- C:\Windows\system32\iedkcs32.dll
2021-03-11 09:26:01 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2021-03-11 09:26:01 ----A---- C:\Windows\system32\iertutil.dll
2021-03-11 09:26:00 ----A---- C:\Windows\SYSWOW64\wininet.dll
2021-03-11 09:26:00 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2021-03-11 09:26:00 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2021-03-11 09:26:00 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2021-03-11 09:26:00 ----A---- C:\Windows\system32\jscript.dll
2021-03-11 09:25:59 ----A---- C:\Windows\system32\ieframe.dll
2021-03-11 09:25:59 ----A---- C:\Windows\system32\dxtrans.dll
2021-03-11 09:25:59 ----A---- C:\Windows\system32\dxtmsft.dll
2021-03-11 09:25:58 ----A---- C:\Windows\system32\webcheck.dll
2021-03-11 09:25:58 ----A---- C:\Windows\system32\mshtmled.dll
2021-03-11 09:25:58 ----A---- C:\Windows\system32\jscript9.dll
2021-03-11 09:25:58 ----A---- C:\Windows\system32\inetcomm.dll
2021-03-11 09:25:58 ----A---- C:\Windows\system32\imgutil.dll
2021-03-11 09:25:57 ----A---- C:\Windows\system32\wininet.dll
2021-03-11 09:25:57 ----A---- C:\Windows\system32\mshtml.dll
2021-03-11 09:25:54 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2021-03-11 09:25:54 ----A---- C:\Windows\system32\win32k.sys
2021-03-11 09:25:54 ----A---- C:\Windows\system32\iepeers.dll
2021-03-11 09:25:54 ----A---- C:\Windows\system32\ieapfltr.dll
2021-03-11 09:25:53 ----A---- C:\Windows\SYSWOW64\msi.dll
2021-03-11 09:25:53 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2021-03-11 09:25:53 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2021-03-11 09:25:53 ----A---- C:\Windows\system32\msi.dll
2021-03-11 09:25:52 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2021-03-11 09:25:52 ----A---- C:\Windows\system32\WindowsCodecs.dll
2021-03-11 09:25:52 ----A---- C:\Windows\system32\jscript9diag.dll
2021-03-11 09:25:51 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2021-03-11 09:25:51 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2021-03-11 09:25:51 ----A---- C:\Windows\system32\localspl.dll
2021-03-11 09:25:50 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2021-03-11 09:25:50 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2021-03-11 09:25:50 ----A---- C:\Windows\system32\IKEEXT.DLL
2021-03-11 09:25:49 ----A---- C:\Windows\SYSWOW64\upnphost.dll
2021-03-11 09:25:49 ----A---- C:\Windows\SYSWOW64\rasapi32.dll
2021-03-11 09:25:49 ----A---- C:\Windows\system32\rasdlg.dll
2021-03-11 09:25:49 ----A---- C:\Windows\system32\rasapi32.dll
2021-03-11 09:25:49 ----A---- C:\Windows\system32\ntoskrnl.exe
2021-03-11 09:25:49 ----A---- C:\Windows\system32\drivers\nwifi.sys
2021-03-11 09:25:48 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2021-03-11 09:25:48 ----A---- C:\Windows\SYSWOW64\rasdlg.dll
2021-03-11 09:25:48 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2021-03-11 09:25:48 ----A---- C:\Windows\system32\WMPhoto.dll
2021-03-11 09:25:48 ----A---- C:\Windows\system32\wlanapi.dll
2021-03-11 09:25:48 ----A---- C:\Windows\system32\upnphost.dll
2021-03-11 09:25:48 ----A---- C:\Windows\system32\COLORCNV.DLL
2021-03-11 09:25:48 ----A---- C:\Windows\system32\AxInstSv.dll
2021-03-11 09:25:47 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2021-03-11 09:25:45 ----A---- C:\Windows\SYSWOW64\profext.dll
2021-03-11 09:25:45 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2021-03-11 09:25:45 ----A---- C:\Windows\SYSWOW64\certcli.dll
2021-03-11 09:25:45 ----A---- C:\Windows\system32\ProximityService.dll
2021-03-11 09:25:45 ----A---- C:\Windows\system32\profext.dll
2021-03-11 09:25:45 ----A---- C:\Windows\system32\certcli.dll
2021-03-10 14:51:43 ----D---- C:\Users\hp\AppData\Roaming\ControlCenter4
2021-03-10 14:44:50 ----D---- C:\Brother
2021-03-10 14:44:30 ----D---- C:\ProgramData\ControlCenter4
2021-03-10 14:44:30 ----D---- C:\Program Files (x86)\Browny02
2021-03-10 14:44:24 ----D---- C:\Program Files (x86)\ControlCenter4
2021-03-10 14:44:02 ----A---- C:\Windows\SYSWOW64\BRTCPCON.DLL
2021-03-10 14:44:02 ----A---- C:\Windows\system32\BrWi213b.dll
2021-03-10 14:44:02 ----A---- C:\Windows\system32\BrUsi13b.dll
2021-03-10 14:44:01 ----A---- C:\Windows\SYSWOW64\BROSNMP.DLL
2021-03-10 14:44:01 ----A---- C:\Windows\SYSWOW64\BRLMW03A.INI
2021-03-10 14:44:01 ----A---- C:\Windows\SYSWOW64\BRLMW03A.DLL
2021-03-10 14:44:01 ----A---- C:\Windows\SYSWOW64\BRLM03A.DLL
2021-03-10 14:44:01 ----A---- C:\Windows\system32\BrJDec.dll
2021-03-10 14:44:00 ----A---- C:\Windows\system32\BRCOM14A.DLL
2021-03-10 14:44:00 ----A---- C:\Windows\system32\BrCiImg.dll
2021-03-10 14:43:55 ----A---- C:\Windows\system32\BRADM14A.DAT
2021-03-10 14:43:53 ----N---- C:\Windows\SYSWOW64\NSSearch.dll
2021-03-10 14:43:52 ----N---- C:\Windows\SYSWOW64\BrDctF2S.dll
2021-03-10 14:43:52 ----N---- C:\Windows\SYSWOW64\BrDctF2L.dll
2021-03-10 14:43:52 ----N---- C:\Windows\SYSWOW64\BrDctF2.dll
2021-03-10 14:43:52 ----D---- C:\Program Files (x86)\Brother
2021-03-10 14:40:49 ----D---- C:\Users\hp\AppData\Roaming\InstallShield
2021-03-10 14:40:22 ----D---- C:\ProgramData\Brother

======List of files/folders modified in the last 1 month======

2021-04-09 18:03:30 ----D---- C:\Windows\Prefetch
2021-04-09 18:03:28 ----D---- C:\Windows\Temp
2021-04-09 18:03:26 ----SHD---- C:\Windows\Installer
2021-04-09 18:03:25 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-04-09 18:03:24 ----RD---- C:\Program Files
2021-04-09 18:03:16 ----D---- C:\Windows\Microsoft.NET
2021-04-09 18:02:08 ----D---- C:\Windows\system32\catroot2
2021-04-09 18:02:05 ----D---- C:\Windows\system32\sru
2021-04-09 18:01:41 ----D---- C:\Program Files\Microsoft Office
2021-04-09 18:00:13 ----D---- C:\ProgramData\Mozilla
2021-04-08 23:24:53 ----D---- C:\Users\hp\AppData\Roaming\upjers-playground2
2021-04-08 13:35:25 ----D---- C:\Windows\system32\Tasks
2021-04-07 15:49:48 ----D---- C:\Users\hp\AppData\Roaming\vlc
2021-04-07 15:33:01 ----D---- C:\Windows\System32
2021-04-07 15:33:01 ----D---- C:\Windows\Inf
2021-04-07 15:33:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2021-04-06 12:10:37 ----D---- C:\Windows\system32\catroot
2021-04-02 10:46:19 ----SHD---- C:\System Volume Information
2021-03-24 00:01:47 ----RD---- C:\Program Files (x86)
2021-03-23 22:55:38 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-19 23:56:35 ----D---- C:\Program Files (x86)\AnyDesk
2021-03-19 18:20:46 ----D---- C:\ProgramData\Disc-Soft
2021-03-19 18:20:44 ----D---- C:\Users\hp\AppData\Roaming\Disc-Soft
2021-03-19 18:20:44 ----AHD---- C:\ProgramData
2021-03-19 18:19:37 ----D---- C:\Users\hp\AppData\Roaming\Canon
2021-03-19 18:18:32 ----D---- C:\Windows\twain_32
2021-03-19 18:18:17 ----D---- C:\Windows\system32\DriverStore
2021-03-16 09:42:40 ----D---- C:\Windows\system32\config
2021-03-16 08:38:06 ----HD---- C:\Program Files\WindowsApps
2021-03-16 08:38:06 ----D---- C:\Windows\AppReadiness
2021-03-15 13:12:05 ----D---- C:\Windows\WinSxS
2021-03-13 17:01:19 ----D---- C:\Windows\SysWOW64
2021-03-12 20:25:11 ----D---- C:\Windows\rescache
2021-03-12 18:16:18 ----D---- C:\Program Files\Common Files\microsoft shared
2021-03-11 23:58:59 ----RD---- C:\Windows\ToastData
2021-03-11 23:58:58 ----D---- C:\Program Files\Internet Explorer
2021-03-11 23:58:58 ----D---- C:\Program Files (x86)\Internet Explorer
2021-03-11 23:58:57 ----D---- C:\Windows\SYSWOW64\setup
2021-03-11 23:58:55 ----D---- C:\Windows\system32\wbem
2021-03-11 23:58:55 ----D---- C:\Windows\system32\drivers
2021-03-11 23:58:54 ----D---- C:\Windows\system32\setup
2021-03-11 19:09:45 ----SD---- C:\Users\hp\AppData\Roaming\Microsoft
2021-03-11 11:13:36 ----D---- C:\Windows\CbsTemp
2021-03-10 14:43:26 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2021-03-10 10:24:10 ----D---- C:\Windows\system32\MRT
2021-03-10 10:17:11 ----AC---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fsbts;fsbts; C:\Windows\system32\drivers\fsbts.sys [2020-12-12 58752]
R1 dtsoftbus01;@oem12.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2017-05-04 254528]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
R1 RawDisk3;RawDisk3; \??\C:\Windows\system32\drivers\rawdsk3.sys [2014-04-29 31040]
R2 fsnif2;fsnif2; \??\C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif2\1614076011\nif2s64.sys [2021-02-23 177672]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-02-17 21527568]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-02-17 493592]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\Windows\system32\drivers\BthA2DP.sys [2015-01-30 132608]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2019-08-04 53248]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\Windows\system32\DRIVERS\BthHfAud.sys [2014-10-08 32768]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2019-05-03 81920]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsulgk.sys [2021-04-06 361448]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\Windows\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2015-01-30 167424]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-11-20 551936]
R3 VClone;VClone; C:\Windows\System32\drivers\VClone.sys [2014-05-03 34816]
S3 ardrv;ardrv; \??\C:\Users\hp\AppData\Local\Temp\ardrv.sys [2018-12-14 17224]
S3 AtiDCM;AtiDCM; \??\C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys [2014-03-13 28416]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2021-01-05 1209856]
S3 dg_ssudbus;@oem5.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 htcnprot;@oem13.inf,%NDISPROT_Desc%;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2013-10-17 36928]
S3 HtcVCom32;@oem16.inf,%OEMSerialPortName00%;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV64.sys [2010-03-09 121800]
S3 Netaapl;@oem26.inf,%Netaapl.Service.DispName%;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl64.sys [2020-05-06 23040]
S3 ssudmdm;@oem8.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2015-04-25 20992]
S3 USBAAPL64;@oem25.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2020-05-06 54784]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
S3 WDC_SAM;@oem21.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2018-02-26 35584]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-08-16 159936]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-01-25 169672]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-02-17 305176]
R2 AnyDesk;AnyDesk Service; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [2021-03-08 3743464]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2020-09-24 96056]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2021-03-29 8788368]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 fshoster;F-Secure Hoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [2020-11-03 244096]
R2 fsnethoster;F-Secure Hoster (Restricted); C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [2020-11-03 244096]
R2 fsulhoster;F-Secure Ultralight Hoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fshoster64.exe [2021-04-06 623744]
R2 fsulnethoster;F-Secure Ultralight Network Hoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fshoster64.exe [2021-04-06 623744]
R2 fsulorsp;F-Secure Ultralight ORSP Client; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsorsp64.exe [2021-04-06 101248]
R2 fsulprothoster;F-Secure Ultralight Protected Hoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsulprothoster.exe [2021-04-06 623744]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2016-09-20 87368]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 ScsiAccess;ScsiAccess; C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe [2016-10-11 181312]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-11-20 339456]
R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-09-25 282112]
R3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2020-10-16 672056]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-06 224152]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-24 153168]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-06-01 317400]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-06 224152]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GameforgeClientService;Gameforge Client Service; C:\Program Files (x86)\GameforgeClient\gfservice.exe [2021-01-29 568480]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\elevation_service.exe [2021-03-29 1509488]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-24 153168]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.68\elevation_service.exe [2021-04-01 1559952]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2021-03-23 242672]

-----------------EOF-----------------

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-08.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-10-2021
# Duration: 00:00:54
# OS: Windows 8.1
# Scanned: 31988
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-04-2021
Ran by hp (administrator) on HP-PC (Hewlett-Packard 500-202ec) (10-04-2021 16:07:26)
Running from C:\Users\hp\Desktop
Loaded Profiles: hp
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Facebook, Inc. -> Facebook) C:\Users\hp\AppData\Local\Facebook\Games\FacebookGameroom.exe
(Facebook, Inc. -> The CefSharp Authors) C:\Users\hp\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe <26>
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fshoster64.exe <2>
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsorsp64.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\FsPisces.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsulprothoster.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <6>
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(upjers GmbH -> upjers GmbH) C:\Users\hp\AppData\Local\Programs\upjers-playground2\upjers Home.exe <6>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2012-08-22] (Integrated Device Technology Inc. -> Hewlett-Packard) [File not signed]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.) [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-10-16] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [100580600 2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\Run: [Flvto Youtube Downloader] => "C:\Users\hp\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.Redesign.exe" /minimize
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\hp\AppData\Local\Microsoft\Teams\Update.exe [2453728 2021-04-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\...\MountPoints2: {1e9cd87f-84d2-11e8-829c-9cb654edfc7c} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\autorun.exe /auto
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\...\MountPoints2: {710ee6b9-6471-11e6-824f-806e6f6e6963} - "F:\START.EXE"
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\...\MountPoints2: {e851f3e4-0fa0-11e7-8268-9cb654edfc7c} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\autorun.exe /auto
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\...\MountPoints2: {e851fa7b-0fa0-11e7-8268-9cb654edfc7c} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\autorun.exe /auto
HKU\S-1-5-21-3921397407-2631415318-3197205120-1003\...\MountPoints2: {2dd72f34-a7e0-11e6-8260-9cb654edfc7c} - "G:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-3921397407-2631415318-3197205120-1004\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Dáda\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-20] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3921397407-2631415318-3197205120-1005\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Týna\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-11-04] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP190 series: C:\Windows\system32\CNMLM9I.DLL [279040 2008-02-25] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-01] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-09-04]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-05-06]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\hp\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
Startup: C:\Users\Kristýna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-08-13]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\hp\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
Startup: C:\Users\Týna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-05-13]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\hp\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
Startup: C:\Users\Týna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-01-31]
ShortcutTarget: MEGAsync.lnk -> C:\Users\hp\AppData\Local\MEGAsync\MEGAsync.exe (No File)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2C9634F6-EF84-42FD-968D-2D8FFDB7CDB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-24] (Google Inc -> Google Inc.)
Task: {38049093-848F-484A-B596-91122766BC91} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {46418CC2-AD3E-42C8-B61A-A0EDD96B3054} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {5962DDD7-C251-47F5-A41F-D3B086A94BEA} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3921397407-2631415318-3197205120-1005 => C:\Users\hp\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {5FDDE5A0-374C-49FA-A449-67D08C474337} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3921397407-2631415318-3197205120-1004 => {201600d8-6eff-48ce-b842-e14d37a0682d} C:\Windows\System32\wpninprc.dll [62464 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {606EBC9B-838D-4DC9-A1A3-176EBD4E96B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255104 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {61CB0EAF-BCB5-4FFC-A049-A0806844431D} - System32\Tasks\{8BC24110-F064-4E3E-8B43-F7F2B365943D} => "c:\program files (x86)\mozilla firefox\firefox.exe" https://ui.skype.com/ui/0/7.39.0.102/cs ... rogressBar
Task: {745DDD41-0C2F-4B35-9790-C9F43AEE81DC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {7A874B00-1D28-4469-8F38-E329063F23AF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {90E5C152-EED6-4CE2-9402-F22F873CD65A} - System32\Tasks\{3CF151D6-0E18-49D7-BEE3-EE58DB9E3999} => "c:\program files (x86)\mozilla firefox\firefox.exe" https://ui.skype.com/ui/0/7.36.0.101/cs ... rogressBar
Task: {98B5F1B2-C300-4E62-B712-4A5CCEC70160} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-24] (Google Inc -> Google Inc.)
Task: {9B233D7B-8809-48EA-B0E0-788AB09DB569} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255104 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1C1CF50-EC61-4A45-A2C9-7CEF3EB91909} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1498032 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {AED4E2C5-2A93-4EFB-A79A-ADBF421E969A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9C16742-5794-4F66-BA5E-160146F69A1B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5445726-1F50-4E47-9C2E-246288D0A26D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFBF869F-0903-4936-BD94-A5DF0302461A} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {FA0E4834-8054-41E0-BC94-C190B8B9A179} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\F-Secure\SAFE\fs_hotfix.exe [308608 2020-11-03] (F-Secure Corporation -> F-Secure Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3E1BC311-A25A-499A-85BF-A0ADD9BED33F}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\hp\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-22]
Edge Extension: (Browsing Protection by F-Secure) - C:\Users\hp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2021-02-22]
Edge HKLM\...\Edge\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
Edge HKLM-x32\...\Edge\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]

FireFox:
========
FF DefaultProfile: fag465m9.default
FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\fag465m9.default [2021-04-10]
FF DownloadDir: C:\Users\hp\Desktop
FF Homepage: Mozilla\Firefox\Profiles\fag465m9.default -> hxxp://seznam.cz/
FF Extension: (YouTube™ Flash® Player) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\fag465m9.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2017-12-04]
FF Extension: (YouTube High Definition) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\fag465m9.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2021-02-03]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\hp\AppData\Roaming\mozilla\plugins\npPxPlay.dll [2016-10-11]

Chrome:
=======
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default [2021-04-10]
CHR Extension: (Prezentace) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Dokumenty) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Disk Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-24]
CHR Extension: (Tabulky) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-18]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2020-10-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]
CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-18]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743464 2021-03-08] (philandro Software GmbH -> philandro Software GmbH)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
R2 fshoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [244096 2020-11-03] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [244096 2020-11-03] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fshoster64.exe [623744 2021-04-06] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulnethoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fshoster64.exe [623744 2021-04-06] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulorsp; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsorsp64.exe [101248 2021-04-06] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsulprothoster.exe [623744 2021-04-06] (F-Secure Corporation -> F-Secure Corporation)
S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [568480 2021-01-29] (Gameforge 4D GmbH -> )
S2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2016-09-20] (Nero AG -> Nero AG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe [181312 2016-10-11] () [File not signed]
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ardrv; C:\Users\hp\AppData\Local\Temp\ardrv.sys [17224 2018-12-14] (OPSWAT, Inc. -> OPSWAT, Inc.) <==== ATTENTION
S3 AtiDCM; C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys [28416 2014-03-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [254528 2017-05-04] (DT Soft Ltd -> DT Soft Ltd)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsulgk.sys [361448 2021-04-06] (F-Secure Corporation -> F-Secure Corporation)
R0 fsbts; C:\Windows\System32\drivers\fsbts.sys [58752 2020-12-12] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnif2; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif2\1614076011\nif2s64.sys [177672 2021-02-23] (F-Secure Corporation -> F-Secure Corporation)
S3 htcnprot; C:\Windows\system32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [31040 2014-04-29] (IPTS Alisa, OOO -> EldoS Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [551936 2013-11-20] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-10 16:07 - 2021-04-10 16:08 - 000022499 _____ C:\Users\hp\Desktop\FRST.txt
2021-04-10 16:06 - 2021-04-10 16:08 - 000000000 ____D C:\FRST
2021-04-10 16:04 - 2021-04-10 16:04 - 002297856 _____ (Farbar) C:\Users\hp\Desktop\FRST64.exe
2021-04-10 13:46 - 2021-04-10 13:46 - 000710580 _____ C:\Users\hp\Desktop\Lebensmittelhygiene 2021_Zertifikat Lebensmittelhygiene 2021.pdf
2021-04-10 10:24 - 2021-04-10 10:29 - 000000000 ____D C:\AdwCleaner
2021-04-10 10:23 - 2021-04-10 10:23 - 008534696 _____ (Malwarebytes) C:\Users\hp\Desktop\adwcleaner_8.2.exe
2021-04-09 18:03 - 2021-04-09 18:03 - 000000000 ____D C:\rsit
2021-04-09 18:03 - 2021-04-09 18:03 - 000000000 ____D C:\Program Files\trend micro
2021-04-09 18:02 - 2021-04-09 18:02 - 001222144 _____ C:\Users\hp\Desktop\RSITx64.exe
2021-04-09 10:24 - 2021-04-09 10:24 - 000041555 _____ C:\Users\hp\Desktop\document.pdf
2021-04-08 10:37 - 2021-04-08 10:37 - 000221139 _____ C:\Users\hp\Desktop\CCI0842021.pdf
2021-04-08 10:34 - 2021-04-08 10:34 - 000686342 _____ C:\Users\hp\Desktop\Testergebnis 4.4.2021.pdf
2021-04-08 09:28 - 2021-04-08 09:28 - 000310642 _____ C:\Users\hp\Desktop\dokument-126578343.pdf
2021-04-05 22:49 - 2021-04-09 10:29 - 000000000 ____D C:\Users\hp\Desktop\Nová složka
2021-03-27 10:29 - 2021-04-07 09:48 - 000000000 ____D C:\Users\hp\Desktop\Formulář pro opuštění okresu
2021-03-26 19:50 - 2021-03-28 00:22 - 000011599 _____ C:\Users\hp\Desktop\kšefty.xlsx
2021-03-23 22:55 - 2021-03-23 22:55 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-03-23 21:04 - 2021-04-10 10:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-19 11:51 - 2021-03-19 11:51 - 000012317 _____ C:\Users\Týna\Desktop\maturita-cestina-didakticky-test-zaznamovy-arch-2016-jaro.pdf
2021-03-19 11:49 - 2021-03-19 11:49 - 000000000 ____D C:\Users\Týna\AppData\Roaming\ControlCenter4
2021-03-11 09:26 - 2021-02-13 04:26 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-03-11 09:26 - 2021-02-13 04:12 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-03-11 09:25 - 2021-02-13 04:47 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2021-03-11 09:25 - 2021-02-13 04:24 - 000073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-10 16:07 - 2019-02-06 10:43 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-10 16:07 - 2016-11-17 17:35 - 000000000 ____D C:\Users\hp\AppData\LocalLow\Mozilla
2021-04-10 16:05 - 2019-05-22 20:28 - 000000000 ____D C:\Users\hp\AppData\Roaming\upjers-playground2
2021-04-10 11:06 - 2016-08-19 08:51 - 000000000 ___DO C:\Users\hp\OneDrive
2021-04-10 11:06 - 2016-08-17 14:05 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3921397407-2631415318-3197205120-1001
2021-04-10 10:47 - 2014-03-18 17:33 - 001739092 _____ C:\Windows\system32\PerfStringBackup.INI
2021-04-10 10:47 - 2014-03-18 16:54 - 000733268 _____ C:\Windows\system32\perfh005.dat
2021-04-10 10:47 - 2014-03-18 16:54 - 000148614 _____ C:\Windows\system32\perfc005.dat
2021-04-10 10:47 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2021-04-10 10:43 - 2016-12-25 21:55 - 000000000 ____D C:\Users\hp\AppData\Local\HTC MediaHub
2021-04-10 10:42 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-04-10 10:40 - 2016-08-17 16:28 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-04-10 10:40 - 2013-08-22 15:25 - 001310720 ___SH C:\Windows\system32\config\BBI
2021-04-10 10:36 - 2016-11-17 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-10 10:33 - 2020-01-04 12:01 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2021-04-10 10:31 - 2020-07-06 10:17 - 000002241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-10 10:23 - 2016-08-17 14:03 - 000003946 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{FE27802C-E301-419F-B6F7-DD932E6659EB}
2021-04-09 21:56 - 2016-08-19 20:13 - 000029848 _____ C:\Users\hp\Desktop\Capi továrny.xlsx
2021-04-09 21:32 - 2021-02-22 21:22 - 000030516 _____ C:\Users\hp\Desktop\C.xlsx
2021-04-09 18:03 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-09 18:01 - 2020-11-02 12:28 - 000000000 ____D C:\Program Files\Microsoft Office
2021-04-09 10:32 - 2018-12-21 17:42 - 000000000 ____D C:\Users\hp\AppData\Local\CrashDumps
2021-04-09 10:25 - 2016-08-17 13:59 - 000000000 ____D C:\Users\hp\AppData\Local\Packages
2021-04-09 10:02 - 2018-12-01 22:47 - 000000000 ___RD C:\Users\Týna\OneDrive
2021-04-08 13:45 - 2018-12-08 11:21 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3921397407-2631415318-3197205120-1005
2021-04-08 13:35 - 2020-11-02 12:42 - 000003166 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3921397407-2631415318-3197205120-1005
2021-04-08 13:35 - 2020-11-02 12:42 - 000002297 _____ C:\Users\Týna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2021-04-08 08:17 - 2021-02-21 19:44 - 000000000 ____D C:\Users\hp\Desktop\Einreiseanmeldungen
2021-04-08 07:03 - 2020-07-06 10:17 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-08 07:03 - 2020-07-06 10:17 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-07 15:49 - 2016-10-12 22:02 - 000000000 ____D C:\Users\hp\AppData\Roaming\vlc
2021-04-07 10:18 - 2020-11-03 08:54 - 000002288 _____ C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-04-07 10:18 - 2020-11-03 08:54 - 000002280 _____ C:\Users\hp\Desktop\Microsoft Teams.lnk
2021-04-02 20:45 - 2016-08-19 08:59 - 000000000 ____D C:\Users\hp\Desktop\Dokumenty
2021-04-01 11:03 - 2017-07-24 17:31 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-25 15:46 - 2020-02-02 15:04 - 000003954 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{81B1C48C-D8AD-45EC-8E79-F2FAB85A011D}
2021-03-23 23:59 - 2020-05-22 11:45 - 000000000 ____D C:\Users\hp\Desktop\Uptasia
2021-03-23 22:55 - 2016-08-18 16:47 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-21 22:19 - 2020-04-27 19:50 - 000000000 ____D C:\Users\hp\Desktop\Sken
2021-03-19 18:20 - 2020-06-12 20:35 - 000000000 ____D C:\Users\hp\AppData\Roaming\Disc-Soft
2021-03-19 18:20 - 2020-06-12 20:34 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-03-19 18:19 - 2016-09-13 11:51 - 000000000 ____D C:\Users\hp\AppData\Roaming\Canon
2021-03-16 08:38 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-16 08:38 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2021-03-16 08:30 - 2016-11-19 19:06 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3921397407-2631415318-3197205120-1004
2021-03-16 08:29 - 2016-11-19 19:02 - 000003954 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{082B1CEA-011E-407D-BC94-120E222088B1}
2021-03-13 17:01 - 2016-08-17 14:05 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-12 20:25 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2021-03-12 18:16 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-12 09:12 - 2013-08-22 16:44 - 000722128 _____ C:\Windows\system32\FNTCACHE.DAT
2021-03-11 23:58 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2021-03-11 23:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-03-11 23:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\setup
2021-03-11 11:13 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp

==================== Files in the root of some directories ========

2019-11-29 22:56 - 2020-01-05 11:14 - 000004749 _____ () C:\Users\hp\AppData\Roaming\downloads.json

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-04-09 08:54
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-04-2021
Ran by hp (10-04-2021 16:11:21)
Running from C:\Users\hp\Desktop
Windows 8.1 (Update) (X64) (2016-08-17 11:59:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3921397407-2631415318-3197205120-500 - Administrator - Disabled)
Dáda (S-1-5-21-3921397407-2631415318-3197205120-1004 - Limited - Enabled) => C:\Users\Dáda
Guest (S-1-5-21-3921397407-2631415318-3197205120-501 - Limited - Disabled)
Honza (S-1-5-21-3921397407-2631415318-3197205120-1006 - Limited - Enabled) => C:\Users\Honza
hp (S-1-5-21-3921397407-2631415318-3197205120-1001 - Administrator - Enabled) => C:\Users\hp
Kristýna (S-1-5-21-3921397407-2631415318-3197205120-1002 - Administrator - Enabled) => C:\Users\Kristýna
Martin (S-1-5-21-3921397407-2631415318-3197205120-1003 - Administrator - Enabled) => C:\Users\Martin
Týna (S-1-5-21-3921397407-2631415318-3197205120-1005 - Limited - Enabled) => C:\Users\Týna

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: F-Secure SAFE (Enabled - Up to date) {01EEC97C-28E5-34E7-6F5F-47CED8192856}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: F-Secure SAFE (Enabled - Up to date) {BA8F2898-0EDF-3B69-55EF-7CBCA39E62EB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.2.3 - philandro Software GmbH)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Ashampoo Burning Studio 2017 (HKLM-x32\...\{91B33C97-C878-6579-69BA-23E5405C7AAB}_is1) (Version: 18.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 3.03 (HKLM-x32\...\Ashampoo Photo Optimizer 3_is1) (Version: 3.0.3 - ashampoo GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-1610W series (HKLM-x32\...\{75E38F04-1BAF-4054-A059-57F831688943}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
CDRoller version 10.60 (HKLM-x32\...\CDRoller_is1) (Version: 10.60 - Digital Atlantic Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Facebook Gameroom 1.21.6697.19829 (HKLM-x32\...\{7BE2211B-F86C-40CA-A6CC-69564D9BD5E2}) (Version: 1.21.6697.19829 - Facebook)
Facebook Gameroom 1.23.7426.18586 (HKLM-x32\...\{58E3FB73-8B88-4807-A803-79B5ADA0136F}) (Version: 1.23.7426.18586 - Facebook)
FastStone Image Viewer 5.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.7 - FastStone Soft)
F-Secure SAFE (HKLM-x32\...\{46B8A013-32EE-4158-A401-E25B63FE5D28}) (Version: 17.9 - F-Secure Corporation)
Gameforge Client (HKLM-x32\...\{d3b2a0c1-f0d0-4888-ae0b-1c5e1febdafb}_is1) (Version: 2.1.22.784 - Gameforge)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.77.0 - HTC)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6482.0 - IDT)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{6B5E1BB0-7219-47AC-AA8C-9C2C9950E1E5}) (Version: 12.10.10.2 - Apple Inc.)
K-Lite Codec Pack (64-bit) v3.6.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 3.6.0 - )
Krvavá Kassandra - Sběratelská edice (HKLM-x32\...\{Krvava Kassandra - Sberatelska edice}_is1) (Version: - Spidla Data Processing, s.r.o.)
LibreOffice 6.3.5.2 (HKLM\...\{9FEFBA80-8687-4AC1-83F7-3CD3E9BAF275}) (Version: 6.3.5.2 - The Document Foundation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.75 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3921397407-2631415318-3197205120-1005\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\Teams) (Version: 1.4.00.8872 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3921397407-2631415318-3197205120-1004\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3921397407-2631415318-3197205120-1005\...\Teams) (Version: 1.3.00.21759 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Firefox 87.0 (x64 cs) (HKLM\...\Mozilla Firefox 87.0 (x64 cs)) (Version: 87.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2 - Mozilla)
NosTale (HKLM-x32\...\{dd4e22d6-00d1-44b9-8126-d8b40e0cd7c9}) (Version: - Gameforge)
NosTale cs-CZ (HKLM-x32\...\{dd4e22d6-00d1-44b9-8126-d8b40e0cd7c9.cs-CZ}) (Version: - Gameforge)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Prázdnota (HKLM-x32\...\{Prazdnota}_is1) (Version: - Spidla Data Processing, s.r.o.)
ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - )
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Scooby-Doo(TM), Case File #2 The Scary Stone Dragon (HKLM-x32\...\Scooby-Doo(TM), Case File #2 The Scary Stone Dragon) (Version: - )
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Tajemství šesti moří (HKLM-x32\...\{Tajemstvi sesti mori}_is1) (Version: - Spidla Data Processing, s.r.o.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
upjers Home 2.1.62 (HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\{e2446448-09eb-5b1b-84b1-6746557362e3}) (Version: 2.1.62 - upjers GmbH)
upjers Playground 2.0.98 (HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\e2446448-09eb-5b1b-84b1-6746557362e3) (Version: 2.0.98 - upjers GmbH)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Záchvěv - Ztracená stopařka v1.0 (HKLM-x32\...\{Zachvev - Ztracena stoparka}_is1) (Version: - Špidla Data Processing, s.r.o.)
Zloději duší v1.0 (HKLM-x32\...\{Zlodeji dusi}_is1) (Version: - Špidla Data Processing, s.r.o.)

Packages:
=========
2020: My Country -> C:\Program Files\WindowsApps\0EB8BD08.2020MyCountry_2.9.0.389_x86__erk4rrwmt7jyt [2018-11-29] (GAME INSIGHT GLOBAL LIMITED)
Člověče, nezlob se! Lite -> C:\Program Files\WindowsApps\b-interaktiveGmbH.DontgetangryFREE_1.3.0.11_x64__qbsg90x8tpqqt [2018-05-01] (b-interaktive GmbH) [MS Ad]
Happy Chef -> C:\Program Files\WindowsApps\Nordcurrent.HappyChef_1.0.0.5_x86__m9bz608c1b9ra [2017-09-01] (Nordcurrent)
Hidden City®: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.16.1700.0_x86__ytsefhwckbdv6 [2018-11-29] (G5 Entertainment AB)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-03-18] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
Kids' Puzzles -> C:\Program Files\WindowsApps\AboutFun.KidsPuzzles_1.5.0.0_neutral__3bmcbs85sh38e [2016-08-19] (About Fun)
Krtkova skládačka -> C:\Program Files\WindowsApps\SiliconJelly.LittleMolesPuzzle_1.1.0.0_x86__6v809z49xp5gp [2016-08-19] (Silicon Jelly s.r.o.)
Magic Jigsaw Puzzles -> C:\Program Files\WindowsApps\XIMADINC.MAGICPUZZLES_3.11.6.0_x64__np8fj6akx2czy [2021-03-12] (ZiMAD) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_1.9.1911.0_x86__8wekyb3d8bbwe [2019-12-19] (Microsoft Studios) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2019-02-02] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2018-07-27] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
Pexeso pro děti -> C:\Program Files\WindowsApps\AboutFun.KidsPuzzlesMemoryGame_1.0.0.4_neutral__3bmcbs85sh38e [2016-08-19] (About Fun)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2016-08-18] (Skype) [MS Ad]
Spider Solitaire ! -> C:\Program Files\WindowsApps\41544BlastOffGames.SpiderSolitaire_1.0.0.15_neutral__qy5fmezmgqez0 [2021-03-14] (Blast Off Games Solitaire Tetris Flappy Bird) [MS Ad]
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2018-10-25] (Microsoft Studios) [MS Ad]
TESTFRAMEWORKABO2 -> C:\Program Files\WindowsApps\40538vasetest101.TESTFRAMEWORKABO2_12.0.21005.1_x64__ssm1v0s3df7zc [2019-03-16] (vasetest101)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3921397407-2631415318-3197205120-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3921397407-2631415318-3197205120-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [F-Secure DataGuard Icon Overlay] -> {CA789262-D278-40F7-AC12-19C0395F9DD9} => C:\Program Files (x86)\F-Secure\SAFE\FsShellExtension64.dll [2020-11-03] (F-Secure Corporation -> F-Secure Corporation)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [136704 2010-06-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-05-01 10:23 - 2020-05-01 10:23 - 000774656 _____ () [File not signed] [File is in use] C:\Users\hp\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 001184256 _____ () [File not signed] [File is in use] C:\Users\hp\AppData\Local\Facebook\Games\CefSharp.Core.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 071641088 _____ () [File not signed] C:\Users\hp\AppData\Local\Facebook\Games\libcef.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 000078848 _____ () [File not signed] C:\Users\hp\AppData\Local\Facebook\Games\libegl.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 003149824 _____ () [File not signed] C:\Users\hp\AppData\Local\Facebook\Games\libglesv2.dll
2020-07-14 22:58 - 2020-07-14 09:24 - 002128896 _____ () [File not signed] C:\Users\hp\AppData\Local\Programs\upjers-playground2\ffmpeg.dll
2020-07-14 22:58 - 2020-07-14 09:24 - 000141824 _____ () [File not signed] C:\Users\hp\AppData\Local\Programs\upjers-playground2\libegl.dll
2020-07-14 22:58 - 2020-07-14 09:24 - 007731200 _____ () [File not signed] C:\Users\hp\AppData\Local\Programs\upjers-playground2\libglesv2.dll
2016-09-13 11:16 - 2008-02-25 20:00 - 000279040 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMLM9I.DLL
2020-05-01 10:23 - 2020-05-01 10:23 - 000433664 _____ (The Chromium Authors) [File not signed] C:\Users\hp\AppData\Local\Facebook\Games\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:gs5sys [3072]
AlternateDataStreams: C:\Users\All Users:gs5sys [3072]
AlternateDataStreams: C:\Users\Dáda:gs5sys [3074]
AlternateDataStreams: C:\Users\hp:gs5sys [2560]
AlternateDataStreams: C:\Users\Týna:gs5sys [3074]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [3072]
AlternateDataStreams: C:\ProgramData\Data aplikací:gs5sys [3072]
AlternateDataStreams: C:\ProgramData\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Dáda\Data aplikací:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\Local Settings:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\Soubory cookie:gs5sys [2048]
AlternateDataStreams: C:\Users\Dáda\Šablony:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\AppData\Local\Data aplikací:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\Documents\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\hp\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\Local Settings:gs5sys [2304]
AlternateDataStreams: C:\Users\hp\Soubory cookie:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\Šablony:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\Desktop\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\AppData\Local:gs5sys [2304]
AlternateDataStreams: C:\Users\hp\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\AppData\Local\Data aplikací:gs5sys [2304]
AlternateDataStreams: C:\Users\hp\AppData\Local\History:gs5sys [2304]
AlternateDataStreams: C:\Users\hp\Documents\desktop.ini:gs5sys [2304]
AlternateDataStreams: C:\Users\Týna\Data aplikací:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\Local Settings:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\Soubory cookie:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\Šablony:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\AppData\Local\Data aplikací:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\Documents\desktop.ini:gs5sys [3074]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
HKU\S-1-5-21-3921397407-2631415318-3197205120-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.msn.com/?OCID=IE11FREDHP&PC=UF01
HKU\S-1-5-21-3921397407-2631415318-3197205120-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxps://www.msn.com/cs-cz/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\Ultralight\http\1617091255\browser\fs_ie_https\fs_ie_https64.dll [2021-03-30] (F-Secure Corporation -> F-Secure Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\Ultralight\http\1617091255\browser\fs_ie_https\fs_ie_https.dll [2021-03-30] (F-Secure Corporation -> F-Secure Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2018-11-15 19:53 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Kristýna\Desktop\6b82acef054a3494cc28dda3372c28ca956a9bcb_hq.jpg
HKU\S-1-5-21-3921397407-2631415318-3197205120-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3921397407-2631415318-3197205120-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3921397407-2631415318-3197205120-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3921397407-2631415318-3197205120-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

Network Binding:
=============
Síť Ethernet: HTC NDIS Protocol Driver -> ms_ndisprot (enabled)
Síťové připojení Bluetooth 2: HTC NDIS Protocol Driver -> ms_ndisprot (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B29C2BD4-8F80-4DF9-BAE8-F485B5BFE171}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5BD88E11-C6B0-4BAE-94C8-CBE056C4F582}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{09A460E3-DB0C-41F1-A37E-31759B83CE4F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{D0A05147-DE7A-4683-9D67-E232C7AFDB50}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{2A592CCF-B699-4C35-A9B5-11F7170FD095}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{862DC9D8-2975-48F2-B819-59B0C2E96E02}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D385A94-324A-470E-8099-65DC4A980E73}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe (Nero AG -> )
FirewallRules: [{D16B523A-2106-4F44-AFC3-64B2DF553A2F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe => No File
FirewallRules: [{69721B4D-4AB0-41A0-9637-BBF4B8B02FD5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe => No File
FirewallRules: [TCP Query User{CF95D89D-C5B3-4A06-B3DA-5DCA5C087BCF}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [UDP Query User{A60F7BC3-B493-46E4-8591-AF8314870BCC}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [{994CBD9A-5F24-42EA-9755-8399779B5E57}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A031FA04-8B22-41E8-A672-839D6B07B6FB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{13612E65-7774-4466-9A1E-538D294BD439}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{074076B5-6881-4DD6-8431-0AA567C7A212}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22079042-28EB-4524-8976-1D31B731519F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{903B7BB2-A0F0-404F-9685-94CC081F178A}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe (Apowersoft Ltd.) [File not signed]
FirewallRules: [{B4B5B911-B111-409E-9651-5B8A0903CC08}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe (Apowersoft Ltd.) [File not signed]
FirewallRules: [{9544F145-EDA4-44C4-938A-7BBAA9D5F6AF}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{2AFE3AF3-EDD9-4343-8D1E-870A2C76FC63}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{8174C7AE-05FA-4E65-97D8-AA71BE43EE95}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{88A29561-FD36-4D81-A765-D0E3C87C68B0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B28DEB3D-C663-48B3-9EB2-5DA860C51EEB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7B0E6AD7-C3EE-442D-B110-EDBBE85F4D73}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{438B6A4C-A889-48F6-A45C-0C2E8A1758CC}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{9B676265-C13B-4CAC-8BFE-B9A330F0FD95}C:\users\hp\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\hp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B2E70E01-C3EA-4FDD-AD29-83E9F438580E}C:\users\hp\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\hp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDF630BD-3447-466E-AF7F-38FF4865E193}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B7EB5888-527B-4419-B0E8-23EC5806E00A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4FA1CF43-AAC6-4A1B-A47E-0A3A98679952}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{D9E32529-F775-43A4-B49E-D33E9D21F6D9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{3083C9D4-1E29-4D03-83E8-111464AC5932}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{F7D60A69-60F9-4540-906B-A0FE915B65CA}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{56C3EAAD-57F4-422A-8E9E-C5E8275397FF}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{289A93DC-5828-47F0-A7B3-41E9EE9C36B0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

==================== Restore Points =========================

26-03-2021 09:51:39 Naplánovaný kontrolní bod
02-04-2021 10:46:00 Naplánovaný kontrolní bod
10-04-2021 11:07:03 Windows Update

==================== Faulty Device Manager Devices ============

Name: DAEMON Tools Lite Virtual USB Bus
Description: DAEMON Tools Lite Virtual USB Bus
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Disc Soft Ltd
Service: dtliteusbbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: DAEMON Tools Lite Virtual SCSI Bus
Description: DAEMON Tools Lite Virtual SCSI Bus
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Disc Soft Ltd
Service: dtlitescsibus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/10/2021 10:20:45 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (04/09/2021 11:28:41 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (04/09/2021 11:28:41 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (04/09/2021 11:28:41 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (04/09/2021 11:28:41 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (04/09/2021 11:28:37 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (04/09/2021 05:58:29 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (04/09/2021 04:09:21 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed


System errors:
=============
Error: (04/10/2021 02:00:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070103): Advanced Micro Devices, Inc driver update for AMD SMBus.

Error: (04/10/2021 11:24:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070103): Advanced Micro Devices, Inc driver update for AMD SMBus.

Error: (04/10/2021 11:14:21 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070103): Advanced Micro Devices, Inc driver update for AMD SMBus.

Error: (04/10/2021 11:08:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070103): Advanced Micro Devices, Inc driver update for AMD SMBus.

Error: (04/10/2021 10:54:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba F-Secure Ultralight Hoster byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (04/10/2021 10:54:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba F-Secure Ultralight Network Hoster byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (04/10/2021 10:54:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (04/10/2021 10:54:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba F-Secure Ultralight Protected Hoster byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2018-09-24 14:25:29.666
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.155.266.0;1.155.266.0
Verze modulu: 1.1.9700.0

==================== Memory info ===========================

BIOS: AMI 80.52 11/11/2014
Motherboard: MSI 2AE0
Processor: AMD A10-5700 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 25%
Total physical RAM: 7349.03 MB
Available physical RAM: 5477.02 MB
Total Virtual: 8821.03 MB
Available Virtual: 6138.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:919.55 GB) (Free:669.61 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:10.44 GB) (Free:10.39 GB) NTFS

\\?\Volume{8d15af40-5d21-4f89-93f2-9c89f599c245}\ (Windows RE tools) (Fixed) (Total:1 GB) (Free:0.73 GB) NTFS
\\?\Volume{e43af091-bafa-40a3-b638-7668b888e7a0}\ (Obnovení) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4F4578C4)

Partition: GPT.

==================== End of Addition.txt =======================

Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Fix result of Farbar Recovery Scan Tool (x64) Version: 10-04-2021
Ran by hp (10-04-2021 21:29:17) Run:1
Running from C:\Users\hp\Desktop
Loaded Profiles: hp & Kristýna & Martin & Dáda & Týna & Honza
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

C:\Users\hp\AppData\Local\Temp\ardrv.sys
C:\Program Files\Bonjour

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-10-16] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\...\MountPoints2: {1e9cd87f-84d2-11e8-829c-9cb654edfc7c} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\autorun.exe /auto
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\...\MountPoints2: {710ee6b9-6471-11e6-824f-806e6f6e6963} - "F:\START.EXE"
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\...\MountPoints2: {e851f3e4-0fa0-11e7-8268-9cb654edfc7c} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\autorun.exe /auto
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\...\MountPoints2: {e851fa7b-0fa0-11e7-8268-9cb654edfc7c} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\autorun.exe /auto
HKU\S-1-5-21-3921397407-2631415318-3197205120-1003\...\MountPoints2: {2dd72f34-a7e0-11e6-8260-9cb654edfc7c} - "G:\HTC_Sync_Manager_PC.exe"
Startup: C:\Users\T�na\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-01-31]
ShortcutTarget: MEGAsync.lnk -> C:\Users\hp\AppData\Local\MEGAsync\MEGAsync.exe (No File)
Task: {98B5F1B2-C300-4E62-B712-4A5CCEC70160} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-24] (Google Inc -> Google Inc.)
S3 ardrv; C:\Users\hp\AppData\Local\Temp\ardrv.sys [17224 2018-12-14] (OPSWAT, Inc. -> OPSWAT, Inc.) <==== ATTENTION
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
CustomCLSID: HKU\S-1-5-21-3921397407-2631415318-3197205120-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\T�na\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\T�na\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\T�na\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\ProgramData:gs5sys [3072]
AlternateDataStreams: C:\Users\All Users:gs5sys [3072]
AlternateDataStreams: C:\Users\D�da:gs5sys [3074]
AlternateDataStreams: C:\Users\hp:gs5sys [2560]
AlternateDataStreams: C:\Users\T�na:gs5sys [3074]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [3072]
AlternateDataStreams: C:\ProgramData\Data aplikac�:gs5sys [3072]
AlternateDataStreams: C:\ProgramData\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\D�da\Data aplikac�:gs5sys [3074]
AlternateDataStreams: C:\Users\D�da\Local Settings:gs5sys [3074]
AlternateDataStreams: C:\Users\D�da\Soubory cookie:gs5sys [2048]
AlternateDataStreams: C:\Users\D�da\�ablony:gs5sys [3074]
AlternateDataStreams: C:\Users\D�da\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\D�da\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\D�da\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\D�da\AppData\Local\Data aplikac�:gs5sys [3074]
AlternateDataStreams: C:\Users\D�da\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\D�da\Documents\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\hp\Data aplikac�:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\Local Settings:gs5sys [2304]
AlternateDataStreams: C:\Users\hp\Soubory cookie:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\�ablony:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\Desktop\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\AppData\Local:gs5sys [2304]
AlternateDataStreams: C:\Users\hp\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\AppData\Local\Data aplikac�:gs5sys [2304]
AlternateDataStreams: C:\Users\hp\AppData\Local\History:gs5sys [2304]
AlternateDataStreams: C:\Users\hp\Documents\desktop.ini:gs5sys [2304]
AlternateDataStreams: C:\Users\T�na\Data aplikac�:gs5sys [3074]
AlternateDataStreams: C:\Users\T�na\Local Settings:gs5sys [3074]
AlternateDataStreams: C:\Users\T�na\Soubory cookie:gs5sys [3074]
AlternateDataStreams: C:\Users\T�na\�ablony:gs5sys [3074]
AlternateDataStreams: C:\Users\T�na\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\T�na\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\T�na\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\T�na\AppData\Local\Data aplikac�:gs5sys [3074]
AlternateDataStreams: C:\Users\T�na\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\T�na\Documents\desktop.ini:gs5sys [3074]
FirewallRules: [{D16B523A-2106-4F44-AFC3-64B2DF553A2F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe => No File
FirewallRules: [{69721B4D-4AB0-41A0-9637-BBF4B8B02FD5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe => No File
FirewallRules: [TCP Query User{CF95D89D-C5B3-4A06-B3DA-5DCA5C087BCF}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [UDP Query User{A60F7BC3-B493-46E4-8591-AF8314870BCC}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [{A031FA04-8B22-41E8-A672-839D6B07B6FB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{13612E65-7774-4466-9A1E-538D294BD439}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{074076B5-6881-4DD6-8431-0AA567C7A212}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22079042-28EB-4524-8976-1D31B731519F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
C:\Users\hp\AppData\Local\Temp\ardrv.sys => moved successfully
C:\Program Files\Bonjour => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper" => removed successfully
"HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\Control Panel\Desktop\\SCRNSAVE.EXE" => removed successfully
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e9cd87f-84d2-11e8-829c-9cb654edfc7c} => removed successfully
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{710ee6b9-6471-11e6-824f-806e6f6e6963} => removed successfully
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e851f3e4-0fa0-11e7-8268-9cb654edfc7c} => removed successfully
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e851fa7b-0fa0-11e7-8268-9cb654edfc7c} => removed successfully
HKU\S-1-5-21-3921397407-2631415318-3197205120-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2dd72f34-a7e0-11e6-8260-9cb654edfc7c} => removed successfully
"C:\Users\T�na\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk" => not found
"C:\Users\hp\AppData\Local\MEGAsync\MEGAsync.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98B5F1B2-C300-4E62-B712-4A5CCEC70160}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98B5F1B2-C300-4E62-B712-4A5CCEC70160}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\System\CurrentControlSet\Services\ardrv => removed successfully
ardrv => service removed successfully
HKLM\System\CurrentControlSet\Services\Bonjour Service => removed successfully
Bonjour Service => service removed successfully
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => subkey with invalid name -> removed successfully
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => subkey with invalid name -> removed successfully
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => subkey with invalid name -> removed successfully
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
C:\ProgramData => ":gs5sys" ADS removed successfully
"C:\Users\All Users" => ":gs5sys" ADS not found.
"C:\Users\D�da" => ":gs5sys" ADS not found.
C:\Users\hp => ":gs5sys" ADS removed successfully
"C:\Users\T�na" => ":gs5sys" ADS not found.
"C:\ProgramData\Application Data" => ":gs5sys" ADS not found.
"C:\ProgramData\Data aplikac�" => ":gs5sys" ADS not found.
C:\ProgramData\Documents\desktop.ini => ":gs5sys" ADS removed successfully
"C:\Users\D�da\Data aplikac�" => ":gs5sys" ADS not found.
"C:\Users\D�da\Local Settings" => ":gs5sys" ADS not found.
"C:\Users\D�da\Soubory cookie" => ":gs5sys" ADS not found.
"C:\Users\D�da\�ablony" => ":gs5sys" ADS not found.
"C:\Users\D�da\Desktop\desktop.ini" => ":gs5sys" ADS not found.
"C:\Users\D�da\AppData\Local" => ":gs5sys" ADS not found.
"C:\Users\D�da\AppData\Roaming" => ":gs5sys" ADS not found.
"C:\Users\D�da\AppData\Local\Data aplikac�" => ":gs5sys" ADS not found.
"C:\Users\D�da\AppData\Local\History" => ":gs5sys" ADS not found.
"C:\Users\D�da\Documents\desktop.ini" => ":gs5sys" ADS not found.
"C:\Users\hp\Data aplikac�" => ":gs5sys" ADS not found.
C:\Users\hp\Local Settings => ":gs5sys" ADS removed successfully
C:\Users\hp\Soubory cookie => ":gs5sys" ADS removed successfully
"C:\Users\hp\�ablony" => ":gs5sys" ADS not found.
C:\Users\hp\Desktop\desktop.ini => ":gs5sys" ADS removed successfully
"C:\Users\hp\AppData\Local" => ":gs5sys" ADS not found.
C:\Users\hp\AppData\Roaming => ":gs5sys" ADS removed successfully
"C:\Users\hp\AppData\Local\Data aplikac�" => ":gs5sys" ADS not found.
C:\Users\hp\AppData\Local\History => ":gs5sys" ADS removed successfully
C:\Users\hp\Documents\desktop.ini => ":gs5sys" ADS removed successfully
"C:\Users\T�na\Data aplikac�" => ":gs5sys" ADS not found.
"C:\Users\T�na\Local Settings" => ":gs5sys" ADS not found.
"C:\Users\T�na\Soubory cookie" => ":gs5sys" ADS not found.
"C:\Users\T�na\�ablony" => ":gs5sys" ADS not found.
"C:\Users\T�na\Desktop\desktop.ini" => ":gs5sys" ADS not found.
"C:\Users\T�na\AppData\Local" => ":gs5sys" ADS not found.
"C:\Users\T�na\AppData\Roaming" => ":gs5sys" ADS not found.
"C:\Users\T�na\AppData\Local\Data aplikac�" => ":gs5sys" ADS not found.
"C:\Users\T�na\AppData\Local\History" => ":gs5sys" ADS not found.
"C:\Users\T�na\Documents\desktop.ini" => ":gs5sys" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D16B523A-2106-4F44-AFC3-64B2DF553A2F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{69721B4D-4AB0-41A0-9637-BBF4B8B02FD5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CF95D89D-C5B3-4A06-B3DA-5DCA5C087BCF}C:\users\hp\desktop\anydesk.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A60F7BC3-B493-46E4-8591-AF8314870BCC}C:\users\hp\desktop\anydesk.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A031FA04-8B22-41E8-A672-839D6B07B6FB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{13612E65-7774-4466-9A1E-538D294BD439}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{074076B5-6881-4DD6-8431-0AA567C7A212}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{22079042-28EB-4524-8976-1D31B731519F}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 61266068 B
Java, Flash, Steam htmlcache => 1901 B
Windows/system/drivers => 287069634 B
Edge => 0 B
Chrome => 287809526 B
Firefox => 24869290 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 3017522 B
NetworkService => 3021292 B
hp => 1857918781 B
Kristýna => 2122426100 B
Martin => 2141285611 B
Dáda => 2239137634 B
Týna => 2687714875 B
Honza => 2688379233 B

RecycleBin => 0 B
EmptyTemp: => 13.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:33:12 ====

Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8 (skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit).
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Fix result of Farbar Recovery Scan Tool (x64) Version: 10-04-2021
Ran by hp (10-04-2021 22:36:23) Run:2
Running from C:\Users\hp\Desktop
Loaded Profiles: hp & Kristýna & Martin & Dáda & Týna & Honza
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

C:\Users\hp\AppData\Local\Temp\ardrv.sys
C:\Program Files\Bonjour

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-10-16] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\...\MountPoints2: {1e9cd87f-84d2-11e8-829c-9cb654edfc7c} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\autorun.exe /auto
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\...\MountPoints2: {710ee6b9-6471-11e6-824f-806e6f6e6963} - "F:\START.EXE"
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\...\MountPoints2: {e851f3e4-0fa0-11e7-8268-9cb654edfc7c} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\autorun.exe /auto
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\...\MountPoints2: {e851fa7b-0fa0-11e7-8268-9cb654edfc7c} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL E:\autorun.exe /auto
HKU\S-1-5-21-3921397407-2631415318-3197205120-1003\...\MountPoints2: {2dd72f34-a7e0-11e6-8260-9cb654edfc7c} - "G:\HTC_Sync_Manager_PC.exe"
Startup: C:\Users\Týna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2019-01-31]
ShortcutTarget: MEGAsync.lnk -> C:\Users\hp\AppData\Local\MEGAsync\MEGAsync.exe (No File)
Task: {98B5F1B2-C300-4E62-B712-4A5CCEC70160} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-24] (Google Inc -> Google Inc.)
S3 ardrv; C:\Users\hp\AppData\Local\Temp\ardrv.sys [17224 2018-12-14] (OPSWAT, Inc. -> OPSWAT, Inc.) <==== ATTENTION
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
CustomCLSID: HKU\S-1-5-21-3921397407-2631415318-3197205120-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20130.1\x64\Microsoft.Teams.AddinLoader.dll => No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\ProgramData:gs5sys [3072]
AlternateDataStreams: C:\Users\All Users:gs5sys [3072]
AlternateDataStreams: C:\Users\Dáda:gs5sys [3074]
AlternateDataStreams: C:\Users\hp:gs5sys [2560]
AlternateDataStreams: C:\Users\Týna:gs5sys [3074]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [3072]
AlternateDataStreams: C:\ProgramData\Data aplikací:gs5sys [3072]
AlternateDataStreams: C:\ProgramData\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Dáda\Data aplikací:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\Local Settings:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\Soubory cookie:gs5sys [2048]
AlternateDataStreams: C:\Users\Dáda\Šablony:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\AppData\Local\Data aplikací:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Dáda\Documents\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\hp\Data aplikací:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\Local Settings:gs5sys [2304]
AlternateDataStreams: C:\Users\hp\Soubory cookie:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\Šablony:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\Desktop\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\AppData\Local:gs5sys [2304]
AlternateDataStreams: C:\Users\hp\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\hp\AppData\Local\Data aplikací:gs5sys [2304]
AlternateDataStreams: C:\Users\hp\AppData\Local\History:gs5sys [2304]
AlternateDataStreams: C:\Users\hp\Documents\desktop.ini:gs5sys [2304]
AlternateDataStreams: C:\Users\Týna\Data aplikací:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\Local Settings:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\Soubory cookie:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\Šablony:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\AppData\Local\Data aplikací:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\AppData\Local\History:gs5sys [3074]
AlternateDataStreams: C:\Users\Týna\Documents\desktop.ini:gs5sys [3074]
FirewallRules: [{D16B523A-2106-4F44-AFC3-64B2DF553A2F}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe => No File
FirewallRules: [{69721B4D-4AB0-41A0-9637-BBF4B8B02FD5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe => No File
FirewallRules: [TCP Query User{CF95D89D-C5B3-4A06-B3DA-5DCA5C087BCF}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [UDP Query User{A60F7BC3-B493-46E4-8591-AF8314870BCC}C:\users\hp\desktop\anydesk.exe] => (Allow) C:\users\hp\desktop\anydesk.exe => No File
FirewallRules: [{A031FA04-8B22-41E8-A672-839D6B07B6FB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{13612E65-7774-4466-9A1E-538D294BD439}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{074076B5-6881-4DD6-8431-0AA567C7A212}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{22079042-28EB-4524-8976-1D31B731519F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)

EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
"C:\Users\hp\AppData\Local\Temp\ardrv.sys" => not found
"C:\Program Files\Bonjour" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper" => not found
"HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\Control Panel\Desktop\\SCRNSAVE.EXE" => not found
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1e9cd87f-84d2-11e8-829c-9cb654edfc7c} => not found
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{710ee6b9-6471-11e6-824f-806e6f6e6963} => not found
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e851f3e4-0fa0-11e7-8268-9cb654edfc7c} => not found
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e851fa7b-0fa0-11e7-8268-9cb654edfc7c} => not found
HKU\S-1-5-21-3921397407-2631415318-3197205120-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2dd72f34-a7e0-11e6-8260-9cb654edfc7c} => not found
C:\Users\Týna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk => moved successfully
"C:\Users\hp\AppData\Local\MEGAsync\MEGAsync.exe" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98B5F1B2-C300-4E62-B712-4A5CCEC70160}" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => not found
ardrv => service not found.
Bonjour Service => service not found.
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => not found
"C:\ProgramData" => ":gs5sys" ADS not found.
"C:\Users\All Users" => ":gs5sys" ADS not found.
C:\Users\Dáda => ":gs5sys" ADS removed successfully
"C:\Users\hp" => ":gs5sys" ADS not found.
C:\Users\Týna => ":gs5sys" ADS removed successfully
"C:\ProgramData\Application Data" => ":gs5sys" ADS not found.
"C:\ProgramData\Data aplikací" => ":gs5sys" ADS not found.
"C:\ProgramData\Documents\desktop.ini" => ":gs5sys" ADS not found.
C:\Users\Dáda\Data aplikací => ":gs5sys" ADS removed successfully
C:\Users\Dáda\Local Settings => ":gs5sys" ADS removed successfully
C:\Users\Dáda\Soubory cookie => ":gs5sys" ADS removed successfully
C:\Users\Dáda\Šablony => ":gs5sys" ADS removed successfully
C:\Users\Dáda\Desktop\desktop.ini => ":gs5sys" ADS removed successfully
"C:\Users\Dáda\AppData\Local" => ":gs5sys" ADS not found.
"C:\Users\Dáda\AppData\Roaming" => ":gs5sys" ADS not found.
"C:\Users\Dáda\AppData\Local\Data aplikací" => ":gs5sys" ADS not found.
C:\Users\Dáda\AppData\Local\History => ":gs5sys" ADS removed successfully
C:\Users\Dáda\Documents\desktop.ini => ":gs5sys" ADS removed successfully
"C:\Users\hp\Data aplikací" => ":gs5sys" ADS not found.
"C:\Users\hp\Local Settings" => ":gs5sys" ADS not found.
"C:\Users\hp\Soubory cookie" => ":gs5sys" ADS not found.
C:\Users\hp\Šablony => ":gs5sys" ADS removed successfully
"C:\Users\hp\Desktop\desktop.ini" => ":gs5sys" ADS not found.
"C:\Users\hp\AppData\Local" => ":gs5sys" ADS not found.
"C:\Users\hp\AppData\Roaming" => ":gs5sys" ADS not found.
"C:\Users\hp\AppData\Local\Data aplikací" => ":gs5sys" ADS not found.
"C:\Users\hp\AppData\Local\History" => ":gs5sys" ADS not found.
"C:\Users\hp\Documents\desktop.ini" => ":gs5sys" ADS not found.
C:\Users\Týna\Data aplikací => ":gs5sys" ADS removed successfully
C:\Users\Týna\Local Settings => ":gs5sys" ADS removed successfully
C:\Users\Týna\Soubory cookie => ":gs5sys" ADS removed successfully
C:\Users\Týna\Šablony => ":gs5sys" ADS removed successfully
C:\Users\Týna\Desktop\desktop.ini => ":gs5sys" ADS removed successfully
"C:\Users\Týna\AppData\Local" => ":gs5sys" ADS not found.
"C:\Users\Týna\AppData\Roaming" => ":gs5sys" ADS not found.
"C:\Users\Týna\AppData\Local\Data aplikací" => ":gs5sys" ADS not found.
C:\Users\Týna\AppData\Local\History => ":gs5sys" ADS removed successfully
C:\Users\Týna\Documents\desktop.ini => ":gs5sys" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D16B523A-2106-4F44-AFC3-64B2DF553A2F}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{69721B4D-4AB0-41A0-9637-BBF4B8B02FD5}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CF95D89D-C5B3-4A06-B3DA-5DCA5C087BCF}C:\users\hp\desktop\anydesk.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A60F7BC3-B493-46E4-8591-AF8314870BCC}C:\users\hp\desktop\anydesk.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A031FA04-8B22-41E8-A672-839D6B07B6FB}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{13612E65-7774-4466-9A1E-538D294BD439}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{074076B5-6881-4DD6-8431-0AA567C7A212}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{22079042-28EB-4524-8976-1D31B731519F}" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6452744 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 161504 B
Edge => 0 B
Chrome => 7716761 B
Firefox => 18747767 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4092 B
NetworkService => 4092 B
hp => 24601 B
Kristýna => 24601 B
Martin => 24601 B
Dáda => 24601 B
Týna => 24601 B
Honza => 24601 B

RecycleBin => 0 B
EmptyTemp: => 39.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:37:51 ====

Ok, poprosim o nove logy FRST + ADDITION.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-04-2021
Ran by hp (administrator) on HP-PC (Hewlett-Packard 500-202ec) (11-04-2021 09:35:25)
Running from C:\Users\hp\Desktop
Loaded Profiles: hp
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() [File not signed] C:\Program Files (x86)\Photodex\ProShowGold\scsiaccess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Facebook, Inc. -> Facebook) C:\Users\hp\AppData\Local\Facebook\Games\FacebookGameroom.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe <3>
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fshoster64.exe <2>
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsorsp64.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\FsPisces.exe
(F-Secure Corporation -> F-Secure Corporation) C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsulprothoster.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Integrated Device Technology Inc. -> Hewlett-Packard) [File not signed] C:\Program Files\IDT\WDM\Beats64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19750_none_fa39f32f9b2d0928\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2012-08-22] (Integrated Device Technology Inc. -> Hewlett-Packard) [File not signed]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.) [File not signed]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [100580600 2020-08-04] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\Run: [Flvto Youtube Downloader] => "C:\Users\hp\AppData\Local\Flvto Youtube Downloader\FlvtoYoutubeDownloader.Redesign.exe" /minimize
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\hp\AppData\Local\Microsoft\Teams\Update.exe [2453728 2021-04-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3921397407-2631415318-3197205120-1004\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Dáda\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-20] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3921397407-2631415318-3197205120-1005\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Týna\AppData\Local\Microsoft\Teams\Update.exe [2452112 2020-11-04] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP190 series: C:\Windows\system32\CNMLM9I.DLL [279040 2008-02-25] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-01] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-09-04]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
Startup: C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-05-06]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\hp\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
Startup: C:\Users\Kristýna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2018-08-13]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\hp\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
Startup: C:\Users\Týna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-05-13]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\hp\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2C9634F6-EF84-42FD-968D-2D8FFDB7CDB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-24] (Google Inc -> Google Inc.)
Task: {38049093-848F-484A-B596-91122766BC91} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {46418CC2-AD3E-42C8-B61A-A0EDD96B3054} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {5962DDD7-C251-47F5-A41F-D3B086A94BEA} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3921397407-2631415318-3197205120-1005 => C:\Users\hp\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {5FDDE5A0-374C-49FA-A449-67D08C474337} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3921397407-2631415318-3197205120-1004 => {201600d8-6eff-48ce-b842-e14d37a0682d} C:\Windows\System32\wpninprc.dll [62464 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
Task: {606EBC9B-838D-4DC9-A1A3-176EBD4E96B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255104 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {61CB0EAF-BCB5-4FFC-A049-A0806844431D} - System32\Tasks\{8BC24110-F064-4E3E-8B43-F7F2B365943D} => "c:\program files (x86)\mozilla firefox\firefox.exe" https://ui.skype.com/ui/0/7.39.0.102/cs ... rogressBar
Task: {745DDD41-0C2F-4B35-9790-C9F43AEE81DC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {7A874B00-1D28-4469-8F38-E329063F23AF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {90E5C152-EED6-4CE2-9402-F22F873CD65A} - System32\Tasks\{3CF151D6-0E18-49D7-BEE3-EE58DB9E3999} => "c:\program files (x86)\mozilla firefox\firefox.exe" https://ui.skype.com/ui/0/7.36.0.101/cs ... rogressBar
Task: {9B233D7B-8809-48EA-B0E0-788AB09DB569} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255104 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1C1CF50-EC61-4A45-A2C9-7CEF3EB91909} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1498032 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {AED4E2C5-2A93-4EFB-A79A-ADBF421E969A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9C16742-5794-4F66-BA5E-160146F69A1B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {C5445726-1F50-4E47-9C2E-246288D0A26D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141168 2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {DFBF869F-0903-4936-BD94-A5DF0302461A} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {FA0E4834-8054-41E0-BC94-C190B8B9A179} - System32\Tasks\F-Secure\F-Secure Hotfix => C:\Program Files (x86)\F-Secure\SAFE\fs_hotfix.exe [308608 2020-11-03] (F-Secure Corporation -> F-Secure Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll => No File
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3E1BC311-A25A-499A-85BF-A0ADD9BED33F}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\hp\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-22]
Edge Extension: (Browsing Protection by F-Secure) - C:\Users\hp\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2021-02-22]
Edge HKLM\...\Edge\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
Edge HKLM-x32\...\Edge\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]

FireFox:
========
FF DefaultProfile: fag465m9.default
FF ProfilePath: C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\fag465m9.default [2021-04-10]
FF DownloadDir: C:\Users\hp\Desktop
FF Homepage: Mozilla\Firefox\Profiles\fag465m9.default -> hxxp://seznam.cz/
FF Extension: (YouTube™ Flash® Player) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\fag465m9.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2017-12-04]
FF Extension: (Browsing Protection by F-Secure) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\fag465m9.default\Extensions\ols@f-secure.com.xpi [2021-04-10] [UpdateUrl:hxxps://download.sp.f-secure.com/online-safety/updates.json]
FF Extension: (YouTube High Definition) - C:\Users\hp\AppData\Roaming\Mozilla\Firefox\Profiles\fag465m9.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2021-02-03]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\hp\AppData\Roaming\mozilla\plugins\npPxPlay.dll [2016-10-11]

Chrome:
=======
CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default [2021-04-10]
CHR Extension: (Prezentace) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-18]
CHR Extension: (Dokumenty) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Disk Google) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-24]
CHR Extension: (Tabulky) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-18]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2020-10-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]
CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-18]
CHR HKLM\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743464 2021-03-08] (philandro Software GmbH -> philandro Software GmbH)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
R2 fshoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [244096 2020-11-03] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnethoster; C:\Program Files (x86)\F-Secure\SAFE\fshoster32.exe [244096 2020-11-03] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulhoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fshoster64.exe [623744 2021-04-06] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulnethoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fshoster64.exe [623744 2021-04-06] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulorsp; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsorsp64.exe [101248 2021-04-06] (F-Secure Corporation -> F-Secure Corporation)
R2 fsulprothoster; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsulprothoster.exe [623744 2021-04-06] (F-Secure Corporation -> F-Secure Corporation)
S3 GameforgeClientService; C:\Program Files (x86)\GameforgeClient\gfservice.exe [568480 2021-01-29] (Gameforge 4D GmbH -> )
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2016-09-20] (Nero AG -> Nero AG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowGold\ScsiAccess.exe [181312 2016-10-11] () [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AtiDCM; C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys [28416 2014-03-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [254528 2017-05-04] (DT Soft Ltd -> DT Soft Ltd)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\1617700888\fsulgk.sys [361448 2021-04-06] (F-Secure Corporation -> F-Secure Corporation)
R0 fsbts; C:\Windows\System32\drivers\fsbts.sys [58752 2020-12-12] (F-Secure Corporation -> F-Secure Corporation)
R2 fsnif2; C:\Program Files (x86)\F-Secure\SAFE\Ultralight\nif2\1614076011\nif2s64.sys [177672 2021-02-23] (F-Secure Corporation -> F-Secure Corporation)
S3 htcnprot; C:\Windows\system32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 RawDisk3; C:\Windows\system32\drivers\rawdsk3.sys [31040 2014-04-29] (IPTS Alisa, OOO -> EldoS Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [551936 2013-11-20] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2020-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-10 21:29 - 2021-04-10 22:38 - 000013527 _____ C:\Users\hp\Desktop\Fixlog.txt
2021-04-10 21:24 - 2021-04-10 21:24 - 000000000 _____ C:\Users\hp\Desktop\Nový textový dokument.txt
2021-04-10 16:11 - 2021-04-10 16:17 - 000040980 _____ C:\Users\hp\Desktop\Addition.txt
2021-04-10 16:07 - 2021-04-11 09:37 - 000022259 _____ C:\Users\hp\Desktop\FRST.txt
2021-04-10 16:06 - 2021-04-11 09:36 - 000000000 ____D C:\FRST
2021-04-10 16:04 - 2021-04-10 16:04 - 002297856 _____ (Farbar) C:\Users\hp\Desktop\FRST64.exe
2021-04-10 10:24 - 2021-04-10 10:29 - 000000000 ____D C:\AdwCleaner
2021-04-10 10:23 - 2021-04-10 10:23 - 008534696 _____ (Malwarebytes) C:\Users\hp\Desktop\adwcleaner_8.2.exe
2021-04-09 18:03 - 2021-04-09 18:03 - 000000000 ____D C:\rsit
2021-04-09 18:03 - 2021-04-09 18:03 - 000000000 ____D C:\Program Files\trend micro
2021-04-09 18:02 - 2021-04-09 18:02 - 001222144 _____ C:\Users\hp\Desktop\RSITx64.exe
2021-04-09 10:24 - 2021-04-09 10:24 - 000041555 _____ C:\Users\hp\Desktop\document.pdf
2021-04-08 10:37 - 2021-04-08 10:37 - 000221139 _____ C:\Users\hp\Desktop\CCI0842021.pdf
2021-04-08 10:34 - 2021-04-08 10:34 - 000686342 _____ C:\Users\hp\Desktop\Testergebnis 4.4.2021.pdf
2021-04-08 09:28 - 2021-04-08 09:28 - 000310642 _____ C:\Users\hp\Desktop\dokument-126578343.pdf
2021-04-05 22:49 - 2021-04-09 10:29 - 000000000 ____D C:\Users\hp\Desktop\Nová složka
2021-03-27 10:29 - 2021-04-07 09:48 - 000000000 ____D C:\Users\hp\Desktop\Formulář pro opuštění okresu
2021-03-26 19:50 - 2021-03-28 00:22 - 000011599 _____ C:\Users\hp\Desktop\kšefty.xlsx
2021-03-23 22:55 - 2021-03-23 22:55 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-03-23 21:04 - 2021-04-10 10:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-19 11:51 - 2021-03-19 11:51 - 000012317 _____ C:\Users\Týna\Desktop\maturita-cestina-didakticky-test-zaznamovy-arch-2016-jaro.pdf
2021-03-19 11:49 - 2021-03-19 11:49 - 000000000 ____D C:\Users\Týna\AppData\Roaming\ControlCenter4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-11 09:37 - 2016-08-17 14:03 - 000003946 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{FE27802C-E301-419F-B6F7-DD932E6659EB}
2021-04-11 09:34 - 2016-08-19 08:51 - 000000000 __RDO C:\Users\hp\OneDrive
2021-04-10 23:50 - 2019-05-22 20:28 - 000000000 ____D C:\Users\hp\AppData\Roaming\upjers-playground2
2021-04-10 23:50 - 2019-02-06 10:43 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-10 23:50 - 2016-11-17 17:35 - 000000000 ____D C:\Users\hp\AppData\LocalLow\Mozilla
2021-04-10 23:43 - 2020-01-04 12:01 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2021-04-10 23:22 - 2016-08-19 20:13 - 000029838 _____ C:\Users\hp\Desktop\Capi továrny.xlsx
2021-04-10 23:19 - 2021-02-22 21:22 - 000030608 _____ C:\Users\hp\Desktop\C.xlsx
2021-04-10 22:45 - 2016-09-12 15:01 - 000000000 ____D C:\Users\hp\Desktop\Já flash
2021-04-10 22:44 - 2014-03-18 17:33 - 001739092 _____ C:\Windows\system32\PerfStringBackup.INI
2021-04-10 22:44 - 2014-03-18 16:54 - 000733268 _____ C:\Windows\system32\perfh005.dat
2021-04-10 22:44 - 2014-03-18 16:54 - 000148614 _____ C:\Windows\system32\perfc005.dat
2021-04-10 22:44 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2021-04-10 22:40 - 2016-12-25 21:55 - 000000000 ____D C:\Users\hp\AppData\Local\HTC MediaHub
2021-04-10 22:39 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-04-10 22:38 - 2016-08-17 16:28 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2021-04-10 22:38 - 2013-08-22 15:25 - 001310720 ___SH C:\Windows\system32\config\BBI
2021-04-10 21:31 - 2018-01-03 21:46 - 000000000 ____D C:\Users\hp\AppData\LocalLow\Temp
2021-04-10 11:06 - 2016-08-17 14:05 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3921397407-2631415318-3197205120-1001
2021-04-10 10:36 - 2016-11-17 17:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-10 10:31 - 2020-07-06 10:17 - 000002241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-09 18:03 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-09 18:01 - 2020-11-02 12:28 - 000000000 ____D C:\Program Files\Microsoft Office
2021-04-09 10:32 - 2018-12-21 17:42 - 000000000 ____D C:\Users\hp\AppData\Local\CrashDumps
2021-04-09 10:25 - 2016-08-17 13:59 - 000000000 ____D C:\Users\hp\AppData\Local\Packages
2021-04-09 10:02 - 2018-12-01 22:47 - 000000000 ___RD C:\Users\Týna\OneDrive
2021-04-08 13:45 - 2018-12-08 11:21 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3921397407-2631415318-3197205120-1005
2021-04-08 13:35 - 2020-11-02 12:42 - 000003166 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3921397407-2631415318-3197205120-1005
2021-04-08 13:35 - 2020-11-02 12:42 - 000002297 _____ C:\Users\Týna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2021-04-08 08:17 - 2021-02-21 19:44 - 000000000 ____D C:\Users\hp\Desktop\Einreiseanmeldungen
2021-04-08 07:03 - 2020-07-06 10:17 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-08 07:03 - 2020-07-06 10:17 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-07 15:49 - 2016-10-12 22:02 - 000000000 ____D C:\Users\hp\AppData\Roaming\vlc
2021-04-07 10:18 - 2020-11-03 08:54 - 000002288 _____ C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-04-07 10:18 - 2020-11-03 08:54 - 000002280 _____ C:\Users\hp\Desktop\Microsoft Teams.lnk
2021-04-02 20:45 - 2016-08-19 08:59 - 000000000 ____D C:\Users\hp\Desktop\Dokumenty
2021-04-01 11:03 - 2017-07-24 17:31 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-25 15:46 - 2020-02-02 15:04 - 000003954 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{81B1C48C-D8AD-45EC-8E79-F2FAB85A011D}
2021-03-23 23:59 - 2020-05-22 11:45 - 000000000 ____D C:\Users\hp\Desktop\Uptasia
2021-03-23 22:55 - 2016-08-18 16:47 - 000001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-21 22:19 - 2020-04-27 19:50 - 000000000 ____D C:\Users\hp\Desktop\Sken
2021-03-19 18:20 - 2020-06-12 20:35 - 000000000 ____D C:\Users\hp\AppData\Roaming\Disc-Soft
2021-03-19 18:20 - 2020-06-12 20:34 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-03-19 18:19 - 2016-09-13 11:51 - 000000000 ____D C:\Users\hp\AppData\Roaming\Canon
2021-03-16 08:38 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-16 08:38 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2021-03-16 08:30 - 2016-11-19 19:06 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3921397407-2631415318-3197205120-1004
2021-03-16 08:29 - 2016-11-19 19:02 - 000003954 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{082B1CEA-011E-407D-BC94-120E222088B1}
2021-03-13 17:01 - 2016-08-17 14:05 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-12 20:25 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2021-03-12 18:16 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-12 09:12 - 2013-08-22 16:44 - 000722128 _____ C:\Windows\system32\FNTCACHE.DAT

==================== Files in the root of some directories ========

2019-11-29 22:56 - 2020-01-05 11:14 - 000004749 _____ () C:\Users\hp\AppData\Roaming\downloads.json

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-04-09 08:54
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-04-2021
Ran by hp (11-04-2021 09:39:50)
Running from C:\Users\hp\Desktop
Windows 8.1 (Update) (X64) (2016-08-17 11:59:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3921397407-2631415318-3197205120-500 - Administrator - Disabled)
Dáda (S-1-5-21-3921397407-2631415318-3197205120-1004 - Limited - Enabled) => C:\Users\Dáda
Guest (S-1-5-21-3921397407-2631415318-3197205120-501 - Limited - Disabled)
Honza (S-1-5-21-3921397407-2631415318-3197205120-1006 - Limited - Enabled) => C:\Users\Honza
hp (S-1-5-21-3921397407-2631415318-3197205120-1001 - Administrator - Enabled) => C:\Users\hp
Kristýna (S-1-5-21-3921397407-2631415318-3197205120-1002 - Administrator - Enabled) => C:\Users\Kristýna
Martin (S-1-5-21-3921397407-2631415318-3197205120-1003 - Administrator - Enabled) => C:\Users\Martin
Týna (S-1-5-21-3921397407-2631415318-3197205120-1005 - Limited - Enabled) => C:\Users\Týna

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: F-Secure SAFE (Enabled - Up to date) {01EEC97C-28E5-34E7-6F5F-47CED8192856}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: F-Secure SAFE (Enabled - Up to date) {BA8F2898-0EDF-3B69-55EF-7CBCA39E62EB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.2.3 - philandro Software GmbH)
Apple Mobile Device Support (HKLM\...\{F9CEF01A-3907-4614-824F-CF5D3E4675EF}) (Version: 14.1.0.35 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Ashampoo Burning Studio 2017 (HKLM-x32\...\{91B33C97-C878-6579-69BA-23E5405C7AAB}_is1) (Version: 18.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 3.03 (HKLM-x32\...\Ashampoo Photo Optimizer 3_is1) (Version: 3.0.3 - ashampoo GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-1610W series (HKLM-x32\...\{75E38F04-1BAF-4054-A059-57F831688943}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
CDRoller version 10.60 (HKLM-x32\...\CDRoller_is1) (Version: 10.60 - Digital Atlantic Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Facebook Gameroom 1.21.6697.19829 (HKLM-x32\...\{7BE2211B-F86C-40CA-A6CC-69564D9BD5E2}) (Version: 1.21.6697.19829 - Facebook)
Facebook Gameroom 1.23.7426.18586 (HKLM-x32\...\{58E3FB73-8B88-4807-A803-79B5ADA0136F}) (Version: 1.23.7426.18586 - Facebook)
FastStone Image Viewer 5.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.7 - FastStone Soft)
F-Secure SAFE (HKLM-x32\...\{46B8A013-32EE-4158-A401-E25B63FE5D28}) (Version: 17.9 - F-Secure Corporation)
Gameforge Client (HKLM-x32\...\{d3b2a0c1-f0d0-4888-ae0b-1c5e1febdafb}_is1) (Version: 2.1.22.784 - Gameforge)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.77.0 - HTC)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6482.0 - IDT)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{6B5E1BB0-7219-47AC-AA8C-9C2C9950E1E5}) (Version: 12.10.10.2 - Apple Inc.)
K-Lite Codec Pack (64-bit) v3.6.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 3.6.0 - )
Krvavá Kassandra - Sběratelská edice (HKLM-x32\...\{Krvava Kassandra - Sberatelska edice}_is1) (Version: - Spidla Data Processing, s.r.o.)
LibreOffice 6.3.5.2 (HKLM\...\{9FEFBA80-8687-4AC1-83F7-3CD3E9BAF275}) (Version: 6.3.5.2 - The Document Foundation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13901.20336 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.75 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3921397407-2631415318-3197205120-1005\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\Teams) (Version: 1.4.00.8872 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3921397407-2631415318-3197205120-1004\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3921397407-2631415318-3197205120-1005\...\Teams) (Version: 1.3.00.21759 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Firefox 87.0 (x64 cs) (HKLM\...\Mozilla Firefox 87.0 (x64 cs)) (Version: 87.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.2 - Mozilla)
NosTale (HKLM-x32\...\{dd4e22d6-00d1-44b9-8126-d8b40e0cd7c9}) (Version: - Gameforge)
NosTale cs-CZ (HKLM-x32\...\{dd4e22d6-00d1-44b9-8126-d8b40e0cd7c9.cs-CZ}) (Version: - Gameforge)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13901.20336 - Microsoft Corporation) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Prázdnota (HKLM-x32\...\{Prazdnota}_is1) (Version: - Spidla Data Processing, s.r.o.)
ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - )
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Scooby-Doo(TM), Case File #2 The Scary Stone Dragon (HKLM-x32\...\Scooby-Doo(TM), Case File #2 The Scary Stone Dragon) (Version: - )
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Tajemství šesti moří (HKLM-x32\...\{Tajemstvi sesti mori}_is1) (Version: - Spidla Data Processing, s.r.o.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
upjers Home 2.1.62 (HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\{e2446448-09eb-5b1b-84b1-6746557362e3}) (Version: 2.1.62 - upjers GmbH)
upjers Playground 2.0.98 (HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\e2446448-09eb-5b1b-84b1-6746557362e3) (Version: 2.0.98 - upjers GmbH)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Záchvěv - Ztracená stopařka v1.0 (HKLM-x32\...\{Zachvev - Ztracena stoparka}_is1) (Version: - Špidla Data Processing, s.r.o.)
Zloději duší v1.0 (HKLM-x32\...\{Zlodeji dusi}_is1) (Version: - Špidla Data Processing, s.r.o.)

Packages:
=========
2020: My Country -> C:\Program Files\WindowsApps\0EB8BD08.2020MyCountry_2.9.0.389_x86__erk4rrwmt7jyt [2018-11-29] (GAME INSIGHT GLOBAL LIMITED)
Člověče, nezlob se! Lite -> C:\Program Files\WindowsApps\b-interaktiveGmbH.DontgetangryFREE_1.3.0.11_x64__qbsg90x8tpqqt [2018-05-01] (b-interaktive GmbH) [MS Ad]
Happy Chef -> C:\Program Files\WindowsApps\Nordcurrent.HappyChef_1.0.0.5_x86__m9bz608c1b9ra [2017-09-01] (Nordcurrent)
Hidden City®: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.16.1700.0_x86__ytsefhwckbdv6 [2018-11-29] (G5 Entertainment AB)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-03-18] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
Kids' Puzzles -> C:\Program Files\WindowsApps\AboutFun.KidsPuzzles_1.5.0.0_neutral__3bmcbs85sh38e [2016-08-19] (About Fun)
Krtkova skládačka -> C:\Program Files\WindowsApps\SiliconJelly.LittleMolesPuzzle_1.1.0.0_x86__6v809z49xp5gp [2016-08-19] (Silicon Jelly s.r.o.)
Magic Jigsaw Puzzles -> C:\Program Files\WindowsApps\XIMADINC.MAGICPUZZLES_3.11.6.0_x64__np8fj6akx2czy [2021-03-12] (ZiMAD) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_1.9.1911.0_x86__8wekyb3d8bbwe [2019-12-19] (Microsoft Studios) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2019-02-02] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2018-07-27] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-23] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]
Pexeso pro děti -> C:\Program Files\WindowsApps\AboutFun.KidsPuzzlesMemoryGame_1.0.0.4_neutral__3bmcbs85sh38e [2016-08-19] (About Fun)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2016-08-18] (Skype) [MS Ad]
Spider Solitaire ! -> C:\Program Files\WindowsApps\41544BlastOffGames.SpiderSolitaire_1.0.0.15_neutral__qy5fmezmgqez0 [2021-03-14] (Blast Off Games Solitaire Tetris Flappy Bird) [MS Ad]
Taptiles -> C:\Program Files\WindowsApps\Microsoft.Taptiles_2.6.288.0_x86__8wekyb3d8bbwe [2018-10-25] (Microsoft Studios) [MS Ad]
TESTFRAMEWORKABO2 -> C:\Program Files\WindowsApps\40538vasetest101.TESTFRAMEWORKABO2_12.0.21005.1_x64__ssm1v0s3df7zc [2019-03-16] (vasetest101)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2016-08-18] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3921397407-2631415318-3197205120-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\hp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [F-Secure DataGuard Icon Overlay] -> {CA789262-D278-40F7-AC12-19C0395F9DD9} => C:\Program Files (x86)\F-Secure\SAFE\FsShellExtension64.dll [2020-11-03] (F-Secure Corporation -> F-Secure Corporation)
ShellIconOverlayIdentifiers-x32-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers-x32-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers-x32-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [136704 2010-06-28] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-05-01 10:23 - 2020-05-01 10:23 - 000774656 _____ () [File not signed] [File is in use] C:\Users\hp\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 001184256 _____ () [File not signed] [File is in use] C:\Users\hp\AppData\Local\Facebook\Games\CefSharp.Core.dll
2021-03-10 14:43 - 2009-02-27 17:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 071641088 _____ () [File not signed] C:\Users\hp\AppData\Local\Facebook\Games\libcef.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 000078848 _____ () [File not signed] C:\Users\hp\AppData\Local\Facebook\Games\libegl.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 003149824 _____ () [File not signed] C:\Users\hp\AppData\Local\Facebook\Games\libglesv2.dll
2021-03-10 14:44 - 2008-08-18 19:27 - 000122880 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\brlmw03a.dll
2021-03-10 14:44 - 2013-06-12 20:06 - 000385024 ____R (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2021-03-10 14:44 - 2011-02-28 12:32 - 000208896 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2021-03-10 14:44 - 2013-10-10 22:55 - 002040320 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2021-03-10 14:44 - 2014-05-22 20:12 - 000137728 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2021-03-10 14:44 - 2014-02-06 22:13 - 000083968 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2021-03-10 14:44 - 2014-02-06 22:13 - 017904640 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2021-03-10 14:44 - 2014-01-09 18:36 - 000082944 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLCze.dll
2016-09-13 11:16 - 2008-02-25 20:00 - 000279040 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMLM9I.DLL
2021-04-10 23:43 - 2021-04-10 23:43 - 000394240 _____ (Google Inc.) [File not signed] C:\Program Files (x86)\AnyDesk\gcapi.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 000433664 _____ (The Chromium Authors) [File not signed] C:\Users\hp\AppData\Local\Facebook\Games\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
HKU\S-1-5-21-3921397407-2631415318-3197205120-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.msn.com/?OCID=IE11FREDHP&PC=UF01
HKU\S-1-5-21-3921397407-2631415318-3197205120-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxps://www.msn.com/cs-cz/?ocid=iehp
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\Ultralight\http\1617091255\browser\fs_ie_https\fs_ie_https64.dll [2021-03-30] (F-Secure Corporation -> F-Secure Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\SAFE\Ultralight\http\1617091255\browser\fs_ie_https\fs_ie_https.dll [2021-03-30] (F-Secure Corporation -> F-Secure Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-09] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2018-11-15 19:53 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\hp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3921397407-2631415318-3197205120-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Kristýna\Desktop\6b82acef054a3494cc28dda3372c28ca956a9bcb_hq.jpg
HKU\S-1-5-21-3921397407-2631415318-3197205120-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3921397407-2631415318-3197205120-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3921397407-2631415318-3197205120-1005\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3921397407-2631415318-3197205120-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

Network Binding:
=============
Síť Ethernet: HTC NDIS Protocol Driver -> ms_ndisprot (enabled)
Síťové připojení Bluetooth 2: HTC NDIS Protocol Driver -> ms_ndisprot (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3921397407-2631415318-3197205120-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B29C2BD4-8F80-4DF9-BAE8-F485B5BFE171}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5BD88E11-C6B0-4BAE-94C8-CBE056C4F582}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{09A460E3-DB0C-41F1-A37E-31759B83CE4F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{D0A05147-DE7A-4683-9D67-E232C7AFDB50}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{2A592CCF-B699-4C35-A9B5-11F7170FD095}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{862DC9D8-2975-48F2-B819-59B0C2E96E02}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D385A94-324A-470E-8099-65DC4A980E73}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe (Nero AG -> )
FirewallRules: [{994CBD9A-5F24-42EA-9755-8399779B5E57}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{903B7BB2-A0F0-404F-9685-94CC081F178A}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe (Apowersoft Ltd.) [File not signed]
FirewallRules: [{B4B5B911-B111-409E-9651-5B8A0903CC08}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe (Apowersoft Ltd.) [File not signed]
FirewallRules: [{9544F145-EDA4-44C4-938A-7BBAA9D5F6AF}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{2AFE3AF3-EDD9-4343-8D1E-870A2C76FC63}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{8174C7AE-05FA-4E65-97D8-AA71BE43EE95}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{88A29561-FD36-4D81-A765-D0E3C87C68B0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B28DEB3D-C663-48B3-9EB2-5DA860C51EEB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7B0E6AD7-C3EE-442D-B110-EDBBE85F4D73}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{438B6A4C-A889-48F6-A45C-0C2E8A1758CC}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{9B676265-C13B-4CAC-8BFE-B9A330F0FD95}C:\users\hp\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\hp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{B2E70E01-C3EA-4FDD-AD29-83E9F438580E}C:\users\hp\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\hp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDF630BD-3447-466E-AF7F-38FF4865E193}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B7EB5888-527B-4419-B0E8-23EC5806E00A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{7A2BE56D-28FE-4756-B0DA-6994315E3732}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{64A34DCF-25C7-48CE-9221-0C3557B3D2D9}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{5CA89B5A-6E26-4728-BA6B-2C2F6F4C78E6}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{0B336731-C466-49B3-B3E4-27B992FAF19F}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{4CC62904-31DB-42A9-A3BB-90B58A9584D0}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{8D6F00C5-EFFF-42DC-962B-45DC0C28A103}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)

==================== Restore Points =========================

26-03-2021 09:51:39 Naplánovaný kontrolní bod
02-04-2021 10:46:00 Naplánovaný kontrolní bod
10-04-2021 11:07:03 Windows Update
10-04-2021 21:29:22 Restore Point Created by FRST
10-04-2021 22:36:30 Restore Point Created by FRST

==================== Faulty Device Manager Devices ============

Name: DAEMON Tools Lite Virtual USB Bus
Description: DAEMON Tools Lite Virtual USB Bus
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Disc Soft Ltd
Service: dtliteusbbus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: DAEMON Tools Lite Virtual SCSI Bus
Description: DAEMON Tools Lite Virtual SCSI Bus
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Disc Soft Ltd
Service: dtlitescsibus
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/10/2021 10:36:29 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {0a2c0473-bab9-4f04-84e4-7e82b5545b8e}

Error: (04/10/2021 09:31:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: fseventhistory.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
na FSecure.Api.EventHistory.ReleaseUnmanagedResources()
na FSecure.Api.EventHistory.Finalize()

Error: (04/10/2021 06:58:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MagicPuzzles.exe verze 0.0.0.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 18ec

Čas spuštění: 01d72e1481a6cecc

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\XIMADINC.MAGICPUZZLES_3.11.6.0_x64__np8fj6akx2czy\MagicPuzzles.exe

ID hlášení: f5a52d3f-9a1d-11eb-830f-001a7dda7111

Úplný název chybujícího balíčku: XIMADINC.MAGICPUZZLES_3.11.6.0_x64__np8fj6akx2czy

ID aplikace související s chybujícím balíčkem: App

Error: (04/10/2021 06:58:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: HP-PC)
Description: Balíček XIMADINC.MAGICPUZZLES_3.11.6.0_x64__np8fj6akx2czy+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (04/10/2021 10:20:45 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (04/09/2021 11:28:41 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (04/09/2021 11:28:41 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (04/09/2021 11:28:41 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed


System errors:
=============
Error: (04/10/2021 10:36:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba F-Secure Hoster byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (04/10/2021 10:36:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (04/10/2021 10:36:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba F-Secure Hoster (Restricted) byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (04/10/2021 10:36:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba F-Secure Ultralight ORSP Client byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (04/10/2021 10:36:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba F-Secure Ultralight Protected Hoster byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (04/10/2021 10:36:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HTCMonitorService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/10/2021 10:36:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Internet Pass-Through Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (04/10/2021 10:36:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ScsiAccess byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2018-09-24 14:25:29.666
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.155.266.0;1.155.266.0
Verze modulu: 1.1.9700.0

==================== Memory info ===========================

BIOS: AMI 80.52 11/11/2014
Motherboard: MSI 2AE0
Processor: AMD A10-5700 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 27%
Total physical RAM: 7349.03 MB
Available physical RAM: 5293.26 MB
Total Virtual: 8821.03 MB
Available Virtual: 6819.4 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:919.55 GB) (Free:672.39 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:10.44 GB) (Free:10.39 GB) NTFS

\\?\Volume{8d15af40-5d21-4f89-93f2-9c89f599c245}\ (Windows RE tools) (Fixed) (Total:1 GB) (Free:0.73 GB) NTFS
\\?\Volume{e43af091-bafa-40a3-b638-7668b888e7a0}\ (Obnovení) (Fixed) (Total:0.29 GB) (Free:0.28 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4F4578C4)

Partition: GPT.

==================== End of Addition.txt =======================

Dobre.

Urobime posledne docistenie:

Do poznamkoveho bloku skopirujte obsah dole:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8 (skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit).
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Fix result of Farbar Recovery Scan Tool (x64) Version: 10-04-2021
Ran by hp (11-04-2021 12:04:49) Run:3
Running from C:\Users\hp\Desktop
Loaded Profiles: hp
Boot Mode: Normal
==============================================

fixlist content:
*****************
Task: {745DDD41-0C2F-4B35-9790-C9F43AEE81DC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
ShellIconOverlayIdentifiers-x32-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers-x32-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ShellIconOverlayIdentifiers-x32-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX32.dll -> No File
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX64.dll -> No File
*****************

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{745DDD41-0C2F-4B35-9790-C9F43AEE81DC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{745DDD41-0C2F-4B35-9790-C9F43AEE81DC}" => removed successfully
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
ShellIconOverlayIdentifiers-x32-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX32.dll -> No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers-x32-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX32.dll -> No File => Error: No automatic fix found for this entry.
ShellIconOverlayIdentifiers-x32-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Týna\AppData\Local\MEGAsync\ShellExtX32.dll -> No File => Error: No automatic fix found for this entry.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\CLSID\{0229E5E7-09E9-45CF-9228-0228EC7D5F17} => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MEGA (Context menu) => removed successfully

==== End of Fixlog 12:04:49 ====

Reboot neproběhl.