Preventivni kontrola logu

[ocet123]

Dobry den, prosim o preventivni kontrolu logu - zaznamenal jsem neopravneny pristup do jedne e-mailove schranky a nejsem si jisty, jestli je v PC vse OK. Dekuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by rac (administrator) on NB-RAC (Hewlett-Packard HP ProBook 470 G1) (03-01-2021 14:29:05)
Running from C:\lh
Loaded Profiles: rac
Platform: Windows 10 Pro Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\rac\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\rac\AppData\Roaming\Dropbox\bin\Dropbox.exe <3>
(Dropbox, Inc -> The Qt Company Ltd.) C:\Users\rac\AppData\Roaming\Dropbox\bin\112.4.321\QtWebEngineProcess.exe <2>
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Fortinet Technologies -> Fortinet Inc.) C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Technology Access -> Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Intel(R) Technology Access -> Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\rac\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(SatoshiLabs s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synology Inc. -> ) C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe
(Synology Inc. -> Synology Inc.) C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-connect.exe
(Synology Inc. -> Synology Inc.) C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-daemon.exe
(Synology Inc. -> Synology Inc.) C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\cloud-drive-ui.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\rac\AppData\Local\Temp\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\rac\AppData\Local\Temp\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\rac\AppData\Local\Temp\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\rac\AppData\Local\Temp\TeamViewer\tv_x64.exe
(Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-07-30] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [225280 2016-12-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-07-04] (IDT, Inc.) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [179536 2019-10-31] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [84489984 2020-01-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-21-125881783-3529542484-4283163711-1002\...\Run: [Dropbox Update] => C:\Users\rac\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-125881783-3529542484-4283163711-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\rac\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-11-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-125881783-3529542484-4283163711-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [38400 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\BJ Print Processor4: C:\Windows\System32\spool\prtprocs\x64\CNBPP4.DLL [84992 2009-07-14] (CANON INC.) [File not signed]
HKLM\...\Windows x64\Print Processors\Canon iP4600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9A.DLL [27648 2008-04-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP4600 series: C:\WINDOWS\system32\CNMLM9A.DLL [279040 2008-04-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [401920 2013-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-06-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-06-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2020-12-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\rac\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
Startup: C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Drive Client.lnk [2021-01-03]
ShortcutTarget: Synology Drive Client.lnk -> C:\Program Files (x86)\Synology\SynologyDrive\bin\launcher.exe (Synology Inc. -> Synology Inc.)
Startup: C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2018-10-09]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs s.r.o. -> )
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00363579-A2C6-4C84-9C31-603FE5100647} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {02E0BF95-CBDB-473D-BCEB-F2071354A9B6} - System32\Tasks\{FCE33FFB-E1A5-467E-A8ED-AB6E8231379E} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {069073FC-D543-4AB9-B47C-2AD4473849AF} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0812D93F-D35F-4211-81A1-16E5686B195D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {08CDDE9A-4944-44EC-A32E-A49517589776} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1191C0FE-9F9B-42F3-AFE2-2B03623915AD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115048 2020-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {142560B6-0137-43EF-A55A-B75C4AC8CBDE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {147C8388-675C-4C67-B47D-D779DC5481D3} - System32\Tasks\{3A5B1F95-B217-487B-A731-762B1655D891} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {15C74A21-EE0F-4CAC-AC9D-BDDFAFF28155} - System32\Tasks\{5DD311F0-7931-4F01-BFE0-FF0295300B55} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {16B560DA-62DA-483E-B5B7-92EA73715E5C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {180848B8-39B6-499F-BCAF-578562778631} - System32\Tasks\{038CDEED-134A-47F5-B43D-9A26EAF459D0} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {1835B60C-92EA-4D9B-9FDE-F2920C270482} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {19BA4DA4-7079-47B8-9AAA-B721DAE2C3FC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {1AFFC6C9-923C-45D4-BBF8-DA1D4209665B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1E290C76-CB9E-49DF-BFD7-778E723E6C01} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
Task: {2273E42F-20F2-4484-B972-14EC364FA40A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2358C13F-D898-487A-ABBB-484768218D46} - System32\Tasks\{C0B850BD-4442-4075-9984-E4432CF72134} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {2402C267-AF12-4A6A-AA5E-CE1876D20B8E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {25979EC9-7B68-43EB-9697-D781F78EF8F6} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {2DB7E189-E728-4F41-A41D-19A410709ABA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSFUpdaterRedux => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
Task: {2E204E47-38B1-403B-8076-D7CC254BB6F3} - System32\Tasks\{1E5B4DC2-B071-4AFC-86AB-2DD755352441} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {2EC5652F-347C-4954-8008-63AEFA48A970} - System32\Tasks\{4CE59F70-FA7A-4A49-9AED-A8C6E3A3169C} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {30AE7217-9A3F-456A-B5FD-6EF0AFE8DBE5} - System32\Tasks\GoogleUpdateTaskMachineCore1d15da41c71e76e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {31A53763-ECD0-475B-94BB-F0A6367FA525} - System32\Tasks\GoogleUpdateTaskMachineUA1d12d1e56f267fb => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {325CFBD4-9F12-445B-B536-AB2621CB06FC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {342FF172-7141-4AD1-BDFB-2195A66831CE} - System32\Tasks\GoogleUpdateTaskMachineCore1d090507810ea16 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {3620EBF2-42BC-4BB7-A0B2-7730DDA6D3B0} - System32\Tasks\GoogleUpdateTaskMachineUA1d04178210f1cb1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {37453909-AF84-465C-843C-DCB4634D102E} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {398EEBC1-DBFB-407A-96D0-DF569C1928D8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2020-11-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {3B280FFE-B216-4927-90B3-869B4B0FA4B6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {4216B300-D7D9-46E9-9ABE-AC91DD3A3448} - System32\Tasks\{B2CBD1D4-728F-4E7E-8626-49AAAC425B8D} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {442B5BD1-3593-4D12-97C1-13C3F4B292FB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {44360D28-3BC0-4C92-9CDB-291F9720B6F3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4498B34B-5EBD-4B6E-A83B-F51ED0EF2F96} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {46697878-6629-4A8D-82A1-890BD34A2E90} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {489F2B3B-B94E-4456-9319-A71BC3802CA6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {48BCF6A4-272A-4844-A498-2984EFD797CD} - System32\Tasks\{2366300C-10E7-4CE4-98A4-80B321A9400F} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {48CE912E-E907-4EBB-8A88-897CB15069C9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {4A5694DB-9D11-4D64-A21B-1B21868158A6} - System32\Tasks\{378F5CDF-7A40-403B-8EBB-178E73FBFBAE} => C:\Windows\system32\pcalua.exe -a "C:\Users\rac\Documents\Stažené soubory\playboy2003full.exe" -d "C:\Users\rac\Documents\Stažené soubory"
Task: {4C734A1C-140A-4377-9B75-5D5E8B3BC136} - System32\Tasks\GoogleUpdateTaskMachineCore1d0417820135779 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {4C9F87A5-C8AE-4DB3-9606-67D175EC6131} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4F9C032B-A819-47EF-854A-DCF714B00E43} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5182B028-A024-4E38-B948-19F3AB29DEF0} - System32\Tasks\{ADED16DA-9766-4D39-A30E-57370913B46F} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {52E87D05-57E7-4076-A1B2-64E9DEB16099} - System32\Tasks\{28B9EE94-FF67-4080-A984-C0614B077F8E} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {538CE48E-D115-4024-A68F-5C968F5B50EA} - System32\Tasks\{0866E3FF-F06E-4ADE-8D70-B94D30D27E2E} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {549626A1-68C0-45B2-9620-40AB8564E803} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {5577343E-BB7E-4F9E-A3C4-34785C266BCD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {5725C861-BBEF-43C9-A22B-9A4220185AF8} - System32\Tasks\GoogleUpdateTaskMachineUA1d090507902c7b1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5B799472-B822-47FD-BE77-D25DBCCA8EE0} - System32\Tasks\{ED6DAC06-041B-4E61-9D9B-F4CEFD02B433} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {5CF47C8B-9C58-4B45-96A9-48CC6FCFC3EC} - System32\Tasks\{B01AEDF2-CD6C-4FD1-8D0E-26572FEDA8DC} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {60A996A1-B81E-499D-A597-8C7E10B029FD} - System32\Tasks\{845B0DD3-7D8A-49BD-9A01-FB9E92B0DC4C} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {60FA099B-50A7-4B0D-AF3C-59CC521EC231} - System32\Tasks\{45220C61-2C00-4365-8A4C-A7EE321B6EF8} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {630971F0-F486-40A5-AD24-E03780D9A1A9} - System32\Tasks\GoogleUpdateTaskMachineUA1cf693ace27334c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {65DF658D-46A6-44CA-BFD4-65805F1508D7} - System32\Tasks\{C0443BD9-144E-4782-8225-90734290A262} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {6AAEFF55-F05E-4696-BAA6-E452C520B28A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {74D0EA38-3CAB-4751-BC45-271809B645CF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {796DB19F-568B-449E-A525-31CC40AB79F7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {79D846C5-FEA5-4A8F-9531-B242A876A2DC} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {7ACAE970-135C-4B2F-AB34-E2DA029EF173} - System32\Tasks\{5D4C8B84-8961-44E2-9B09-0BB6FC4C8B69} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {7ADB5882-721A-414D-B9EF-FCF76C215F1B} - System32\Tasks\{18D6CFC6-5567-4512-A763-5B595834A3D7} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {7B009E59-6228-4BF3-8EDF-3FD826A82CF8} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7B10D8BF-B3F5-42D2-ACA9-4D18E8AD4001} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {7C4237B1-3514-4EA5-9D42-C772BF8A0504} - System32\Tasks\GoogleUpdateTaskMachineCore1d0eff4c67c102d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {8260AB3E-A899-4092-989A-B8871E2C1722} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1738504 2015-09-04] (Intel(R) Software -> Intel Corporation)
Task: {85F015BB-50D2-464B-BADB-B14037789048} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf4d3662d6ea => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {883AA82D-8CF4-48AC-8784-A323FFC66D19} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {88655D27-B42F-4A33-B5CB-07F923AA4BE7} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {8A13F2A3-BFD9-4AC5-AF78-C20480F81056} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1443736 2020-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {90BD5741-8571-4F5E-98F2-B5D3BF8C3B60} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e38b5631fb18 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {9293A749-EFB0-4430-A008-63441CBDA80E} - System32\Tasks\GoogleUpdateTaskMachineCore1cf693acc85640e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {93D6CF2D-4A6F-4D39-AE7F-B971FF69AF2E} - System32\Tasks\{AFFCC4FE-C954-4E13-B386-82A6CB1E2AC4} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {94940EAA-4E2F-45E4-B4CE-A2930BC7B0AF} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf4d35426e91 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {95F9E0FE-1472-4C29-A173-FF1E7778010F} - System32\Tasks\{A3D9537E-01CC-47E9-87E1-DEEFE7F007A8} => "c:\windows\system32\launchwinapp.exe" https://ui.skype.com/ui/0/7.41.0.101/cs ... age=tsBing
Task: {96F4B612-906E-4A18-B620-718F3C665364} - System32\Tasks\GoogleUpdateTaskMachineUA1d15da41d8cd172 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {993DF055-3DAC-45B7-8C5A-414B418DFA1B} - System32\Tasks\{5D3287C4-3F34-40ED-A88E-8B8A49218F7A} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {99EDA336-0192-4399-B775-B9CE3F3E1A17} - System32\Tasks\GoogleUpdateTaskMachineCore1d12d1e55f2595b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {9A48687C-E2FB-4436-AEBB-7A69CFBE81D1} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
Task: {9C2E73E9-6443-4942-837F-E8A6BD8F4494} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9D4379F8-04A5-4E7A-BA93-1D61B536E093} - System32\Tasks\{F0E8E62F-7573-4B62-B047-50CE5C7B9D58} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {9D917BA5-17D9-4D2C-A73D-7DD71A12884E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A157C3D4-1F59-406A-B602-CA1B1FDB46EA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {AE51CD9C-57B4-4EA3-AFEC-103352730E59} - System32\Tasks\{9CD6085D-FBF9-4E78-8386-D50675E304F3} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {AE5CB0AD-30CA-4E86-9D5B-62FB7DAC3A88} - System32\Tasks\{B2BD8375-DB73-4CE6-B12A-9205177DC0E3} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {B083307A-94AB-4F08-A79E-DB5F7AAD544E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B11B6A41-91EC-4443-AA05-2DBB842DA7E4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {B19D7742-AD12-45EF-9C38-8DA75CC538DF} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe
Task: {BAF6731B-F248-4156-884D-BC2C11B7603B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612232 2020-11-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {C074F611-B9D2-4738-A1F6-4E22FF99B012} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C1527197-A36F-48DC-8874-6B4953A6A72B} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e38b55134075 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-01-04] (Google Inc -> Google Inc.)
Task: {C3DFDDE7-F58A-47C8-B7AB-340D96C9DE1F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {C4A0E621-47A8-45AA-9CDA-2A07AF78BC72} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C98FE208-23EA-4C4F-8512-BE6EE593617A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-125881783-3529542484-4283163711-1002UA1d237127fb27c35 => C:\Users\rac\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CF0464EF-C899-43B4-A2E3-2C361939D609} - System32\Tasks\{5926A399-B85C-4766-8726-ACB1B62E6F17} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\rac\Desktop\m\MafiaGame\setup.exe -d C:\Users\rac\Desktop\m\MafiaGame
Task: {CF58D9DC-B502-49B5-ABEB-BE1874F588A7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D3B34235-0EEE-4E13-8CCA-D5CA8154256A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4371880 2020-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D3FB4893-A45A-49E4-A5E1-E45D348D610A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D527FA04-15C0-445E-A9AC-E1563E2F7880} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D8032A48-A07B-4012-B3F5-01D8089E9359} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D96286D2-BEB6-4107-A3F7-E90F1E95090E} - System32\Tasks\{95CCDF36-498F-4CBE-A562-C6F89E5B175B} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {D9C35AB3-E477-4D45-9ED4-5EF4AB5B2122} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-125881783-3529542484-4283163711-1002Core1d237127f7ef357 => C:\Users\rac\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E0314B5A-4AC3-4EB7-8293-3B4177AE4657} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {E1933D10-318A-48A6-83A5-E0710E8DA43A} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E404AD9A-412E-492F-B79A-1044B24CF93F} - System32\Tasks\{5FDFA1D4-9245-4B78-93E0-53B2EE602A30} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\rac\Desktop\m\MafiaGame\Game.exe -d C:\Users\rac\Desktop\m\MafiaGame
Task: {E698CDB2-7C90-4891-BBB7-E4E9D5520147} - System32\Tasks\{CF41E095-3969-4798-8663-CC3620D00747} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {E6B5284A-7A72-4C24-B9E2-88D087D7185E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {E9EBF63D-8CBB-4E72-9608-D26B1D163918} - System32\Tasks\{D6139545-3EA0-4A88-85C7-52BCBDCFA220} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {EC09E629-499D-4D53-985A-BC86B89B35FD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4371880 2020-12-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC75088C-AE2C-49DB-AA40-BEA9E2C52283} - System32\Tasks\{E0692184-9C14-46C4-868C-A5ED22AD8B95} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {EE84D0CF-EFB1-4EBF-A77E-65CB03F78E75} - System32\Tasks\{6BC49E26-0352-4B67-B82D-A5C2AFD40163} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {F151C227-909D-4477-A656-4C0F0AB3EC43} - System32\Tasks\{F7F15F30-7ED4-4FE8-B98D-15CD6BDE2FFD} => C:\Program Files (x86)\Ctyrka\ctyrka.exe
Task: {F21C545E-EAAD-4E8D-BF24-4DD53749B104} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {F93D2F83-C185-40A9-BF35-605A1905FE97} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {FCF2A372-3BF9-4109-A798-36821003EE94} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {FFDE7F2E-A9EB-480C-BB1A-2030C36AD48E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115048 2020-12-15] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-125881783-3529542484-4283163711-1002Core1d237127f7ef357.job => C:\Users\rac\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-125881783-3529542484-4283163711-1002UA1d237127fb27c35.job => C:\Users\rac\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf693acc85640e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0417820135779.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d090507810ea16.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0bf4d35426e91.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0e38b55134075.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0eff4c67c102d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d12d1e55f2595b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf693ace27334c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04178210f1cb1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d090507902c7b1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf4d3662d6ea.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e38b5631fb18.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12d1e56f267fb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.38.0.4 8.8.8.8
Tcpip\..\Interfaces\{50a57ce8-e617-468a-8a51-d48c19bb444d}: [DhcpNameServer] 10.38.0.4 8.8.8.8
Tcpip\..\Interfaces\{b4d2713b-d811-44f3-b257-2a04e90ce70d}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{be3b710c-4bbb-412a-a400-6dba94b87197}: [DhcpNameServer] 192.168.1.1

Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\rac\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-27]
Edge DownloadDir: C:\Users\rac\Desktop\finančko
Edge HomePage: Default -> hxxp://www.google.cz/
Edge Extension: (LastPass: Free Password Manager) - C:\Users\rac\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2020-12-14]
Edge Extension: (Avast Online Security) - C:\Users\rac\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2020-06-09]

FireFox:
========
FF ProfilePath: C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\mtbv4cqp.default [2020-06-09]
FF Homepage: Mozilla\Firefox\Profiles\mtbv4cqp.default -> hxxps://www.malwarebytes.org/restorebrowser//?t ... G9R1JLG9RX
FF Extension: (Avast SafePrice) - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\mtbv4cqp.default\Extensions\sp@avast.com.xpi [2018-01-04] [UpdateUrl:hxxps://firefoxextension.avast.com/sp/update.json]
FF Extension: (Avast Online Security) - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\mtbv4cqp.default\Extensions\wrc@avast.com.xpi [2018-08-10]
FF Extension: (Apps Hat) - C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\mtbv4cqp.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF} [2015-03-27] [Legacy] [not signed]
FF SearchPlugin: C:\Users\rac\AppData\Roaming\Mozilla\Firefox\Profiles\mtbv4cqp.default\searchplugins\bingp.xml [2014-01-20]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\SslvpnClient\npccplugin.dll [No File]
FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\SslvpnClient\nptcplugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-07-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-07-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-01-03]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default [2021-01-03]
CHR DownloadDir: C:\Users\rac\Desktop\finančko
CHR Notifications: Default -> hxxps://iluxus.cz; hxxps://web.skype.com; hxxps://www.b2bpartner.cz; hxxps://www.cestujlevne.com; hxxps://www.eobuv.cz; hxxps://www.expondo.cz; hxxps://www.facebook.com; hxxps://www.nev-dama.cz; hxxps://www.trenyrkarna.cz
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.seznam.cz/"
CHR Extension: (Elektronický podpis ČSOB) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahecpanklnlonjjlojnjjcigcbflego [2020-07-14]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-09]
CHR Extension: (Avast Online Security) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-04]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-12-10]
CHR Extension: (TREZOR Chrome Extension) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcjjhjgimijdkoamemaghajlhegmoclj [2018-01-04]
CHR Extension: (Cryptoplus KB - podepisovací modul) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldildmkoeoicfkknedfdpjmgjmpkpooc [2020-07-14]
CHR Extension: (Skype) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Chrome Media Router) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-10]
CHR Profile: C:\Users\rac\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-16]
CHR Profile: C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-12-19]
CHR Notifications: Profile 1 -> hxxps://aliexpress.ru
CHR Extension: (Prezentace) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-14]
CHR Extension: (Dokumenty) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-14]
CHR Extension: (Disk Google) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-14]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-12-19]
CHR Extension: (Tabulky) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-26]
CHR Extension: (Avast Online Security) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-09-21]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-10-30]
CHR Extension: (Skype) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-21]
CHR Extension: (Gmail) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-30]
CHR Extension: (Chrome Media Router) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-16]
CHR Profile: C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-11-09]
CHR Extension: (Prezentace) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-16]
CHR Extension: (Dokumenty) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-16]
CHR Extension: (Disk Google) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-08]
CHR Extension: (YouTube) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-16]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-07-19]
CHR Extension: (Tabulky) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-08]
CHR Extension: (Avast Online Security) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-07-19]
CHR Extension: (Skype) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-08-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-15]
CHR Extension: (Gmail) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-08]
CHR Extension: (Chrome Media Router) - C:\Users\rac\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-08]
CHR Profile: C:\Users\rac\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-16]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [55424 2019-10-31] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2253376 2019-10-31] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2253376 2019-10-31] (ESET, spol. s r.o. -> ESET)
R2 FortiSslvpnDaemon; C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe [945448 2012-08-02] (Fortinet Technologies -> Fortinet Inc.)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [153296 2016-04-26] (Intel(R) Technology Access -> Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [478416 2016-04-26] (Intel(R) Technology Access -> Intel(R) Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6264152 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [337920 2013-07-04] (IDT, Inc.) [File not signed]
R2 Synology Drive VSS Service x64; C:\Program Files (x86)\Synology\SynologyDrive\bin\vss-service-x64.exe [371672 2020-05-08] (Synology Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-12] (Microsoft Corporation) [File not signed]
R1 CLVirtualDrive; C:\WINDOWS\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink -> CyberLink)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-10-31] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-08] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [186832 2019-10-31] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77176 2019-10-31] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [114640 2019-10-31] (ESET, spol. s r.o. -> ESET)
S3 lehidmini; C:\WINDOWS\system32\drivers\leath_hid.sys [39704 2013-06-28] (Atheros Communications Inc. -> Atheros)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [50448 2015-07-28] (Intel(R) Technology Access -> Intel Corporation)
S3 NetTap630; C:\WINDOWS\system32\DRIVERS\nettap630.sys [76560 2015-07-29] (Intel(R) Technology Access -> Intel Corporation)
R3 pppop; C:\WINDOWS\System32\drivers\pppop64.sys [42528 2009-07-21] (Fortinet Technologies -> Fortinet Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [550912 2013-07-04] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-16] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-03 14:20 - 2021-01-03 14:29 - 000000000 ____D C:\FRST
2021-01-03 14:20 - 2021-01-03 14:26 - 000000000 ____D C:\lh
2021-01-03 14:17 - 2021-01-03 14:18 - 000000000 ____D C:\Users\rac\AppData\Local\TeamViewer
2021-01-03 14:17 - 2021-01-03 14:17 - 019178088 _____ (TeamViewer) C:\Users\rac\Downloads\TeamViewerQS (1).exe
2021-01-03 14:14 - 2021-01-03 14:14 - 019178088 _____ (TeamViewer) C:\Users\rac\Downloads\TeamViewerQS.exe
2020-12-31 18:58 - 2020-12-31 18:58 - 000125083 _____ C:\Users\rac\Downloads\Vypis_z_uctu_0-133225043_z_20201130.pdf
2020-12-31 18:57 - 2020-12-31 18:57 - 000125005 _____ C:\Users\rac\Downloads\2911085069.pdf
2020-12-28 19:30 - 2020-12-28 19:30 - 000611763 _____ C:\Users\rac\Downloads\2910940887.pdf
2020-12-24 22:24 - 2020-12-24 22:24 - 000509034 _____ C:\Users\rac\Downloads\2910847730.pdf
2020-12-17 07:43 - 2020-12-17 07:43 - 000000000 ____D C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-16 14:54 - 2020-12-16 14:54 - 000245416 _____ C:\Users\rac\Downloads\20201216_potvrzeni.pdf
2020-12-15 22:29 - 2020-12-15 22:29 - 000002566 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2020-12-15 22:29 - 2020-12-15 22:29 - 000002560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2020-12-15 22:29 - 2020-12-15 22:29 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2020-12-15 22:29 - 2020-12-15 22:29 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2020-12-15 22:29 - 2020-12-15 22:29 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2020-12-15 22:29 - 2020-12-15 22:29 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2020-12-15 22:29 - 2020-12-15 22:29 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2020-12-15 22:29 - 2020-12-15 22:29 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2020-12-15 22:29 - 2020-12-15 22:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2020-12-14 21:47 - 2020-12-14 21:47 - 030565348 _____ C:\Users\rac\Downloads\EMMA_katalog_poznavaci_2021.pdf
2020-12-10 02:14 - 2020-12-10 02:14 - 002045952 _____ C:\WINDOWS\system32\rdpnano.dll
2020-12-10 02:14 - 2020-12-10 02:14 - 000171008 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2020-12-10 02:14 - 2020-12-10 02:14 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth14.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth13.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-10 02:14 - 2020-12-10 02:14 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-10 02:13 - 2020-12-10 02:13 - 001756600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-10 02:13 - 2020-12-10 02:13 - 001366144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 02:13 - 2020-12-10 02:13 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 02:13 - 2020-12-10 02:13 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 02:13 - 2020-12-10 02:13 - 000059392 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-10 02:13 - 2020-12-10 02:13 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 21:42 - 2020-12-09 21:42 - 000607450 _____ C:\Users\rac\Downloads\2910061087.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-03 14:28 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-03 14:25 - 2019-08-23 03:27 - 000004188 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D31CB746-EF05-4E05-87A1-B00AA2F89D67}
2021-01-03 14:23 - 2015-12-12 10:51 - 000000000 ____D C:\Users\rac\Desktop\finančko
2021-01-03 14:18 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-03 14:17 - 2014-05-08 01:39 - 000000000 ____D C:\Users\rac\AppData\Roaming\TeamViewer
2021-01-03 13:59 - 2019-08-23 02:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-03 11:41 - 2020-06-05 10:01 - 000000000 ___RD C:\Users\rac\Desktop\Všichni
2021-01-03 11:41 - 2020-06-05 09:58 - 000000000 ____D C:\Users\rac\AppData\Local\SynologyDrive
2021-01-03 11:41 - 2017-09-04 00:29 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-03 11:41 - 2016-03-18 13:43 - 000000000 __SHD C:\Users\rac\IntelGraphicsProfiles
2020-12-31 20:36 - 2019-05-17 10:21 - 000010727 _____ C:\Users\rac\Desktop\Nájmy z bytů.xlsx
2020-12-31 09:13 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-31 09:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-29 08:02 - 2018-07-20 08:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-12-18 06:36 - 2020-06-08 20:05 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 06:36 - 2020-06-08 20:05 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-17 07:44 - 2014-01-02 17:17 - 000000000 ____D C:\Users\rac\AppData\Roaming\Dropbox
2020-12-15 22:28 - 2018-01-04 21:31 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-12-10 23:58 - 2018-01-04 09:36 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-10 15:49 - 2015-10-10 13:10 - 000000000 ____D C:\Users\rac\Desktop\filmy2
2020-12-10 15:47 - 2014-01-03 14:18 - 000000000 ____D C:\Users\rac\Desktop\Filmy
2020-12-10 03:01 - 2019-08-23 03:10 - 001922382 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-10 03:01 - 2019-03-19 12:57 - 000783062 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-10 03:01 - 2019-03-19 12:57 - 000172644 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-10 02:58 - 2018-01-14 18:06 - 000000000 ___RD C:\Users\rac\3D Objects
2020-12-10 02:58 - 2016-02-13 14:14 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-10 02:55 - 2019-08-23 02:43 - 000448568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-10 02:54 - 2019-08-23 03:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-10 02:53 - 2019-03-19 05:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-12-10 02:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 02:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 02:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-12-10 02:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 02:50 - 2019-03-19 12:59 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-10 02:50 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-10 02:50 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-10 02:50 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-10 02:50 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 02:50 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 02:50 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 02:29 - 2013-12-18 15:20 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-12-10 02:28 - 2009-07-14 03:34 - 000000478 _____ C:\WINDOWS\win.ini
2020-12-10 02:23 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-09 13:39 - 2018-01-14 17:39 - 000000000 ____D C:\Users\rac\AppData\Local\Packages
2020-12-08 20:49 - 2020-10-14 17:47 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-12-08 20:49 - 2020-10-14 17:47 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-12-08 20:49 - 2020-07-15 04:49 - 006244920 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-12-08 20:49 - 2019-08-23 03:27 - 000004632 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-12-08 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-12-08 20:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-12-08 20:11 - 2019-08-23 03:27 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-125881783-3529542484-4283163711-1002
2020-12-08 20:11 - 2019-08-23 02:58 - 000002362 _____ C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-08 20:11 - 2016-03-18 13:48 - 000000000 ___RD C:\Users\rac\OneDrive
2020-12-08 01:26 - 2014-01-02 17:29 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-08 01:26 - 2014-01-02 17:29 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-04 02:26 - 2019-08-23 03:27 - 000003502 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d15da41d8cd172
2020-12-04 02:26 - 2019-08-23 03:27 - 000003378 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d15da41c71e76e

==================== Files in the root of some directories ========

2014-01-18 16:45 - 2014-01-18 16:48 - 000000551 _____ () C:\Users\rac\AppData\Roaming\AutoGK.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by rac (03-01-2021 14:31:20)
Running from C:\lh
Windows 10 Pro Version 1909 18363.1256 (X64) (2019-08-23 02:29:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-125881783-3529542484-4283163711-500 - Administrator - Disabled) => C:\Users\Administrator
david (S-1-5-21-125881783-3529542484-4283163711-1003 - Administrator - Enabled) => C:\Users\david
DefaultAccount (S-1-5-21-125881783-3529542484-4283163711-503 - Limited - Disabled)
Guest (S-1-5-21-125881783-3529542484-4283163711-501 - Limited - Disabled)
rac (S-1-5-21-125881783-3529542484-4283163711-1002 - Administrator - Enabled) => C:\Users\rac
WDAGUtilityAccount (S-1-5-21-125881783-3529542484-4283163711-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{36381D51-CC5E-4698-A0CC-E939C75EC9D8}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{C4CB2534-82F4-F4AF-5767-9EE64EF9EB64}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon iP4600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414) (Version: - Canon Inc.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2921 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3115 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.1.4224 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-125881783-3529542484-4283163711-1002\...\Dropbox) (Version: 112.4.321 - Dropbox, Inc.)
ESET Endpoint Security (HKLM\...\{96402769-F07F-4636-9D99-E2782BA22484}) (Version: 7.2.2055.0 - ESET, spol. s r.o.)
FortiClient SSLVPN v4.0.2270 (HKLM-x32\...\{A34DCE59-0004-0000-2270-3F8A9926B752}) (Version: 4.0.2270 - Fortinet Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{7ED7BF91-D145-480A-B206-6891576F6935}) (Version: 4.6.12.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{C807BEFB-0F17-41AC-B307-D7B5E1553040}) (Version: 5.0.20.1 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6486.0 - IDT)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.7.3.1001 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{810dff4d-564d-47da-b8bc-a3729815aab7}) (Version: 1.9.1.1008 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (HKLM-x32\...\{C1C74874-4E6F-49B8-BBCD-D43E277D8D28}) (Version: 3.4.1942 - Intel Corporation) Hidden
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
J-Link 2.0.2.1073 (HKLM-x32\...\J-Link 2.0.2.1073_is1) (Version: J-Link 2.0.2.1073 - Jablotron Alarms a.s.)
Kerio Outlook Connector (Offline Edition) (HKLM-x32\...\{4B63D34F-93EC-4F79-822B-8CD9D23E270C}) (Version: 8.4.3525 - Kerio Technologies Inc.)
Kerio Updater Service (HKLM-x32\...\{E4360E2F-7A13-4304-98A2-BCCA6D63D459}) (Version: 1.2.62832 - Kerio Technologies, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.12527.21416 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-125881783-3529542484-4283163711-1002\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-125881783-3529542484-4283163711-1002\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 57.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 57.0.3 (x64 cs)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.3 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{CCBD6679-C7CF-2030-2A1F-3640781DF4F4}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21416 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Postal 2 STP - Free Multiplayer Edition (HKLM-x32\...\Postal 2 STP - Free Multiplayer Edition) (Version: - )
PX Profile Update (HKLM-x32\...\{8E7DFB3F-20AA-74DA-D564-666D1F0DDCB7}) (Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.230 - Qualcomm Atheros Communications)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 1.1.9200.18 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.73.618.2013 - Realtek)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Synology Drive Client (HKLM-x32\...\{EBADDBB2-ED88-4FCA-9909-9D12A0EC95DD}) (Version: 6.0.2.11078 - Synology)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.3.0.362 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Validity Fingerprint Sensor Driver (HKLM\...\{F5850B80-27F9-406E-91D3-1329F813BA63}) (Version: 4.5.130.0 - Validity Sensors, Inc.)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.1.17.0_x86__kgqvnymyfvs32 [2020-12-16] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.183.600.0_x86__kgqvnymyfvs32 [2020-12-11] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.6.10.0_x86__h6adky7gbf63m [2020-12-16] (Gameloft SE)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-03-18] (Microsoft Corporation)
Zip Extractor -> C:\Program Files\WindowsApps\BallardAppCraftery.ZipViewer_1.1.0.7_neutral__epyrqhfctk40t [2018-02-17] (Ballard App Craftery)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\rac\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\rac\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll () [File not signed]
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{9E20BE15-3BA4-4848-932C-C60415ED495E} -> [Synology Drive - Dutera] => C:\Users\rac\AppData\Local\SynologyDrive\SystemFolders\1 [2020-06-05 10:04]
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\rac\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\rac\Dropbox [2014-03-30 14:53]
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [dropbox-NamespaceExtensionRole.Business] => 0
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-125881783-3529542484-4283163711-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-06-05] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-06-05] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-06-05] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-06-05] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll [2020-06-05] (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll [2020-12-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll [2020-12-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll [2020-12-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll [2020-12-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll [2020-12-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll [2020-12-15] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll [2020-12-15] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-10-31] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-10-31] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-10-31] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-125881783-3529542484-4283163711-1002: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2020-06-05] () [File not signed]
ContextMenuHandlers1_S-1-5-21-125881783-3529542484-4283163711-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll [2020-12-15] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-125881783-3529542484-4283163711-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll [2020-12-15] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-125881783-3529542484-4283163711-1002: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\rac\AppData\Roaming\Dropbox\bin\DropboxExt64.46.0.dll [2020-12-15] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6_S-1-5-21-125881783-3529542484-4283163711-1002: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\ContextMenu.dll [2020-06-05] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => lvcod64.dll
HKLM\...\Drivers32-x32: [vidc.i420] => lvcodec2.dll
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [179200 2009-01-25] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\rac\Desktop\dusan (Dušan) - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\rac\Desktop\dusan - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\rac\Desktop\Dušan - Chrome (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\rac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\TREZOR Chrome Extension.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=jcjjhjgimijdkoamemaghajlhegmoclj

==================== Loaded Modules (Whitelisted) =============

2015-07-07 10:44 - 2015-07-07 10:44 - 000088064 _____ () [File not signed] C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000345600 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\fct-qt.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 021790171 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\icudt53.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 003506395 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\icuin53.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 002223218 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\icuuc53.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000033280 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qgif.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000043008 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qicns.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000032768 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qico.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000507904 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qjp2.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000239104 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qjpeg.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000430080 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\imageformats\qtiff.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000834555 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libcurl-4.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000121524 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libgcc_s_dw2-1.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 003331103 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libsqlite3-0.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 001547595 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libstdc++-6.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000691712 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\platforms\qwindows.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000156160 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\WinCFWrapper.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000124430 _____ () [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\zlib1.dll
2014-01-04 11:00 - 2009-07-14 02:40 - 000084992 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2020-06-05 09:58 - 2020-06-05 09:58 - 000028672 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Concurrent.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 004620288 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Core.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 003921408 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Gui.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 001448448 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Network.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 006133760 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\Qt5Widgets.dll
2015-02-08 10:53 - 2015-02-08 10:53 - 000501248 _____ (iMatix Corporation) [File not signed] C:\Program Files\Intel Corporation\Intel(R) Technology Access\libzmq-v120-mt-3_2_4.dll
2013-07-30 16:25 - 2013-07-30 16:25 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-07-30 16:25 - 2013-07-30 16:25 - 000514560 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2015-02-08 11:20 - 2015-02-08 11:20 - 000111840 _____ (Intel(R) Technology Access -> NT Kernel Resources) [File not signed] C:\Program Files\Intel Corporation\Intel(R) Technology Access\ndisapi.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000065629 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\libwinpthread-1.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 002781303 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\LIBEAY32.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 000809896 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\bin\SSLEAY32.dll
2020-06-05 09:58 - 2020-06-05 09:58 - 002822144 _____ (TODO: <Company name>) [File not signed] C:\Users\rac\AppData\Local\SynologyDrive\SynologyDrive.app\icon-overlay\22\x64\iconOverlay.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Documents\2014-11-18 18.03.57.jpg:com.dropbox.attributes [918]
AlternateDataStreams: C:\Users\rac\Documents\2014-11-06 12.20.18.jpg:com.dropbox.attributes [918]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-125881783-3529542484-4283163711-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130845970918834968&GUID=00000000-0000-0000-0000-000000000000
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-125881783-3529542484-4283163711-1002 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-125881783-3529542484-4283163711-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-07-27] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-07-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: No Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH -> Eyeo GmbH)
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM-x32 - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-125881783-3529542484-4283163711-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-125881783-3529542484-4283163711-1002\...\sharepoint.com -> hxxps://demostrade-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-18 18:33 - 000000874 _____ C:\WINDOWS\system32\drivers\etc\hosts

2018-10-14 07:08 - 2018-10-14 07:11 - 000000436 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Kerio\Outlook Connector (Offline Edition)\;C:\ProgramData\Oracle\Java\javapath;c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-125881783-3529542484-4283163711-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1 - 10.38.0.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

Network Binding:
=============
Připojení k místní síti: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)
Bezdrátové připojení k síti: Intel(R) Technology Access Filter Driver -> nt_ndisrd (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-125881783-3529542484-4283163711-1002\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_7D481C14D4929887D747373393CCA2F1"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0F082EF9-71F1-4D11-BFF2-E79A6F0A0802}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{886DD75B-AA4D-456B-B294-ED0CEA428C83}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{73DACD1C-D241-4B94-AA6D-A786EBD528C0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E1B8D967-C43B-41B2-BE06-9336489B8998}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BBBBB9CA-97C7-41AB-9975-6AE23CDF72E8}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe => No File
FirewallRules: [{739F48F1-61D1-488C-9135-7ABF2A839273}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe => No File
FirewallRules: [{09C6E238-2383-475D-9EB5-64C08F15D6E2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe => No File
FirewallRules: [{EE7A52D2-C859-41A4-911D-ED9FC6BA2767}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe => No File
FirewallRules: [{4A88CE6A-1932-4F36-ACFA-3F9340115148}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{96E7271E-BCBA-43AC-8530-CF6C8A1E602F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{01221AC7-DD51-4E32-92ED-B23394BE1CDD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8021C36E-25D9-414F-A56B-14EFDC07C9E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E727F9C2-5AB9-4F18-A182-89CFEA931678}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A0C2C7F2-7876-4035-B3CA-F753BDFBFBC9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C598D8BA-BF8C-46C5-BF4F-DC5C2A5CCD77}] => (Block) C:\found.001\google\chrome\application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{499A753F-26D0-4532-92CE-BE2578C66A1D}] => (Block) C:\found.001\google\chrome\application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [UDP Query User{9B380714-7891-46FD-8BD2-EA45B66D629A}C:\found.001\google\chrome\application\chrome.exe] => (Allow) C:\found.001\google\chrome\application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [TCP Query User{6FB0205C-3F86-4578-A27F-E06FB157D46F}C:\found.001\google\chrome\application\chrome.exe] => (Allow) C:\found.001\google\chrome\application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{C1C34D71-4F14-4FF1-B957-4CAE1B494D0B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0E7342F7-609F-40D1-AEA0-DA628DC37AC8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A0330791-14D2-40D0-81A0-120C1A3CFB09}] => (Allow) C:\Users\rac\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{21316BED-D15B-4780-B2EA-9DEB8F0D4162}] => (Allow) C:\Users\rac\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [TCP Query User{81CADBC0-617E-41F1-9D5B-5D12DE497BD6}C:\users\rac\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\rac\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{3357381D-30B3-4A51-9FDD-E71B963F357E}C:\users\rac\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\rac\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{F5F28CB5-47A3-4154-B492-37EFA7E7AEAE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DAC411AF-7604-4B8B-8F9D-675CE5D0FF2C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B86CA484-D42A-4BED-A9DF-9D4520B55164}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E2ECF5B6-BE14-47DB-BA63-D65A6246291B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{98992CA8-22B4-41C6-B211-3E38AA402F8C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{03FF3B1B-62BE-4947-8B1A-E4D86D82F64C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A11E4BF1-BF62-48BC-A7CC-62522C741397}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21D82353-9BA1-4374-A7A7-DA98FB9DBF05}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1C7A3749-423C-49AA-A56D-313D6EF64395}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{97F65E33-CB48-4AA1-AE57-5155641319A3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1836C2B3-828A-4AC4-9A8A-4A3D01047525}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B313525E-87DB-4812-B551-61202E0B6CC3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79BD0883-3001-4D47-8966-8811EDC2399A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B963AFD8-AFCC-4AAA-A058-908D69CA19D9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EAEEB44B-517C-4A22-972C-0BF5A4B66895}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CC04030D-A32B-4645-BD4B-635C05C63909}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6AB8D29A-A012-418E-AABD-BA026D0D1788}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5C280997-177E-4936-BBE1-72565DA139B0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

18-12-2020 06:54:50 Naplánovaný kontrolní bod
27-12-2020 12:54:43 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/03/2021 02:06:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18808,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2021 01:00:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18968,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2021 11:46:39 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16488,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/03/2021 11:41:00 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (01/03/2021 11:40:48 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (01/03/2021 11:40:47 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (01/03/2021 11:40:46 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (01/03/2021 07:33:45 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15656,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (01/03/2021 02:03:01 PM) (Source: DCOM) (EventID: 10010) (User: nb-rac)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/03/2021 11:41:08 AM) (Source: DCOM) (EventID: 10010) (User: nb-rac)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/03/2021 08:52:37 AM) (Source: DCOM) (EventID: 10010) (User: nb-rac)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/02/2021 08:52:45 PM) (Source: DCOM) (EventID: 10010) (User: nb-rac)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/02/2021 02:02:45 PM) (Source: DCOM) (EventID: 10010) (User: nb-rac)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/02/2021 09:11:16 AM) (Source: DCOM) (EventID: 10010) (User: nb-rac)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/02/2021 09:09:31 AM) (Source: DCOM) (EventID: 10010) (User: nb-rac)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/02/2021 04:01:36 AM) (Source: DCOM) (EventID: 10010) (User: nb-rac)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2020-01-16 08:13:50.211
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.A
ID: 2147729066
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.299.2625.0, AS: 1.299.2625.0, NIS: 1.299.2625.0
Verze modulu: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-23 07:54:35.429
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:JS/CoinHive.A
ID: 2147729066
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\AVAST Software\Avast\report\WebShield.txt
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Verze bezpečnostních informací: AV: 1.299.2625.0, AS: 1.299.2625.0, NIS: 1.299.2625.0
Verze modulu: AM: 1.1.16200.1, NIS: 1.1.16200.1

CodeIntegrity:
===================================

Date: 2021-01-03 12:57:03.141
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-03 12:57:03.134
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-03 12:57:02.975
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-03 02:55:06.772
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-03 02:55:06.769
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-03 02:55:06.761
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-03 02:55:06.758
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2021-01-03 02:55:06.682
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Hewlett-Packard L74 Ver. 01.02 09/10/2013
Motherboard: Hewlett-Packard 1940
Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 77%
Total physical RAM: 7849.11 MB
Available physical RAM: 1748.37 MB
Total Virtual: 11535.15 MB
Available Virtual: 4197.51 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:915.79 GB) (Free:73.95 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.72 GB) (Free:1.38 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32

\\?\Volume{02053858-0000-0000-0000-100000000000}\ (SYSTEM) (Fixed) (Total:1 GB) (Free:0.61 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 02053858)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=915.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[JaRon]

ahoj,
pokial tam mas legalne ESET, tak AVAST mozes odinstalovat
je tam jedna hlaska od Defendera - falosny poplach
doporucujem vycistit PC s CCleanerom a ADWCleanerom, ale nic vazne tam nevidiet