log Hijack Vyřešeno

[Paull]

Vkládám log Hijack. Bohužel program Zoek se mi nedaří spustit, vždy jen problikne černé (vypadá jak dosovské) okno a zmizí. Firewall vypnutý, ale antivir Comodo nelze úplně vypnout. Když Comodo vypnu, naskočí hláška, že se vypne, ale na pozadí budu stále chráněn???.
Jinak problém se stahováním stále aktuální (

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:06:59, on 13.12.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe
C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe
C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe
C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe
C:\WINDOWS\SysWOW64\DllHost.exe
C:\Users\Pavel\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.60\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O4 - HKLM\..\Run: [IseUI] C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\Pavel\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiprot.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Internet Security Protected Helper Service (CmdAgentProt) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_76aa37 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: SpyHunter 5 Kernel (EsgShKernel) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: isesrv - COMODO - C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: ELSA Administration Service (LcSvrAdm) - Volkswagen AG - C:\ElsaWin\bin\LcSvrAdm.exe
O23 - Service: ELSA Auftragsverwaltungs Service (LcSvrAuf) - Volkswagen AG - C:\ElsaWin\bin\LcSvrAuf.exe
O23 - Service: ELSA DBA Server (LcSvrDba) - Volkswagen AG - C:\ElsaWin\bin\LcSvrDba.exe
O23 - Service: ELSA Historie Server (LcSvrHis) - Volkswagen AG - C:\ElsaWin\bin\LcSvrHis.exe
O23 - Service: ELSA PASS Server (LcSvrPAS) - Volkswagen AG - C:\ElsaWin\bin\LcSvrPas.exe
O23 - Service: ELSA APOSpro Server (LcSvrSaz) - Volkswagen AG - C:\ElsaWin\bin\LcSvrSaz.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: McAfee WebAdvisor - Unknown owner - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: SpyHunter 5 Kernel Monitor (ShMonitor) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @oem19.inf,%WirelessKB850NotificationSvcDisplayName%;Wireless Keyboard 850 Notification Service (WirelessKB850NotificationService) - Unknown owner - C:\WINDOWS\system32\WirelessKB850NotificationService.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13233 bytes

[Reklama]

[jaro3]

vypnutí Comodo:
https://help.comodo.com/topic-394-1-767-12112-.html

- Vypnout rez. štíty antiviru i firewall ( nechat vypnuto po celou dobu čištění)
- stáhnout nový zoek na plochu
-spustit zoek jako správce ( náběh trvá někdy dlouho)
- vložit script a kliknout na na run script.
- nechat pracovat , někdy trvá i několik hodin

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[Paull]

Comodo vypnuto dle návodu (děkuji za návod jak na to) a samozřejmě i Firewall, ale Zoek se při spouštění chová stále stejně. Někdy se i stalo, že vyškočila hláška, že systém nenašel soubor "poez.exe" a v takovém případě nedošlo ani k probliknutí toho černého okna
Provedeno fixnutí dle požadavku výše (při odpojení od netu). Problém s nemožností stahovat stále trvá. Soubor se ve skutečnosti stáhne, ale nakonec vyskočí chybová hláška, "Chyba-Při vyhledávání virů došlo k chybě" a stahovaný soubor se neuloží.

[jaro3]

použij:
https://uloz.to/file/nFH1LwSrGioP/zoek1-rar

Smaž zoek z plochy , smaž C:\_zoek a C:\_zoek_backup.
Vypni antivir a firewall.Nech vypnutý i po celou dobu čištění.
Stáhni znovu zoek a pokračuj podle návodu.
zoek je třeba postupovat takto:
Smaž zoek z plochy , smaž C:\_zoek a C:\_zoek_backup.
Vypni antivir a firewall.Nech vypnutý i po celou dobu čištění.
Stáhni znovu zoek a pokračuj podle návodu.

- Vypnout rez. štíty antiviru i firewall ( nechat vypnuto po celou dobu čištění)
- stáhnout nový zoek na plochu
-spustit zoek jako správce ( náběh trvá někdy dlouho)
- vložit script a kliknout na na run script.
- nechat pracovat , někdy trvá i několik hodin

pokud nepůjde :
Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Paull]

Zoek se mi ani tak nepodařilo rozjet...
Přikládám Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2020
Ran by Pavel (13-12-2020 17:49:11)
Running from C:\Users\Pavel\Desktop
Windows 10 Pro Version 2004 19041.685 (X64) (2020-07-26 16:11:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1980947671-2380292906-1612769214-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1980947671-2380292906-1612769214-503 - Limited - Disabled)
Guest (S-1-5-21-1980947671-2380292906-1612769214-501 - Limited - Disabled)
Lukáš (S-1-5-21-1980947671-2380292906-1612769214-1002 - Limited - Enabled) => C:\Users\Lukáš
Pavel (S-1-5-21-1980947671-2380292906-1612769214-1001 - Administrator - Enabled) => C:\Users\Pavel
Vojta (S-1-5-21-1980947671-2380292906-1612769214-1003 - Limited - Enabled) => C:\Users\Vojta
WDAGUtilityAccount (S-1-5-21-1980947671-2380292906-1612769214-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Disabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
COMODO Antivirus (HKLM\...\{E6B0FD8D-8799-441B-8734-B8A266C0C303}) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.) Hidden
COMODO Antivirus (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 111.4.472 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
ElsaWin (HKLM-x32\...\ElsaWin) (Version: 4.00 - )
Excel (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.28 - PandoraTV)
LEGO® Piráti z Karibiku Počítačová hra UKÁZKA (HKLM-x32\...\{A85568D7-A01E-4E05-AFEE-4A1852D70281}) (Version: 1.0.0.0 - Disney Interactive Studios)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.2.0 - LG Electronics)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13426.20308 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.13426.20308 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 83.0 (x64 cs) (HKLM\...\Mozilla Firefox 83.0 (x64 cs)) (Version: 83.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Outlook (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
PowerPoint (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
RogueKiller version 14.8.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.0.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.8.0 - Sophos Limited)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.10.4.217 - EnigmaSoft Limited)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.12.4 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Trust 100K Series Webcam (HKLM-x32\...\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}) (Version: 1.0.4.15 - Trust)
Trust WB-1400T Webcam (HKLM-x32\...\{30837A37-8F9F-4817-8B52-C501B67DC3BE}) (Version: 1.0.4.7 - PC Camera) Hidden
Trust WB-1400T Webcam (HKLM-x32\...\InstallShield_{30837A37-8F9F-4817-8B52-C501B67DC3BE}) (Version: 1.0.4.7 - PC Camera)
UCheck version 3.10.0.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 3.10.0.0 - Adlice Software)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.170 - McAfee, LLC)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Word (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.0.83.0_x86__kgqvnymyfvs32 [2020-12-01] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.48.2.0_x86__kgqvnymyfvs32 [2020-11-30] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-30] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-12] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1980947671-2380292906-1612769214-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Pavel\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1980947671-2380292906-1612769214-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Pavel\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-1980947671-2380292906-1612769214-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Pavel\Dropbox [2019-07-04 16:40]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Pavel\Desktop\Pavel - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Pavel\Desktop\Petra - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Loaded Modules (Whitelisted) =============

2011-12-06 16:03 - 2011-12-06 16:03 - 000364032 _____ (Volkswagen AG) [File not signed] C:\ElsaWin\bin\vfc10u.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-11-20] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-11-20] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiprot.dll [2011-12-06] (TODO: <Company name>) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "IseUI"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{E1F2E024-B467-428E-B7AF-F4714ECAF835}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{8DCDB269-3345-4B43-A914-C9CDFDBE2899}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

12-12-2020 15:44:55 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/13/2020 05:40:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek (1).exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0x1d44
Čas spuštění chybující aplikace: 0x01d6d16e9a9e1cad
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek1\zoek (1).exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 79dfebe5-36c0-4c77-9edc-b5ef4aa36b61
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/13/2020 03:41:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0x3dc8
Čas spuštění chybující aplikace: 0x01d6d15e0f834cec
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek1\zoek1\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: c103a564-278c-4f93-bbae-98fe6a5928e1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/13/2020 02:18:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek (1).exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0xf04
Čas spuštění chybující aplikace: 0x01d6d152797dbc69
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek1\zoek1\zoek (1).exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 92bcc165-572d-4376-b953-db0a244bc679
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/13/2020 02:12:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0x42d8
Čas spuštění chybující aplikace: 0x01d6d1518bf41dbf
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8f35c9c0-46f2-42ed-9988-d5261d75734f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/13/2020 02:11:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0x37c4
Čas spuštění chybující aplikace: 0x01d6d15171f5e2e6
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek1\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 7f731308-ff1e-49bb-9eb2-54c9d5d5ee9a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/13/2020 02:10:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0x43a0
Čas spuštění chybující aplikace: 0x01d6d1515303eb47
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek1\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 6d2fc6d3-85aa-44c9-8535-4322a0d5540f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/13/2020 02:07:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0x299c
Čas spuštění chybující aplikace: 0x01d6d150dd823dc1
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek1\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f4c50262-54f9-4006-b51b-2e8203fdfde6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/13/2020 02:06:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0x2edc
Čas spuštění chybující aplikace: 0x01d6d150ba6c0308
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek1\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 1ee6ea96-0592-43fd-a3b1-b9da748e5fa8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/13/2020 12:52:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/13/2020 12:50:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/13/2020 12:48:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/12/2020 11:20:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Soubor nebo adresář je porušen a není čitelný.

Error: (12/12/2020 11:19:52 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (12/12/2020 11:19:52 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (12/12/2020 03:45:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (12/12/2020 03:41:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Soubor nebo adresář je porušen a není čitelný.


Windows Defender:
===================================
Date: 2020-12-13 17:48:58.1500000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Vigorf.A
ID: 2147714384
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Pavel\Downloads\EW400.rar
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-54V8III\Pavel
Název procesu: C:\Users\Pavel\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.329.332.0, AS: 1.329.332.0, NIS: 1.329.332.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

CodeIntegrity:
===================================

Date: 2020-12-13 17:42:30.6200000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 17:42:30.6140000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-13 17:42:27.4840000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 17:42:27.4770000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-13 17:42:26.8770000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 17:42:26.8720000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-13 17:42:24.3390000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 17:42:24.3320000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P2.40 08/29/2014
Motherboard: ASRock B85M
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 52%
Total physical RAM: 8111.44 MB
Available physical RAM: 3842.31 MB
Total Virtual: 18863.44 MB
Available Virtual: 13796.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.56 GB) (Free:71.04 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1863.01 GB) (Free:1285.51 GB) NTFS

\\?\Volume{7d762e9c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 7D762E9C)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: DA29E555)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Paull]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2020
Ran by Pavel (administrator) on DESKTOP-54V8III (13-12-2020 17:50:58)
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel
Platform: Windows 10 Pro Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe <4>
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2010.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAuf.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrSaz.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PAC207_Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Pavel\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-11-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\MountPoints2: {0c5adc7c-ec66-11e9-b65a-d050994a9cdb} - "E:\LaunchU3.exe" -a
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01A42326-5535-4EE8-A40F-B5A5DA8317E5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {02C8DDB1-C49F-42EC-96C1-0D42B1875995} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {0D48BA2F-D57C-4FF6-B8B8-FF22234CEB5A} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {0EBD759C-FAC8-48E0-9A21-65C21FFCA1F3} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {41752928-BE09-4617-8FB0-F4B1C1EEBD4C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {46A3A71E-9CD1-44EE-BD05-28F5DF72D6D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-29] (Google LLC -> Google LLC)
Task: {567F5FE2-8A4C-47E4-AEB8-8B55C386D670} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {6FDE22AF-3411-4CDC-AF82-62E9700937D6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7941822E-D19B-4FFB-9239-AC32A009299B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {98AB208C-D9AC-41B6-A0F2-7F326490378A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A10C748A-3CCF-40F2-8AF2-59D25DABC8BB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B0092A80-6BFF-4860-A5D1-4143545A4D55} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineCore" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineUA" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1001" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1002" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1003" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {BF4D3000-7102-41A8-9FF0-B43CA8245119} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C068BB52-57D6-46BB-89FC-3EACCC2A5B1F} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D241C240-B5E7-4DE8-B6F6-2E2197A25D79} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {D66758A6-2CA1-4C00-88E5-BB62C46B7432} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-29] (Google LLC -> Google LLC)
Task: {DE60C0B9-6848-47AE-B351-8CF506E30E0A} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E50541CB-3095-44B8-AD9D-7358647C6889} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {F1E04075-652C-439E-BD2E-822181507E7D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F473C18A-8EDA-49A2-A125-061110D978A4} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F696D250-5598-48DF-B510-AEECC1F6C5C7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7eb22d12-97e0-44b4-97ad-92edad7b2398}: [DhcpNameServer] 192.168.0.1

Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-13]
Edge Extension: (Outlook) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-19]
Edge Extension: (Word) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-19]
Edge Extension: (Excel) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-19]
Edge Extension: (PowerPoint) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-19]

FireFox:
========
FF DefaultProfile: 9n2nyuzz.default
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\9n2nyuzz.default [2020-11-29]
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\15meqnet.default-release [2020-12-13]
FF Session Restore: Mozilla\Firefox\Profiles\15meqnet.default-release -> is enabled.
FF Extension: (No Name) - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\15meqnet.default-release\Extensions\wrc@avast.com.xpi [2020-11-29] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (No Name) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-11-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default [2020-12-13]
CHR Notifications: Default -> hxxps://www.svetandroida.cz
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=B22974E50B0B99A9&affID=44444&tsp=4920","hxxp://www.google.com/","hxxp://www.search.ask.com/?tpid=ORJ-V7-SAT&o=APN11467&pf=V7&trgb=CR&p2=%5EBED%5EOSJ000%5EYY%5ECZ&gct=hp&apn_ptnrs=BED&apn_dtid=%5EOSJ000%5EYY%5ECZ&apn_dbr=cr_34.0.1847.131&apn_uid=EF1A8E44-606D-43E1-BB14-A5923F94D8DA&itbv=12.10.6.53&doi=2014-05-01&psv=","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-29]
CHR Extension: (Dokumenty) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-29]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-29]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-29]
CHR Extension: (Tabulky) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-29]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-12-09]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-12-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-29]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-29]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-29]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-12-13]
CHR DefaultSearchURL: Profile 2 -> hxxps:\/\/search.yahoo.com\/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> mcafee
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-01]
CHR Extension: (Dokumenty) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-01]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-01]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-01]
CHR Extension: (Tabulky) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-12-01]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-01]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
S2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [12874296 2020-11-29] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2011-12-06] (Volkswagen AG) [File not signed]
R3 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321472 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [477696 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2011-12-06] (Volkswagen AG) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [955656 2020-11-21] () [File not signed]
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13666872 2020-11-17] (Adlice -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [524856 2020-11-29] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12720144 2020-11-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-12-13] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [39056 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844176 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-13 17:49 - 2020-12-13 17:50 - 000036688 _____ C:\Users\Pavel\Desktop\Addition.txt
2020-12-13 17:46 - 2020-12-13 17:51 - 000026379 _____ C:\Users\Pavel\Desktop\FRST.txt
2020-12-13 17:46 - 2020-12-13 17:51 - 000000000 ____D C:\FRST
2020-12-13 17:44 - 2020-12-13 17:44 - 002286592 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2020-12-13 17:38 - 2020-11-11 22:29 - 000000000 ____D C:\Users\Pavel\Desktop\zoek1
2020-12-13 16:04 - 2020-12-13 16:04 - 000000000 ____D C:\Users\Pavel\Downloads\backups
2020-12-13 15:37 - 2020-12-13 15:37 - 001800862 _____ C:\Users\Pavel\Downloads\zoek.rar
2020-12-13 14:26 - 2020-12-13 14:26 - 000000000 ____D C:\Users\Pavel\Desktop\ZemanaAntimalware
2020-12-13 14:24 - 2020-12-13 17:51 - 002390277 _____ C:\WINDOWS\ZAM.krnl.trace
2020-12-13 14:24 - 2020-12-13 14:24 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-12-13 14:24 - 2020-12-13 14:24 - 000003558 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-12-13 14:24 - 2020-12-13 14:24 - 000002680 _____ C:\WINDOWS\system32\Tasks\AMSkipUAC
2020-12-13 14:24 - 2020-12-13 14:24 - 000001333 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\Users\Pavel\AppData\Local\Zemana
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-12-13 14:23 - 2020-12-13 14:24 - 000000000 ____D C:\Users\Pavel\AppData\Local\AMSDK
2020-12-13 14:21 - 2020-12-13 14:21 - 012795472 _____ (Zemana Ltd. ) C:\Users\Pavel\Desktop\AntiMalware_Setup.exe
2020-12-13 14:00 - 2020-12-13 14:00 - 000000000 ____D C:\Users\Pavel\AppData\LocalLow\IGDump
2020-12-12 23:14 - 2020-12-12 23:14 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Sun
2020-12-12 23:11 - 2020-12-12 23:11 - 000000797 _____ C:\Users\Public\Desktop\UCheck.lnk
2020-12-12 23:11 - 2020-12-12 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
2020-12-12 23:10 - 2020-12-12 23:11 - 000000000 ____D C:\ProgramData\UCheck
2020-12-12 23:10 - 2020-12-12 23:11 - 000000000 ____D C:\Program Files\UCheck
2020-12-12 23:09 - 2020-12-12 23:09 - 026045184 _____ (Adlice Software ) C:\Users\Pavel\Desktop\ucheck.exe
2020-12-12 19:19 - 2020-12-12 19:19 - 000000859 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-12-12 19:19 - 2020-12-12 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-12-12 19:19 - 2020-12-12 19:19 - 000000000 ____D C:\Program Files\RogueKiller
2020-12-12 19:18 - 2020-12-12 19:24 - 000000000 ____D C:\ProgramData\RogueKiller
2020-12-12 19:17 - 2020-12-12 19:17 - 040473968 _____ (Adlice Software ) C:\Users\Pavel\Desktop\setup.exe
2020-12-12 16:23 - 2020-12-12 16:23 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\ProgramData\Sophos
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-12-12 16:21 - 2020-12-12 16:21 - 181496840 _____ (Sophos Limited) C:\Users\Pavel\Desktop\Sophos Virus Removal Tool.exe
2020-12-12 15:48 - 2020-12-12 15:48 - 000001153 _____ C:\Users\Pavel\Desktop\JRT.txt
2020-12-12 15:43 - 2020-12-12 15:43 - 000002420 _____ C:\Users\Pavel\Desktop\AdwCleaner[C07].txt
2020-12-12 15:31 - 2020-12-12 15:31 - 001790024 _____ (Malwarebytes) C:\Users\Pavel\Desktop\JRT.exe
2020-12-12 13:12 - 2020-12-12 15:56 - 000005357 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-12_12_2020.txt
2020-12-12 13:09 - 2020-12-12 13:09 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-12 13:09 - 2020-12-12 13:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-11 23:42 - 2020-12-11 23:42 - 008447152 _____ (Malwarebytes) C:\Users\Pavel\Downloads\AdwCleaner(1).exe
2020-12-11 22:37 - 2020-12-11 22:37 - 000448512 _____ (OldTimer Tools) C:\Users\Pavel\Downloads\TFC(1).exe
2020-12-11 22:34 - 2020-12-11 22:34 - 000388608 _____ (Trend Micro Inc.) C:\Users\Pavel\Downloads\HijackThis.exe
2020-12-11 20:01 - 2020-12-11 20:01 - 000000000 ____D C:\Users\Lukáš\AppData\Local\D3DSCache
2020-12-11 17:08 - 2020-12-11 17:08 - 000007893 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-11_12_2020.txt
2020-12-10 20:34 - 2020-12-10 20:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-10 20:34 - 2020-12-10 20:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-10 20:34 - 2020-12-10 20:34 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 20:34 - 2020-12-10 20:34 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-10 20:34 - 2020-12-10 20:34 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-10 20:33 - 2020-12-10 20:33 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 20:33 - 2020-12-10 20:33 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 20:33 - 2020-12-10 20:33 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 17:20 - 2020-12-09 19:58 - 000111274 _____ C:\WINDOWS\ntbtlog.txt
2020-12-09 17:20 - 2020-12-09 17:20 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-12-07 17:02 - 2020-12-07 17:03 - 000000000 ____D C:\Users\Pavel\Desktop\Vojta
2020-12-07 17:01 - 2020-12-07 17:01 - 006056089 _____ C:\Users\Pavel\Downloads\iCloud Photos(1).zip
2020-12-07 13:41 - 2020-12-07 13:41 - 000000000 ____D C:\Users\Lukáš\AppData\Local\CrashDumps
2020-12-07 09:55 - 2020-12-07 09:55 - 000005065 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-7_12_2020.txt
2020-12-05 18:28 - 2020-12-05 18:28 - 002719648 _____ C:\Users\Pavel\Downloads\iCloud Photos.zip
2020-12-05 18:25 - 2020-12-06 17:00 - 000000000 ____D C:\Users\Lukáš\AppData\LocalLow\Mozilla
2020-12-05 18:25 - 2020-12-05 18:25 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Mozilla
2020-12-05 18:25 - 2020-12-05 18:25 - 000000000 ____D C:\Users\Lukáš\AppData\Local\Mozilla
2020-12-04 18:00 - 2020-12-04 18:00 - 000008093 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes.txt
2020-12-03 08:12 - 2020-12-03 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-02 17:45 - 2020-12-02 17:45 - 000448512 _____ (OldTimer Tools) C:\Users\Pavel\Downloads\TFC.exe
2020-12-02 17:42 - 2020-12-02 17:42 - 000050688 _____ (Atribune.org) C:\Users\Pavel\Downloads\atf-cleaner.exe
2020-12-02 17:41 - 2020-12-06 17:26 - 000000000 ____D C:\Users\Vojta\AppData\LocalLow\Mozilla
2020-12-02 17:41 - 2020-12-02 17:41 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\Mozilla
2020-12-02 17:41 - 2020-12-02 17:41 - 000000000 ____D C:\Users\Vojta\AppData\Local\Mozilla
2020-12-02 14:01 - 2020-12-02 14:01 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\Avast Software
2020-12-02 14:01 - 2020-12-02 14:01 - 000000000 ____D C:\Users\Vojta\AppData\Local\CEF
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-12-01 19:05 - 2020-12-01 21:15 - 000002438 _____ C:\Users\Pavel\Desktop\Petra - Chrome.lnk
2020-12-01 18:57 - 2020-12-01 20:06 - 000002394 _____ C:\Users\Pavel\Desktop\Pavel - Chrome.lnk
2020-11-30 12:44 - 2020-11-30 12:44 - 000481422 _____ C:\Users\Pavel\Downloads\informace-k-prijimacimu-rizeni-v-roce-2020-2021-2011152339.pdf
2020-11-30 09:51 - 2020-11-30 09:51 - 000000000 ____D C:\Users\Pavel\AppData\Local\OneDrive
2020-11-29 20:48 - 2020-12-11 23:40 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-29 20:48 - 2020-12-11 23:40 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-29 20:48 - 2020-12-03 16:55 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-29 20:48 - 2020-12-03 16:55 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-29 20:48 - 2020-11-29 20:48 - 000000000 ____D C:\Program Files\Google
2020-11-29 20:40 - 2020-11-29 20:40 - 001317080 _____ (Google LLC) C:\Users\Pavel\Downloads\ChromeSetup.exe
2020-11-29 19:50 - 2020-11-29 19:50 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Avast Software
2020-11-29 19:50 - 2020-11-29 19:50 - 000000000 ____D C:\Users\Lukáš\AppData\Local\CEF
2020-11-29 16:19 - 2020-11-29 16:19 - 000001055 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2020-11-29 16:19 - 2020-11-29 16:19 - 000000000 ____D C:\sh5ldr
2020-11-29 16:19 - 2020-11-29 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-11-29 16:19 - 2020-11-29 16:19 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2020-11-29 16:18 - 2020-11-29 16:18 - 006542392 _____ (EnigmaSoft Limited) C:\Users\Pavel\Downloads\SpyHunter-Installer.exe
2020-11-29 16:18 - 2020-11-29 16:18 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-11-29 15:49 - 2020-12-12 13:10 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-29 15:49 - 2020-12-12 13:10 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-29 15:49 - 2020-12-12 13:09 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-29 15:49 - 2020-11-29 15:49 - 000000000 ____D C:\Users\Pavel\AppData\Local\mbam
2020-11-29 15:48 - 2020-11-29 15:48 - 002076624 _____ (Malwarebytes) C:\Users\Pavel\Downloads\MBSetup.exe
2020-11-29 15:48 - 2020-11-29 15:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-29 15:48 - 2020-11-29 15:48 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-29 15:39 - 2020-11-29 15:40 - 000000000 ____D C:\AdwCleaner
2020-11-29 15:39 - 2020-11-29 15:39 - 008447152 _____ (Malwarebytes) C:\Users\Pavel\Desktop\AdwCleaner.exe
2020-11-29 15:26 - 2020-12-13 17:44 - 000000000 ____D C:\Users\Pavel\AppData\LocalLow\Mozilla
2020-11-29 15:26 - 2020-12-13 17:43 - 000000000 ____D C:\ProgramData\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000907 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-29 15:26 - 2020-11-29 15:26 - 000000895 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Users\Pavel\AppData\Local\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-29 14:52 - 2020-12-11 23:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-11-29 14:52 - 2020-11-29 14:52 - 000000000 ____D C:\Users\Pavel\AppData\Local\CEF
2020-11-29 14:51 - 2020-12-11 23:40 - 000000000 ____D C:\ProgramData\Avast Software
2020-11-29 14:51 - 2020-11-29 14:41 - 000220784 _____ (AVAST Software) C:\Users\Pavel\Desktop\avast_free_antivirus_setup_online.exe
2020-11-27 15:28 - 2020-12-11 23:40 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2020-11-27 15:28 - 2020-11-27 15:28 - 000000009 _____ C:\ProgramData\updateSuccess.txt
2020-11-24 23:22 - 2020-11-24 23:22 - 000191489 _____ C:\Users\Pavel\Desktop\Informace o správci příloh v systému Microsoft Windows.pdf
2020-11-19 20:18 - 2020-11-19 21:13 - 994668031 _____ C:\Users\Pavel\Downloads\homeland.s08e10.720p.web.h264-xlf CZ titulky.mkv
2020-11-19 20:18 - 2020-11-19 20:53 - 627646849 _____ C:\Users\Pavel\Downloads\Homeland.S08E11.PROPER.1080p.WEB.H265-GHOSTS.mkv
2020-11-19 20:17 - 2020-11-19 21:44 - 1575001566 _____ C:\Users\Pavel\Downloads\Homeland.S08E09.iNTERNAL.720p.WEB.H264-AMRAP.mkv
2020-11-19 20:16 - 2020-11-19 21:19 - 1061188793 _____ C:\Users\Pavel\Downloads\homeland.s08e08.720p.web.x264-poke.mkv
2020-11-19 18:42 - 2020-11-19 18:59 - 313236444 _____ C:\Users\Pavel\Downloads\homeland.s08e07.web.h264-xlf.mkv
2020-11-19 18:41 - 2020-11-19 19:15 - 584615234 _____ C:\Users\Pavel\Downloads\Homeland.S08E06.720p_CZtitulky.mp4
2020-11-19 18:40 - 2020-11-19 19:21 - 748053683 _____ C:\Users\Pavel\Downloads\Homeland.S08E05.Chalk.Two.Down.1080p.10bit.WEBRip.2CH.CZ.x265.HEVC-BB.mkv
2020-11-19 18:38 - 2020-11-19 19:55 - 1292509008 _____ C:\Users\Pavel\Downloads\Ve jménu vlasti_Homeland_S08E02_1080i. CZ_BoZ_.mkv
2020-11-18 11:01 - 2020-11-20 20:10 - 000000000 ____D C:\Users\Vojta\Desktop\Vojta
2020-11-17 19:12 - 2020-11-17 20:44 - 1496113174 _____ C:\Users\Pavel\Downloads\Ve jménu vlasti_Homeland_S08E04_1080i. CZ_BoZ_.mkv
2020-11-17 19:12 - 2020-11-17 20:23 - 1141914868 _____ C:\Users\Pavel\Downloads\Ve jménu vlasti_Homeland_S08E03_1080i. CZ_BoZ_.avi
2020-11-17 19:11 - 2020-11-17 20:03 - 863177026 _____ C:\Users\Pavel\Downloads\Homeland.S08E01.Deception.Indicated.1080p.10bit.WEBRip.2CH.CZ.x265.HEVC-BB.mkv
2020-11-17 19:10 - 2020-11-17 19:28 - 335361753 _____ C:\Users\Pavel\Downloads\Homeland.S07E12.WEB.H264-DEFLATE.rar
2020-11-15 11:01 - 2020-11-15 11:01 - 000000000 ____D C:\Users\Pavel\Downloads\IOXWebcamX-1.1 (2)
2020-11-15 10:59 - 2005-05-05 20:53 - 011330560 _____ C:\Users\Pavel\Downloads\IOXWebcamX-1.1
2020-11-14 13:11 - 2020-11-14 13:11 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Goldberg SteamEmu Saves
2020-11-14 13:11 - 2020-11-14 13:11 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Axolot Games
2020-11-14 13:11 - 2020-11-14 13:11 - 000000000 ____D C:\Users\Lukáš\AppData\Local\Axolot Games
2020-11-13 22:41 - 2020-11-13 22:41 - 000001568 _____ C:\Users\Lukáš\Desktop\ScrapMechanic – zástupce.lnk
2020-11-13 22:40 - 2020-11-13 22:41 - 000000000 ____D C:\Programy
2020-11-13 10:58 - 2020-11-13 10:58 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Goldberg SteamEmu Saves
2020-11-13 10:58 - 2020-11-13 10:58 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Axolot Games
2020-11-13 10:58 - 2020-11-13 10:58 - 000000000 ____D C:\Users\Pavel\AppData\Local\Axolot Games
2020-11-13 10:47 - 2020-11-13 10:51 - 752013152 _____ C:\Users\Lukáš\Downloads\Scrap.Mechanic.v0.4.8.595.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-13 17:40 - 2019-07-14 07:19 - 000000000 ____D C:\Users\Pavel\AppData\Local\CrashDumps
2020-12-13 17:40 - 2019-07-05 19:35 - 000109116 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2020-12-13 17:36 - 2019-06-05 18:47 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2020-12-13 17:27 - 2020-07-26 17:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-13 17:22 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-13 15:40 - 2019-06-05 18:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-13 13:54 - 2019-06-05 18:47 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-13 12:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-13 12:43 - 2019-06-05 18:46 - 000000000 ___RD C:\Users\Pavel\OneDrive
2020-12-12 23:27 - 2020-07-26 17:09 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-12 23:27 - 2019-12-07 15:43 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-12 23:27 - 2019-12-07 15:43 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-12 23:27 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-12 23:20 - 2020-07-26 17:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-12 23:20 - 2020-07-26 17:03 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-12 23:20 - 2020-03-26 20:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-12-12 23:19 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-12-12 23:15 - 2020-07-26 17:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1001
2020-12-12 23:15 - 2020-07-26 17:04 - 000002365 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-12 23:15 - 2019-12-16 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-12 23:15 - 2019-12-16 13:24 - 000000000 ____D C:\Program Files\Java
2020-12-12 23:13 - 2019-12-16 13:24 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-12-12 19:43 - 2020-06-05 15:58 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-12 19:43 - 2020-06-05 15:58 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-12 19:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-12 13:09 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-12 10:00 - 2020-10-29 19:19 - 000001425 _____ C:\Users\Lukáš\Desktop\Roblox Player.lnk
2020-12-12 10:00 - 2020-10-29 19:18 - 000001248 _____ C:\Users\Lukáš\Desktop\Roblox Studio.lnk
2020-12-12 10:00 - 2020-10-29 19:18 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-12-11 23:46 - 2019-06-27 21:25 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-12-11 23:46 - 2019-06-27 21:25 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-12-11 23:40 - 2020-07-26 17:11 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-11 23:40 - 2020-07-26 17:11 - 000003452 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-12-11 23:40 - 2020-07-26 17:11 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-11 23:40 - 2020-07-26 17:11 - 000003228 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-12-11 23:40 - 2020-07-26 17:11 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1003
2020-12-11 23:40 - 2020-07-26 17:11 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1002
2020-12-11 22:40 - 2019-06-05 18:42 - 000000000 ____D C:\Users\Pavel\AppData\Local\VirtualStore
2020-12-11 19:32 - 2020-10-29 18:31 - 000001425 _____ C:\Users\Vojta\Desktop\Roblox Player.lnk
2020-12-11 19:32 - 2020-10-29 18:31 - 000001248 _____ C:\Users\Vojta\Desktop\Roblox Studio.lnk
2020-12-11 19:32 - 2020-10-29 18:31 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-12-11 18:52 - 2019-12-16 13:23 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\.minecraft
2020-12-11 18:51 - 2019-12-16 13:24 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\.tlauncher
2020-12-11 18:29 - 2019-07-04 16:40 - 000000000 ___RD C:\Users\Pavel\Dropbox
2020-12-10 23:04 - 2020-07-26 17:03 - 000437992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-10 23:03 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 20:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-08 13:37 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Lukáš
2020-12-07 22:19 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Vojta
2020-12-07 22:19 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Pavel
2020-12-06 13:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-05 19:46 - 2019-07-05 19:30 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-05 19:03 - 2019-06-05 18:42 - 000000000 ____D C:\Users\Pavel\AppData\Local\Packages
2020-12-03 22:06 - 2019-06-05 18:45 - 000000000 ____D C:\Users\Pavel\AppData\Local\PlaceholderTileLogoFolder
2020-12-03 08:12 - 2019-06-27 21:25 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-12-01 08:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps.tmp
2020-11-30 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2020-11-29 20:48 - 2019-06-05 18:47 - 000000000 ____D C:\Users\Pavel\AppData\Local\Google
2020-11-29 20:48 - 2019-06-05 18:47 - 000000000 ____D C:\Program Files (x86)\Google
2020-11-29 15:43 - 2019-06-05 18:47 - 000002138 _____ C:\Users\Public\Desktop\COMODO Antivirus.lnk
2020-11-28 20:40 - 2019-07-05 19:24 - 000000000 ____D C:\Users\Pavel\AppData\Local\D3DSCache
2020-11-25 07:40 - 2020-03-26 20:13 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\TeamViewer
2020-11-19 22:26 - 2019-07-05 22:24 - 000000000 ____D C:\KMPlayer
2020-11-19 16:49 - 2019-07-01 07:48 - 000000000 ____D C:\Users\Pavel\Desktop\Beruška nová
2020-11-18 03:19 - 2019-06-05 18:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-18 03:16 - 2019-06-05 18:50 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-17 11:08 - 2020-04-17 18:50 - 000002368 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-11-17 11:08 - 2020-04-17 18:50 - 000002360 _____ C:\Users\Pavel\Desktop\Microsoft Teams.lnk
2020-11-13 10:40 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

==================== Files in the root of some directories ========

2020-03-24 13:49 - 2020-03-24 13:49 - 000000017 _____ () C:\Users\Pavel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[jaro3]

AV: COMODO Antivirus (Enabled - Up to date) {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8}
AV: COMODO Antivirus (Disabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}

COMODO Antivirus
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)

máš tam dva antiviry Comodo? a jeden zapnutý. Jeden dej pryč a druhý deaktivuj a pak znovu frst.

[Paull]

Sám se v tom moc neorientuji, ale na PC je Comodo a jeho součástí je i Internet Security Essentials. Jelikož je to patří oboje pod Comodo a nevím, zda bych něco nezbabral odinstalací "InternetSecurityEssentials", oboje jsem deaktivoval a udělal jsem znovu FRST. Je to tak v pohodě?
Přikládám:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2020
Ran by Pavel (administrator) on DESKTOP-54V8III (13-12-2020 20:44:08)
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel
Platform: Windows 10 Pro Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe <4>
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <33>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2010.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAuf.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrSaz.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PAC207_Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Pavel\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-11-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\MountPoints2: {0c5adc7c-ec66-11e9-b65a-d050994a9cdb} - "E:\LaunchU3.exe" -a
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01A42326-5535-4EE8-A40F-B5A5DA8317E5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {02C8DDB1-C49F-42EC-96C1-0D42B1875995} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {0D48BA2F-D57C-4FF6-B8B8-FF22234CEB5A} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {0EBD759C-FAC8-48E0-9A21-65C21FFCA1F3} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {41752928-BE09-4617-8FB0-F4B1C1EEBD4C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {46A3A71E-9CD1-44EE-BD05-28F5DF72D6D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-29] (Google LLC -> Google LLC)
Task: {567F5FE2-8A4C-47E4-AEB8-8B55C386D670} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {6FDE22AF-3411-4CDC-AF82-62E9700937D6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7941822E-D19B-4FFB-9239-AC32A009299B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {98AB208C-D9AC-41B6-A0F2-7F326490378A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A10C748A-3CCF-40F2-8AF2-59D25DABC8BB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B0092A80-6BFF-4860-A5D1-4143545A4D55} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineCore" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineUA" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1001" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1002" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1003" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {BF4D3000-7102-41A8-9FF0-B43CA8245119} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C068BB52-57D6-46BB-89FC-3EACCC2A5B1F} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D241C240-B5E7-4DE8-B6F6-2E2197A25D79} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {D66758A6-2CA1-4C00-88E5-BB62C46B7432} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-29] (Google LLC -> Google LLC)
Task: {DE60C0B9-6848-47AE-B351-8CF506E30E0A} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E50541CB-3095-44B8-AD9D-7358647C6889} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {F1E04075-652C-439E-BD2E-822181507E7D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F473C18A-8EDA-49A2-A125-061110D978A4} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F696D250-5598-48DF-B510-AEECC1F6C5C7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7eb22d12-97e0-44b4-97ad-92edad7b2398}: [DhcpNameServer] 192.168.0.1

Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-13]
Edge Extension: (Outlook) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-19]
Edge Extension: (Word) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-19]
Edge Extension: (Excel) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-19]
Edge Extension: (PowerPoint) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-19]

FireFox:
========
FF DefaultProfile: 9n2nyuzz.default
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\9n2nyuzz.default [2020-11-29]
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\15meqnet.default-release [2020-12-13]
FF Session Restore: Mozilla\Firefox\Profiles\15meqnet.default-release -> is enabled.
FF Extension: (No Name) - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\15meqnet.default-release\Extensions\wrc@avast.com.xpi [2020-11-29] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (No Name) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-11-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default [2020-12-13]
CHR Notifications: Default -> hxxps://www.svetandroida.cz
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=B22974E50B0B99A9&affID=44444&tsp=4920","hxxp://www.google.com/","hxxp://www.search.ask.com/?tpid=ORJ-V7-SAT&o=APN11467&pf=V7&trgb=CR&p2=%5EBED%5EOSJ000%5EYY%5ECZ&gct=hp&apn_ptnrs=BED&apn_dtid=%5EOSJ000%5EYY%5ECZ&apn_dbr=cr_34.0.1847.131&apn_uid=EF1A8E44-606D-43E1-BB14-A5923F94D8DA&itbv=12.10.6.53&doi=2014-05-01&psv=","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-29]
CHR Extension: (Dokumenty) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-29]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-29]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-29]
CHR Extension: (Tabulky) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-29]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-12-09]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-12-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-29]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-29]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-29]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-12-13]
CHR DefaultSearchURL: Profile 2 -> hxxps:\/\/search.yahoo.com\/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> mcafee
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-01]
CHR Extension: (Dokumenty) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-01]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-01]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-01]
CHR Extension: (Tabulky) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-12-01]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-01]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
S2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [12874296 2020-11-29] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2011-12-06] (Volkswagen AG) [File not signed]
R3 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321472 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [477696 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2011-12-06] (Volkswagen AG) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [955656 2020-11-21] () [File not signed]
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13666872 2020-11-17] (Adlice -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [524856 2020-11-29] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12720144 2020-11-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-12-13] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [39056 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844176 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-13 17:49 - 2020-12-13 17:52 - 000036255 _____ C:\Users\Pavel\Desktop\Addition.txt
2020-12-13 17:46 - 2020-12-13 20:44 - 000026275 _____ C:\Users\Pavel\Desktop\FRST.txt
2020-12-13 17:46 - 2020-12-13 20:44 - 000000000 ____D C:\FRST
2020-12-13 17:44 - 2020-12-13 17:44 - 002286592 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2020-12-13 17:38 - 2020-11-11 22:29 - 000000000 ____D C:\Users\Pavel\Desktop\zoek1
2020-12-13 16:04 - 2020-12-13 16:04 - 000000000 ____D C:\Users\Pavel\Downloads\backups
2020-12-13 15:37 - 2020-12-13 15:37 - 001800862 _____ C:\Users\Pavel\Downloads\zoek.rar
2020-12-13 14:26 - 2020-12-13 14:26 - 000000000 ____D C:\Users\Pavel\Desktop\ZemanaAntimalware
2020-12-13 14:24 - 2020-12-13 20:45 - 002458497 _____ C:\WINDOWS\ZAM.krnl.trace
2020-12-13 14:24 - 2020-12-13 14:24 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-12-13 14:24 - 2020-12-13 14:24 - 000003558 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-12-13 14:24 - 2020-12-13 14:24 - 000002680 _____ C:\WINDOWS\system32\Tasks\AMSkipUAC
2020-12-13 14:24 - 2020-12-13 14:24 - 000001333 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\Users\Pavel\AppData\Local\Zemana
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-12-13 14:23 - 2020-12-13 14:24 - 000000000 ____D C:\Users\Pavel\AppData\Local\AMSDK
2020-12-13 14:21 - 2020-12-13 14:21 - 012795472 _____ (Zemana Ltd. ) C:\Users\Pavel\Desktop\AntiMalware_Setup.exe
2020-12-13 14:00 - 2020-12-13 14:00 - 000000000 ____D C:\Users\Pavel\AppData\LocalLow\IGDump
2020-12-12 23:14 - 2020-12-12 23:14 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Sun
2020-12-12 23:11 - 2020-12-12 23:11 - 000000797 _____ C:\Users\Public\Desktop\UCheck.lnk
2020-12-12 23:11 - 2020-12-12 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
2020-12-12 23:10 - 2020-12-12 23:11 - 000000000 ____D C:\ProgramData\UCheck
2020-12-12 23:10 - 2020-12-12 23:11 - 000000000 ____D C:\Program Files\UCheck
2020-12-12 23:09 - 2020-12-12 23:09 - 026045184 _____ (Adlice Software ) C:\Users\Pavel\Desktop\ucheck.exe
2020-12-12 19:19 - 2020-12-12 19:19 - 000000859 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-12-12 19:19 - 2020-12-12 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-12-12 19:19 - 2020-12-12 19:19 - 000000000 ____D C:\Program Files\RogueKiller
2020-12-12 19:18 - 2020-12-12 19:24 - 000000000 ____D C:\ProgramData\RogueKiller
2020-12-12 19:17 - 2020-12-12 19:17 - 040473968 _____ (Adlice Software ) C:\Users\Pavel\Desktop\setup.exe
2020-12-12 16:23 - 2020-12-12 16:23 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\ProgramData\Sophos
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-12-12 16:21 - 2020-12-12 16:21 - 181496840 _____ (Sophos Limited) C:\Users\Pavel\Desktop\Sophos Virus Removal Tool.exe
2020-12-12 15:48 - 2020-12-12 15:48 - 000001153 _____ C:\Users\Pavel\Desktop\JRT.txt
2020-12-12 15:43 - 2020-12-12 15:43 - 000002420 _____ C:\Users\Pavel\Desktop\AdwCleaner[C07].txt
2020-12-12 15:31 - 2020-12-12 15:31 - 001790024 _____ (Malwarebytes) C:\Users\Pavel\Desktop\JRT.exe
2020-12-12 13:12 - 2020-12-12 15:56 - 000005357 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-12_12_2020.txt
2020-12-12 13:09 - 2020-12-12 13:09 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-12 13:09 - 2020-12-12 13:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-11 23:42 - 2020-12-11 23:42 - 008447152 _____ (Malwarebytes) C:\Users\Pavel\Downloads\AdwCleaner(1).exe
2020-12-11 22:37 - 2020-12-11 22:37 - 000448512 _____ (OldTimer Tools) C:\Users\Pavel\Downloads\TFC(1).exe
2020-12-11 22:34 - 2020-12-11 22:34 - 000388608 _____ (Trend Micro Inc.) C:\Users\Pavel\Downloads\HijackThis.exe
2020-12-11 20:01 - 2020-12-11 20:01 - 000000000 ____D C:\Users\Lukáš\AppData\Local\D3DSCache
2020-12-11 17:08 - 2020-12-11 17:08 - 000007893 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-11_12_2020.txt
2020-12-10 20:34 - 2020-12-10 20:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-10 20:34 - 2020-12-10 20:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-10 20:34 - 2020-12-10 20:34 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 20:34 - 2020-12-10 20:34 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-10 20:34 - 2020-12-10 20:34 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-10 20:33 - 2020-12-10 20:33 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 20:33 - 2020-12-10 20:33 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 20:33 - 2020-12-10 20:33 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 17:20 - 2020-12-09 19:58 - 000111274 _____ C:\WINDOWS\ntbtlog.txt
2020-12-09 17:20 - 2020-12-09 17:20 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-12-07 17:02 - 2020-12-07 17:03 - 000000000 ____D C:\Users\Pavel\Desktop\Vojta
2020-12-07 17:01 - 2020-12-07 17:01 - 006056089 _____ C:\Users\Pavel\Downloads\iCloud Photos(1).zip
2020-12-07 13:41 - 2020-12-07 13:41 - 000000000 ____D C:\Users\Lukáš\AppData\Local\CrashDumps
2020-12-07 09:55 - 2020-12-07 09:55 - 000005065 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-7_12_2020.txt
2020-12-05 18:28 - 2020-12-05 18:28 - 002719648 _____ C:\Users\Pavel\Downloads\iCloud Photos.zip
2020-12-05 18:25 - 2020-12-06 17:00 - 000000000 ____D C:\Users\Lukáš\AppData\LocalLow\Mozilla
2020-12-05 18:25 - 2020-12-05 18:25 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Mozilla
2020-12-05 18:25 - 2020-12-05 18:25 - 000000000 ____D C:\Users\Lukáš\AppData\Local\Mozilla
2020-12-04 18:00 - 2020-12-04 18:00 - 000008093 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes.txt
2020-12-03 08:12 - 2020-12-03 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-02 17:45 - 2020-12-02 17:45 - 000448512 _____ (OldTimer Tools) C:\Users\Pavel\Downloads\TFC.exe
2020-12-02 17:42 - 2020-12-02 17:42 - 000050688 _____ (Atribune.org) C:\Users\Pavel\Downloads\atf-cleaner.exe
2020-12-02 17:41 - 2020-12-06 17:26 - 000000000 ____D C:\Users\Vojta\AppData\LocalLow\Mozilla
2020-12-02 17:41 - 2020-12-02 17:41 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\Mozilla
2020-12-02 17:41 - 2020-12-02 17:41 - 000000000 ____D C:\Users\Vojta\AppData\Local\Mozilla
2020-12-02 14:01 - 2020-12-02 14:01 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\Avast Software
2020-12-02 14:01 - 2020-12-02 14:01 - 000000000 ____D C:\Users\Vojta\AppData\Local\CEF
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-12-01 19:05 - 2020-12-01 21:15 - 000002438 _____ C:\Users\Pavel\Desktop\Petra - Chrome.lnk
2020-12-01 18:57 - 2020-12-01 20:06 - 000002394 _____ C:\Users\Pavel\Desktop\Pavel - Chrome.lnk
2020-11-30 12:44 - 2020-11-30 12:44 - 000481422 _____ C:\Users\Pavel\Downloads\informace-k-prijimacimu-rizeni-v-roce-2020-2021-2011152339.pdf
2020-11-30 09:51 - 2020-11-30 09:51 - 000000000 ____D C:\Users\Pavel\AppData\Local\OneDrive
2020-11-29 20:48 - 2020-12-11 23:40 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-29 20:48 - 2020-12-11 23:40 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-29 20:48 - 2020-12-03 16:55 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-29 20:48 - 2020-12-03 16:55 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-29 20:48 - 2020-11-29 20:48 - 000000000 ____D C:\Program Files\Google
2020-11-29 20:40 - 2020-11-29 20:40 - 001317080 _____ (Google LLC) C:\Users\Pavel\Downloads\ChromeSetup.exe
2020-11-29 19:50 - 2020-11-29 19:50 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Avast Software
2020-11-29 19:50 - 2020-11-29 19:50 - 000000000 ____D C:\Users\Lukáš\AppData\Local\CEF
2020-11-29 16:19 - 2020-11-29 16:19 - 000001055 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2020-11-29 16:19 - 2020-11-29 16:19 - 000000000 ____D C:\sh5ldr
2020-11-29 16:19 - 2020-11-29 16:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-11-29 16:19 - 2020-11-29 16:19 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2020-11-29 16:18 - 2020-11-29 16:18 - 006542392 _____ (EnigmaSoft Limited) C:\Users\Pavel\Downloads\SpyHunter-Installer.exe
2020-11-29 16:18 - 2020-11-29 16:18 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-11-29 15:49 - 2020-12-12 13:10 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-29 15:49 - 2020-12-12 13:10 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-29 15:49 - 2020-12-12 13:09 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-29 15:49 - 2020-11-29 15:49 - 000000000 ____D C:\Users\Pavel\AppData\Local\mbam
2020-11-29 15:48 - 2020-11-29 15:48 - 002076624 _____ (Malwarebytes) C:\Users\Pavel\Downloads\MBSetup.exe
2020-11-29 15:48 - 2020-11-29 15:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-29 15:48 - 2020-11-29 15:48 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-29 15:39 - 2020-11-29 15:40 - 000000000 ____D C:\AdwCleaner
2020-11-29 15:39 - 2020-11-29 15:39 - 008447152 _____ (Malwarebytes) C:\Users\Pavel\Desktop\AdwCleaner.exe
2020-11-29 15:26 - 2020-12-13 17:44 - 000000000 ____D C:\Users\Pavel\AppData\LocalLow\Mozilla
2020-11-29 15:26 - 2020-12-13 17:43 - 000000000 ____D C:\ProgramData\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000907 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-29 15:26 - 2020-11-29 15:26 - 000000895 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Users\Pavel\AppData\Local\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-29 14:52 - 2020-12-11 23:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-11-29 14:52 - 2020-11-29 14:52 - 000000000 ____D C:\Users\Pavel\AppData\Local\CEF
2020-11-29 14:51 - 2020-12-11 23:40 - 000000000 ____D C:\ProgramData\Avast Software
2020-11-29 14:51 - 2020-11-29 14:41 - 000220784 _____ (AVAST Software) C:\Users\Pavel\Desktop\avast_free_antivirus_setup_online.exe
2020-11-27 15:28 - 2020-12-11 23:40 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2020-11-27 15:28 - 2020-11-27 15:28 - 000000009 _____ C:\ProgramData\updateSuccess.txt
2020-11-24 23:22 - 2020-11-24 23:22 - 000191489 _____ C:\Users\Pavel\Desktop\Informace o správci příloh v systému Microsoft Windows.pdf
2020-11-19 20:18 - 2020-11-19 21:13 - 994668031 _____ C:\Users\Pavel\Downloads\homeland.s08e10.720p.web.h264-xlf CZ titulky.mkv
2020-11-19 20:18 - 2020-11-19 20:53 - 627646849 _____ C:\Users\Pavel\Downloads\Homeland.S08E11.PROPER.1080p.WEB.H265-GHOSTS.mkv
2020-11-19 20:17 - 2020-11-19 21:44 - 1575001566 _____ C:\Users\Pavel\Downloads\Homeland.S08E09.iNTERNAL.720p.WEB.H264-AMRAP.mkv
2020-11-19 20:16 - 2020-11-19 21:19 - 1061188793 _____ C:\Users\Pavel\Downloads\homeland.s08e08.720p.web.x264-poke.mkv
2020-11-19 18:42 - 2020-11-19 18:59 - 313236444 _____ C:\Users\Pavel\Downloads\homeland.s08e07.web.h264-xlf.mkv
2020-11-19 18:41 - 2020-11-19 19:15 - 584615234 _____ C:\Users\Pavel\Downloads\Homeland.S08E06.720p_CZtitulky.mp4
2020-11-19 18:40 - 2020-11-19 19:21 - 748053683 _____ C:\Users\Pavel\Downloads\Homeland.S08E05.Chalk.Two.Down.1080p.10bit.WEBRip.2CH.CZ.x265.HEVC-BB.mkv
2020-11-19 18:38 - 2020-11-19 19:55 - 1292509008 _____ C:\Users\Pavel\Downloads\Ve jménu vlasti_Homeland_S08E02_1080i. CZ_BoZ_.mkv
2020-11-18 11:01 - 2020-11-20 20:10 - 000000000 ____D C:\Users\Vojta\Desktop\Vojta
2020-11-17 19:12 - 2020-11-17 20:44 - 1496113174 _____ C:\Users\Pavel\Downloads\Ve jménu vlasti_Homeland_S08E04_1080i. CZ_BoZ_.mkv
2020-11-17 19:12 - 2020-11-17 20:23 - 1141914868 _____ C:\Users\Pavel\Downloads\Ve jménu vlasti_Homeland_S08E03_1080i. CZ_BoZ_.avi
2020-11-17 19:11 - 2020-11-17 20:03 - 863177026 _____ C:\Users\Pavel\Downloads\Homeland.S08E01.Deception.Indicated.1080p.10bit.WEBRip.2CH.CZ.x265.HEVC-BB.mkv
2020-11-17 19:10 - 2020-11-17 19:28 - 335361753 _____ C:\Users\Pavel\Downloads\Homeland.S07E12.WEB.H264-DEFLATE.rar
2020-11-15 11:01 - 2020-11-15 11:01 - 000000000 ____D C:\Users\Pavel\Downloads\IOXWebcamX-1.1 (2)
2020-11-15 10:59 - 2005-05-05 20:53 - 011330560 _____ C:\Users\Pavel\Downloads\IOXWebcamX-1.1
2020-11-14 13:11 - 2020-11-14 13:11 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Goldberg SteamEmu Saves
2020-11-14 13:11 - 2020-11-14 13:11 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Axolot Games
2020-11-14 13:11 - 2020-11-14 13:11 - 000000000 ____D C:\Users\Lukáš\AppData\Local\Axolot Games
2020-11-13 22:41 - 2020-11-13 22:41 - 000001568 _____ C:\Users\Lukáš\Desktop\ScrapMechanic – zástupce.lnk
2020-11-13 22:40 - 2020-11-13 22:41 - 000000000 ____D C:\Programy
2020-11-13 10:58 - 2020-11-13 10:58 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Goldberg SteamEmu Saves
2020-11-13 10:58 - 2020-11-13 10:58 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Axolot Games
2020-11-13 10:58 - 2020-11-13 10:58 - 000000000 ____D C:\Users\Pavel\AppData\Local\Axolot Games
2020-11-13 10:47 - 2020-11-13 10:51 - 752013152 _____ C:\Users\Lukáš\Downloads\Scrap.Mechanic.v0.4.8.595.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-13 20:40 - 2019-07-14 07:19 - 000000000 ____D C:\Users\Pavel\AppData\Local\CrashDumps
2020-12-13 20:37 - 2020-07-26 17:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-13 20:36 - 2019-06-05 18:47 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2020-12-13 20:14 - 2019-06-05 18:47 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-13 19:44 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-13 18:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-13 17:55 - 2019-07-05 19:35 - 000106802 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2020-12-13 15:40 - 2019-06-05 18:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-13 12:43 - 2019-06-05 18:46 - 000000000 ___RD C:\Users\Pavel\OneDrive
2020-12-12 23:27 - 2020-07-26 17:09 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-12 23:27 - 2019-12-07 15:43 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-12 23:27 - 2019-12-07 15:43 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-12 23:27 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-12 23:20 - 2020-07-26 17:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-12 23:20 - 2020-07-26 17:03 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-12 23:20 - 2020-03-26 20:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-12-12 23:19 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-12-12 23:15 - 2020-07-26 17:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1001
2020-12-12 23:15 - 2020-07-26 17:04 - 000002365 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-12 23:15 - 2019-12-16 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-12 23:15 - 2019-12-16 13:24 - 000000000 ____D C:\Program Files\Java
2020-12-12 23:13 - 2019-12-16 13:24 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-12-12 19:43 - 2020-06-05 15:58 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-12 19:43 - 2020-06-05 15:58 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-12 19:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-12 13:09 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-12 10:00 - 2020-10-29 19:19 - 000001425 _____ C:\Users\Lukáš\Desktop\Roblox Player.lnk
2020-12-12 10:00 - 2020-10-29 19:18 - 000001248 _____ C:\Users\Lukáš\Desktop\Roblox Studio.lnk
2020-12-12 10:00 - 2020-10-29 19:18 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-12-11 23:46 - 2019-06-27 21:25 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-12-11 23:46 - 2019-06-27 21:25 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-12-11 23:40 - 2020-07-26 17:11 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-11 23:40 - 2020-07-26 17:11 - 000003452 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-12-11 23:40 - 2020-07-26 17:11 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-11 23:40 - 2020-07-26 17:11 - 000003228 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-12-11 23:40 - 2020-07-26 17:11 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1003
2020-12-11 23:40 - 2020-07-26 17:11 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1002
2020-12-11 22:40 - 2019-06-05 18:42 - 000000000 ____D C:\Users\Pavel\AppData\Local\VirtualStore
2020-12-11 19:32 - 2020-10-29 18:31 - 000001425 _____ C:\Users\Vojta\Desktop\Roblox Player.lnk
2020-12-11 19:32 - 2020-10-29 18:31 - 000001248 _____ C:\Users\Vojta\Desktop\Roblox Studio.lnk
2020-12-11 19:32 - 2020-10-29 18:31 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-12-11 18:52 - 2019-12-16 13:23 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\.minecraft
2020-12-11 18:51 - 2019-12-16 13:24 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\.tlauncher
2020-12-11 18:29 - 2019-07-04 16:40 - 000000000 ___RD C:\Users\Pavel\Dropbox
2020-12-10 23:04 - 2020-07-26 17:03 - 000437992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-10 23:03 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 20:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-08 13:37 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Lukáš
2020-12-07 22:19 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Vojta
2020-12-07 22:19 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Pavel
2020-12-06 13:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-05 19:46 - 2019-07-05 19:30 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-05 19:03 - 2019-06-05 18:42 - 000000000 ____D C:\Users\Pavel\AppData\Local\Packages
2020-12-03 22:06 - 2019-06-05 18:45 - 000000000 ____D C:\Users\Pavel\AppData\Local\PlaceholderTileLogoFolder
2020-12-03 08:12 - 2019-06-27 21:25 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-12-01 08:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps.tmp
2020-11-30 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2020-11-29 20:48 - 2019-06-05 18:47 - 000000000 ____D C:\Users\Pavel\AppData\Local\Google
2020-11-29 20:48 - 2019-06-05 18:47 - 000000000 ____D C:\Program Files (x86)\Google
2020-11-29 15:43 - 2019-06-05 18:47 - 000002138 _____ C:\Users\Public\Desktop\COMODO Antivirus.lnk
2020-11-28 20:40 - 2019-07-05 19:24 - 000000000 ____D C:\Users\Pavel\AppData\Local\D3DSCache
2020-11-25 07:40 - 2020-03-26 20:13 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\TeamViewer
2020-11-19 22:26 - 2019-07-05 22:24 - 000000000 ____D C:\KMPlayer
2020-11-19 16:49 - 2019-07-01 07:48 - 000000000 ____D C:\Users\Pavel\Desktop\Beruška nová
2020-11-18 03:19 - 2019-06-05 18:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-18 03:16 - 2019-06-05 18:50 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-17 11:08 - 2020-04-17 18:50 - 000002368 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-11-17 11:08 - 2020-04-17 18:50 - 000002360 _____ C:\Users\Pavel\Desktop\Microsoft Teams.lnk
2020-11-13 10:40 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM

==================== Files in the root of some directories ========

2020-03-24 13:49 - 2020-03-24 13:49 - 000000017 _____ () C:\Users\Pavel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Paull]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2020
Ran by Pavel (13-12-2020 20:45:47)
Running from C:\Users\Pavel\Desktop
Windows 10 Pro Version 2004 19041.685 (X64) (2020-07-26 16:11:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1980947671-2380292906-1612769214-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1980947671-2380292906-1612769214-503 - Limited - Disabled)
Guest (S-1-5-21-1980947671-2380292906-1612769214-501 - Limited - Disabled)
Lukáš (S-1-5-21-1980947671-2380292906-1612769214-1002 - Limited - Enabled) => C:\Users\Lukáš
Pavel (S-1-5-21-1980947671-2380292906-1612769214-1001 - Administrator - Enabled) => C:\Users\Pavel
Vojta (S-1-5-21-1980947671-2380292906-1612769214-1003 - Limited - Enabled) => C:\Users\Vojta
WDAGUtilityAccount (S-1-5-21-1980947671-2380292906-1612769214-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Disabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
COMODO Antivirus (HKLM\...\{E6B0FD8D-8799-441B-8734-B8A266C0C303}) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.) Hidden
COMODO Antivirus (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 111.4.472 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
ElsaWin (HKLM-x32\...\ElsaWin) (Version: 4.00 - )
Excel (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.28 - PandoraTV)
LEGO® Piráti z Karibiku Počítačová hra UKÁZKA (HKLM-x32\...\{A85568D7-A01E-4E05-AFEE-4A1852D70281}) (Version: 1.0.0.0 - Disney Interactive Studios)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.2.0 - LG Electronics)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13426.20308 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.13426.20308 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 83.0 (x64 cs) (HKLM\...\Mozilla Firefox 83.0 (x64 cs)) (Version: 83.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Outlook (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
PowerPoint (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
RogueKiller version 14.8.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.0.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.8.0 - Sophos Limited)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.10.4.217 - EnigmaSoft Limited)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.12.4 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Trust 100K Series Webcam (HKLM-x32\...\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}) (Version: 1.0.4.15 - Trust)
Trust WB-1400T Webcam (HKLM-x32\...\{30837A37-8F9F-4817-8B52-C501B67DC3BE}) (Version: 1.0.4.7 - PC Camera) Hidden
Trust WB-1400T Webcam (HKLM-x32\...\InstallShield_{30837A37-8F9F-4817-8B52-C501B67DC3BE}) (Version: 1.0.4.7 - PC Camera)
UCheck version 3.10.0.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 3.10.0.0 - Adlice Software)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.170 - McAfee, LLC)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Word (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.0.83.0_x86__kgqvnymyfvs32 [2020-12-01] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.48.2.0_x86__kgqvnymyfvs32 [2020-11-30] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-30] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-12] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1980947671-2380292906-1612769214-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Pavel\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1980947671-2380292906-1612769214-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Pavel\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-1980947671-2380292906-1612769214-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Pavel\Dropbox [2019-07-04 16:40]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Pavel\Desktop\Pavel - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Pavel\Desktop\Petra - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Loaded Modules (Whitelisted) =============

2011-12-06 16:03 - 2011-12-06 16:03 - 000364032 _____ (Volkswagen AG) [File not signed] C:\ElsaWin\bin\vfc10u.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-11-20] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-11-20] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiprot.dll [2011-12-06] (TODO: <Company name>) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "IseUI"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

12-12-2020 15:44:55 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/13/2020 08:40:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DllHost.exe, verze: 10.0.19041.546, časové razítko: 0xb850de5d
Název chybujícího modulu: combase.dll, verze: 10.0.19041.662, časové razítko: 0x8f79024d
Kód výjimky: 0xc0000005
Posun chyby: 0x000aa7b2
ID chybujícího procesu: 0x30b8
Čas spuštění chybující aplikace: 0x01d6d16098afd6fd
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\DllHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: e3b1e9f0-ff9a-4821-b5af-744e6fbef141
Úplný název chybujícího balíčku: Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c
ID aplikace související s chybujícím balíčkem: App

Error: (12/13/2020 05:40:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek (1).exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0x1d44
Čas spuštění chybující aplikace: 0x01d6d16e9a9e1cad
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek1\zoek (1).exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 79dfebe5-36c0-4c77-9edc-b5ef4aa36b61
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/13/2020 03:41:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0x3dc8
Čas spuštění chybující aplikace: 0x01d6d15e0f834cec
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek1\zoek1\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: c103a564-278c-4f93-bbae-98fe6a5928e1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/13/2020 02:18:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek (1).exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0xf04
Čas spuštění chybující aplikace: 0x01d6d152797dbc69
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek1\zoek1\zoek (1).exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 92bcc165-572d-4376-b953-db0a244bc679
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/13/2020 02:12:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0x42d8
Čas spuštění chybující aplikace: 0x01d6d1518bf41dbf
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 8f35c9c0-46f2-42ed-9988-d5261d75734f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/13/2020 02:11:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0x37c4
Čas spuštění chybující aplikace: 0x01d6d15171f5e2e6
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek1\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 7f731308-ff1e-49bb-9eb2-54c9d5d5ee9a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/13/2020 02:10:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0x43a0
Čas spuštění chybující aplikace: 0x01d6d1515303eb47
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek1\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 6d2fc6d3-85aa-44c9-8535-4322a0d5540f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/13/2020 02:07:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.662, časové razítko: 0xe6477cce
Kód výjimky: 0xc0000409
Posun chyby: 0x0012a892
ID chybujícího procesu: 0x299c
Čas spuštění chybující aplikace: 0x01d6d150dd823dc1
Cesta k chybující aplikaci: C:\Users\Pavel\Desktop\zoek1\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f4c50262-54f9-4006-b51b-2e8203fdfde6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/13/2020 07:53:57 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/13/2020 07:51:57 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/13/2020 07:49:56 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/13/2020 07:47:56 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/13/2020 12:52:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/13/2020 12:50:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/13/2020 12:48:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server Windows.Internal.Shell.ConsentUx.Details.ConsentUxService se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/12/2020 11:20:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Soubor nebo adresář je porušen a není čitelný.


Windows Defender:
===================================
Date: 2020-12-13 17:48:58.1500000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Vigorf.A
ID: 2147714384
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Pavel\Downloads\EW400.rar
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-54V8III\Pavel
Název procesu: C:\Users\Pavel\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.329.332.0, AS: 1.329.332.0, NIS: 1.329.332.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

CodeIntegrity:
===================================

Date: 2020-12-13 20:37:21.0300000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 20:37:21.0170000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-13 20:37:20.8270000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 20:37:20.8150000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 20:37:20.8140000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-13 20:37:20.8090000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-13 20:37:20.7060000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-13 20:37:20.6880000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P2.40 08/29/2014
Motherboard: ASRock B85M
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 67%
Total physical RAM: 8111.44 MB
Available physical RAM: 2623.95 MB
Total Virtual: 18863.44 MB
Available Virtual: 11395.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.56 GB) (Free:70.73 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1863.01 GB) (Free:1285.51 GB) NTFS

\\?\Volume{7d762e9c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 7D762E9C)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: DA29E555)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[jaro3]

Já jen že frst stále ukazuje na dva AV- antiviry , každý s jiným označením.
AV: COMODO Antivirus (Enabled - Up to date) {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8}
AV: COMODO Antivirus (Disabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}

proboha , co tam dělají ty zbytka Avastu?
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineCore" /ENABLE
System32\Tasks\AVAST Software\Gaming mode
C:\Users\Lukáš\AppData\Roaming\Avast Software
System32\Tasks\AVAST Software\
C:\ProgramData\Avast Software
2020-11-29 14:51 - 2020-11-29 14:41 - 000220784 _____ (AVAST Software)
(AVAST Software) C:\Users\Pavel\Desktop\avast_free_antivirus_setup_online.exe
aj.

Stáhněte si a nainstalujte Revo Uninstaller FreePlease download and install Revo Uninstaller Free
http://www.revouninstaller.com/start_fr ... nload.html
Poklepáním na Revo Uninstaller jej spustit.
pokud najdeš Avast , odinstaluj ho , pokud nenajdeš:
dej hledat.
Ze seznamu programů klikněte dvakrát na programu odstranit
Až budete vyzváni, zda chcete odinstalovat klepněte na tlačítko Ano.
Ujistěte se, že je vybrána možnost Mírný potom klepněte na tlačítko Další.
Program bude probíhat, Pokud budete vyzváni znovu klepněte na tlačítko Ano
Při vestavěný Uninstaller je dokončena klepněte na tlačítko Další.
Jakmile program hledal zbytky klepněte na tlačítko Další.
Zkontrolujte / zaškrtněte položky Bolded jen na seznamu a potom klepněte na tlačítko Odstranit
Po vyzvání klepněte na Ano a pak na další.
další na všechny složky, které se nachází a vyberte možnost odstranění
Po zobrazení výzvy vyberte ano, pak na další
Poté, co udělal na tlačítko Dokončit.


odinstaluj i SpyHunter5.

[Paull]

Ahoj, RevoUninstaller jsem použil, ale Avast to nenašlo. Měl jsem na ploše jeho instalák a ten jsem vyhodil.
Udělal jsem znovu FRST a vidím v něm opět ty zbytky Avastu. Avast jsem odinstalovával funkcí odinstalovat přímo v Avastu. Také jsem ručně smazal co jsem našel nějaké zbytky od Avastu...
Nemá třeba smysl jej znovu nainstalovat a pak jej odstranit tím RevoUninstalerem?
Přikládám FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-12-2020
Ran by Pavel (administrator) on DESKTOP-54V8III (14-12-2020 11:12:12)
Running from C:\Users\Pavel\Desktop
Loaded Profiles: Pavel
Platform: Windows 10 Pro Version 2004 19041.685 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adlice -> ) C:\Program Files\RogueKiller\RogueKiller64.exe
(Adlice -> ) C:\Program Files\RogueKiller\RogueKillerSvc.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\111.4.472\QtWebEngineProcess.exe <4>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <26>
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Pavel\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2010.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAdm.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrAuf.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrDba.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrHis.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrPas.exe
(Volkswagen AG) [File not signed] C:\ElsaWin\bin\LcSvrSaz.exe
(Zemana D.O.O. Sarajevo -> Zemana Ltd.) C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PAC207_Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7992832 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Pavel\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-11-17] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\MountPoints2: {0c5adc7c-ec66-11e9-b65a-d050994a9cdb} - "E:\LaunchU3.exe" -a
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01A42326-5535-4EE8-A40F-B5A5DA8317E5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {02C8DDB1-C49F-42EC-96C1-0D42B1875995} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {0D48BA2F-D57C-4FF6-B8B8-FF22234CEB5A} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {0EBD759C-FAC8-48E0-9A21-65C21FFCA1F3} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {41752928-BE09-4617-8FB0-F4B1C1EEBD4C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {46A3A71E-9CD1-44EE-BD05-28F5DF72D6D7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-29] (Google LLC -> Google LLC)
Task: {567F5FE2-8A4C-47E4-AEB8-8B55C386D670} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {6FDE22AF-3411-4CDC-AF82-62E9700937D6} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7941822E-D19B-4FFB-9239-AC32A009299B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {98AB208C-D9AC-41B6-A0F2-7F326490378A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A10C748A-3CCF-40F2-8AF2-59D25DABC8BB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B0092A80-6BFF-4860-A5D1-4143545A4D55} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineCore" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineUA" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1001" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1002" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1003" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}" /ENABLE
Task: {B99F923C-3A86-45A7-88E6-14871FCE2179} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {BF4D3000-7102-41A8-9FF0-B43CA8245119} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {C068BB52-57D6-46BB-89FC-3EACCC2A5B1F} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {D241C240-B5E7-4DE8-B6F6-2E2197A25D79} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {D66758A6-2CA1-4C00-88E5-BB62C46B7432} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-29] (Google LLC -> Google LLC)
Task: {DE60C0B9-6848-47AE-B351-8CF506E30E0A} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E50541CB-3095-44B8-AD9D-7358647C6889} - System32\Tasks\AMSkipUAC => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {F1E04075-652C-439E-BD2E-822181507E7D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [143712 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F473C18A-8EDA-49A2-A125-061110D978A4} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F696D250-5598-48DF-B510-AEECC1F6C5C7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5142960 2020-12-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7eb22d12-97e0-44b4-97ad-92edad7b2398}: [DhcpNameServer] 192.168.0.1

Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-14]
Edge Extension: (Outlook) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-19]
Edge Extension: (Word) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-19]
Edge Extension: (Excel) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-19]
Edge Extension: (PowerPoint) - C:\Users\Pavel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-19]

FireFox:
========
FF DefaultProfile: 9n2nyuzz.default
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\9n2nyuzz.default [2020-11-29]
FF ProfilePath: C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\15meqnet.default-release [2020-12-14]
FF Session Restore: Mozilla\Firefox\Profiles\15meqnet.default-release -> is enabled.
FF Extension: (No Name) - C:\Users\Pavel\AppData\Roaming\Mozilla\Firefox\Profiles\15meqnet.default-release\Extensions\wrc@avast.com.xpi [2020-11-29] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (No Name) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-11-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default [2020-12-14]
CHR Notifications: Default -> hxxps://www.svetandroida.cz
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=B22974E50B0B99A9&affID=44444&tsp=4920","hxxp://www.google.com/","hxxp://www.search.ask.com/?tpid=ORJ-V7-SAT&o=APN11467&pf=V7&trgb=CR&p2=%5EBED%5EOSJ000%5EYY%5ECZ&gct=hp&apn_ptnrs=BED&apn_dtid=%5EOSJ000%5EYY%5ECZ&apn_dbr=cr_34.0.1847.131&apn_uid=EF1A8E44-606D-43E1-BB14-A5923F94D8DA&itbv=12.10.6.53&doi=2014-05-01&psv=","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-29]
CHR Extension: (Dokumenty) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-29]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-29]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-29]
CHR Extension: (Tabulky) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-29]
CHR Extension: (Tlačítko „Uložit“ pro Pinterest) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-12-09]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2020-12-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-29]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-29]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-29]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-12-13]
CHR DefaultSearchURL: Profile 2 -> hxxps:\/\/search.yahoo.com\/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> mcafee
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-01]
CHR Extension: (Dokumenty) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-01]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-01]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-01]
CHR Extension: (Tabulky) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-12-01]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-01]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-01]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-11-23] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-27] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44552 2020-12-01] (Dropbox, Inc -> Dropbox, Inc.)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 LcSvrAdm; C:\ElsaWin\bin\LcSvrAdm.exe [240640 2011-12-06] (Volkswagen AG) [File not signed]
R3 LcSvrAuf; C:\ElsaWin\bin\LcSvrAuf.exe [1321472 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrDba; C:\ElsaWin\bin\LcSvrDba.exe [392704 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrHis; C:\ElsaWin\bin\LcSvrHis.exe [335360 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrPAS; C:\ElsaWin\bin\LcSvrPas.exe [477696 2011-12-06] (Volkswagen AG) [File not signed]
R2 LcSvrSaz; C:\ElsaWin\bin\LcSvrSaz.exe [373248 2011-12-06] (Volkswagen AG) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
S2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [955656 2020-11-21] () [File not signed]
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13666872 2020-11-17] (Adlice -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5197552 2020-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12720144 2020-11-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-12-13] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [39056 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844176 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-14] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-12] (Malwarebytes Inc -> Malwarebytes)
U3 TrueSight; C:\Windows\System32\drivers\truesight.sys [38032 2020-12-14] (Adlice -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-13] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
U1 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-14 10:43 - 2020-12-14 10:43 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-14 10:43 - 2020-12-14 10:43 - 000038032 _____ C:\WINDOWS\system32\Drivers\truesight.sys
2020-12-14 10:36 - 2020-12-14 10:36 - 000001039 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-12-14 10:36 - 2020-12-14 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-12-14 10:36 - 2020-12-14 10:36 - 000000000 ____D C:\Program Files\VS Revo Group
2020-12-14 10:35 - 2020-12-14 10:35 - 007458656 _____ (VS Revo Group ) C:\Users\Pavel\Downloads\revosetup.exe
2020-12-13 17:49 - 2020-12-13 20:46 - 000036116 _____ C:\Users\Pavel\Desktop\Addition.txt
2020-12-13 17:46 - 2020-12-14 11:13 - 000026150 _____ C:\Users\Pavel\Desktop\FRST.txt
2020-12-13 17:46 - 2020-12-14 11:12 - 000000000 ____D C:\FRST
2020-12-13 17:44 - 2020-12-13 17:44 - 002286592 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2020-12-13 17:38 - 2020-11-11 22:29 - 000000000 ____D C:\Users\Pavel\Desktop\zoek1
2020-12-13 16:04 - 2020-12-13 16:04 - 000000000 ____D C:\Users\Pavel\Downloads\backups
2020-12-13 15:37 - 2020-12-13 15:37 - 001800862 _____ C:\Users\Pavel\Downloads\zoek.rar
2020-12-13 14:26 - 2020-12-13 14:26 - 000000000 ____D C:\Users\Pavel\Desktop\ZemanaAntimalware
2020-12-13 14:24 - 2020-12-14 11:13 - 000262295 _____ C:\WINDOWS\ZAM.krnl.trace
2020-12-13 14:24 - 2020-12-13 14:24 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-12-13 14:24 - 2020-12-13 14:24 - 000003558 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-12-13 14:24 - 2020-12-13 14:24 - 000002680 _____ C:\WINDOWS\system32\Tasks\AMSkipUAC
2020-12-13 14:24 - 2020-12-13 14:24 - 000001333 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\Users\Pavel\AppData\Local\Zemana
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-12-13 14:24 - 2020-12-13 14:24 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-12-13 14:23 - 2020-12-14 10:48 - 000000000 ____D C:\Users\Pavel\AppData\Local\AMSDK
2020-12-13 14:21 - 2020-12-13 14:21 - 012795472 _____ (Zemana Ltd. ) C:\Users\Pavel\Desktop\AntiMalware_Setup.exe
2020-12-13 14:00 - 2020-12-13 14:00 - 000000000 ____D C:\Users\Pavel\AppData\LocalLow\IGDump
2020-12-12 23:14 - 2020-12-12 23:14 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Sun
2020-12-12 23:11 - 2020-12-12 23:11 - 000000797 _____ C:\Users\Public\Desktop\UCheck.lnk
2020-12-12 23:11 - 2020-12-12 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
2020-12-12 23:10 - 2020-12-12 23:11 - 000000000 ____D C:\ProgramData\UCheck
2020-12-12 23:10 - 2020-12-12 23:11 - 000000000 ____D C:\Program Files\UCheck
2020-12-12 23:09 - 2020-12-12 23:09 - 026045184 _____ (Adlice Software ) C:\Users\Pavel\Desktop\ucheck.exe
2020-12-12 19:19 - 2020-12-12 19:19 - 000000859 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-12-12 19:19 - 2020-12-12 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-12-12 19:19 - 2020-12-12 19:19 - 000000000 ____D C:\Program Files\RogueKiller
2020-12-12 19:18 - 2020-12-12 19:24 - 000000000 ____D C:\ProgramData\RogueKiller
2020-12-12 19:17 - 2020-12-12 19:17 - 040473968 _____ (Adlice Software ) C:\Users\Pavel\Desktop\setup.exe
2020-12-12 16:23 - 2020-12-12 16:23 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\ProgramData\Sophos
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-12-12 16:23 - 2020-12-12 16:23 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-12-12 16:21 - 2020-12-12 16:21 - 181496840 _____ (Sophos Limited) C:\Users\Pavel\Desktop\Sophos Virus Removal Tool.exe
2020-12-12 15:48 - 2020-12-12 15:48 - 000001153 _____ C:\Users\Pavel\Desktop\JRT.txt
2020-12-12 15:43 - 2020-12-12 15:43 - 000002420 _____ C:\Users\Pavel\Desktop\AdwCleaner[C07].txt
2020-12-12 15:31 - 2020-12-12 15:31 - 001790024 _____ (Malwarebytes) C:\Users\Pavel\Desktop\JRT.exe
2020-12-12 13:12 - 2020-12-12 15:56 - 000005357 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-12_12_2020.txt
2020-12-12 13:09 - 2020-12-12 13:09 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-12 13:09 - 2020-12-12 13:09 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-11 23:42 - 2020-12-11 23:42 - 008447152 _____ (Malwarebytes) C:\Users\Pavel\Downloads\AdwCleaner(1).exe
2020-12-11 22:37 - 2020-12-11 22:37 - 000448512 _____ (OldTimer Tools) C:\Users\Pavel\Downloads\TFC(1).exe
2020-12-11 22:34 - 2020-12-11 22:34 - 000388608 _____ (Trend Micro Inc.) C:\Users\Pavel\Downloads\HijackThis.exe
2020-12-11 20:01 - 2020-12-11 20:01 - 000000000 ____D C:\Users\Lukáš\AppData\Local\D3DSCache
2020-12-11 17:08 - 2020-12-11 17:08 - 000007893 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-11_12_2020.txt
2020-12-10 20:34 - 2020-12-10 20:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-10 20:34 - 2020-12-10 20:34 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-10 20:34 - 2020-12-10 20:34 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 20:34 - 2020-12-10 20:34 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-10 20:34 - 2020-12-10 20:34 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-10 20:34 - 2020-12-10 20:34 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-10 20:33 - 2020-12-10 20:33 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-10 20:33 - 2020-12-10 20:33 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 20:33 - 2020-12-10 20:33 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-10 20:33 - 2020-12-10 20:33 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-10 20:33 - 2020-12-10 20:33 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 17:20 - 2020-12-09 19:58 - 000111274 _____ C:\WINDOWS\ntbtlog.txt
2020-12-09 17:20 - 2020-12-09 17:20 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-12-07 17:02 - 2020-12-07 17:03 - 000000000 ____D C:\Users\Pavel\Desktop\Vojta
2020-12-07 17:01 - 2020-12-07 17:01 - 006056089 _____ C:\Users\Pavel\Downloads\iCloud Photos(1).zip
2020-12-07 13:41 - 2020-12-07 13:41 - 000000000 ____D C:\Users\Lukáš\AppData\Local\CrashDumps
2020-12-07 09:55 - 2020-12-07 09:55 - 000005065 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes-7_12_2020.txt
2020-12-05 18:28 - 2020-12-05 18:28 - 002719648 _____ C:\Users\Pavel\Downloads\iCloud Photos.zip
2020-12-05 18:25 - 2020-12-06 17:00 - 000000000 ____D C:\Users\Lukáš\AppData\LocalLow\Mozilla
2020-12-05 18:25 - 2020-12-05 18:25 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Mozilla
2020-12-05 18:25 - 2020-12-05 18:25 - 000000000 ____D C:\Users\Lukáš\AppData\Local\Mozilla
2020-12-04 18:00 - 2020-12-04 18:00 - 000008093 _____ C:\Users\Pavel\Desktop\Vypis z Malwarebytes.txt
2020-12-03 08:12 - 2020-12-03 08:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-12-02 17:45 - 2020-12-02 17:45 - 000448512 _____ (OldTimer Tools) C:\Users\Pavel\Downloads\TFC.exe
2020-12-02 17:42 - 2020-12-02 17:42 - 000050688 _____ (Atribune.org) C:\Users\Pavel\Downloads\atf-cleaner.exe
2020-12-02 17:41 - 2020-12-06 17:26 - 000000000 ____D C:\Users\Vojta\AppData\LocalLow\Mozilla
2020-12-02 17:41 - 2020-12-02 17:41 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\Mozilla
2020-12-02 17:41 - 2020-12-02 17:41 - 000000000 ____D C:\Users\Vojta\AppData\Local\Mozilla
2020-12-02 14:01 - 2020-12-02 14:01 - 000000000 ____D C:\Users\Vojta\AppData\Local\CEF
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2020-12-01 23:10 - 2020-12-01 23:10 - 000044552 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2020-12-01 19:05 - 2020-12-01 21:15 - 000002438 _____ C:\Users\Pavel\Desktop\Petra - Chrome.lnk
2020-12-01 18:57 - 2020-12-01 20:06 - 000002394 _____ C:\Users\Pavel\Desktop\Pavel - Chrome.lnk
2020-11-30 12:44 - 2020-11-30 12:44 - 000481422 _____ C:\Users\Pavel\Downloads\informace-k-prijimacimu-rizeni-v-roce-2020-2021-2011152339.pdf
2020-11-30 09:51 - 2020-11-30 09:51 - 000000000 ____D C:\Users\Pavel\AppData\Local\OneDrive
2020-11-29 20:48 - 2020-12-11 23:40 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-11-29 20:48 - 2020-12-11 23:40 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-11-29 20:48 - 2020-12-03 16:55 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-29 20:48 - 2020-12-03 16:55 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-29 20:48 - 2020-11-29 20:48 - 000000000 ____D C:\Program Files\Google
2020-11-29 20:40 - 2020-11-29 20:40 - 001317080 _____ (Google LLC) C:\Users\Pavel\Downloads\ChromeSetup.exe
2020-11-29 19:50 - 2020-11-29 19:50 - 000000000 ____D C:\Users\Lukáš\AppData\Local\CEF
2020-11-29 16:18 - 2020-11-29 16:18 - 006542392 _____ (EnigmaSoft Limited) C:\Users\Pavel\Downloads\SpyHunter-Installer.exe
2020-11-29 15:49 - 2020-12-12 13:10 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-29 15:49 - 2020-12-12 13:10 - 000001981 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-29 15:49 - 2020-12-12 13:09 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-29 15:49 - 2020-11-29 15:49 - 000000000 ____D C:\Users\Pavel\AppData\Local\mbam
2020-11-29 15:48 - 2020-11-29 15:48 - 002076624 _____ (Malwarebytes) C:\Users\Pavel\Downloads\MBSetup.exe
2020-11-29 15:48 - 2020-11-29 15:48 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-29 15:48 - 2020-11-29 15:48 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-29 15:39 - 2020-11-29 15:40 - 000000000 ____D C:\AdwCleaner
2020-11-29 15:39 - 2020-11-29 15:39 - 008447152 _____ (Malwarebytes) C:\Users\Pavel\Desktop\AdwCleaner.exe
2020-11-29 15:26 - 2020-12-14 10:41 - 000000000 ____D C:\Users\Pavel\AppData\LocalLow\Mozilla
2020-11-29 15:26 - 2020-12-14 10:35 - 000000000 ____D C:\ProgramData\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000907 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-29 15:26 - 2020-11-29 15:26 - 000000895 _____ C:\Users\Public\Desktop\Firefox.lnk
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Users\Pavel\AppData\Local\Mozilla
2020-11-29 15:26 - 2020-11-29 15:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-29 14:52 - 2020-12-11 23:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-11-29 14:52 - 2020-11-29 14:52 - 000000000 ____D C:\Users\Pavel\AppData\Local\CEF
2020-11-27 15:28 - 2020-12-11 23:40 - 000002428 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2020-11-27 15:28 - 2020-11-27 15:28 - 000000009 _____ C:\ProgramData\updateSuccess.txt
2020-11-24 23:22 - 2020-11-24 23:22 - 000191489 _____ C:\Users\Pavel\Desktop\Informace o správci příloh v systému Microsoft Windows.pdf
2020-11-19 20:18 - 2020-11-19 21:13 - 994668031 _____ C:\Users\Pavel\Downloads\homeland.s08e10.720p.web.h264-xlf CZ titulky.mkv
2020-11-19 20:18 - 2020-11-19 20:53 - 627646849 _____ C:\Users\Pavel\Downloads\Homeland.S08E11.PROPER.1080p.WEB.H265-GHOSTS.mkv
2020-11-19 20:17 - 2020-11-19 21:44 - 1575001566 _____ C:\Users\Pavel\Downloads\Homeland.S08E09.iNTERNAL.720p.WEB.H264-AMRAP.mkv
2020-11-19 20:16 - 2020-11-19 21:19 - 1061188793 _____ C:\Users\Pavel\Downloads\homeland.s08e08.720p.web.x264-poke.mkv
2020-11-19 18:42 - 2020-11-19 18:59 - 313236444 _____ C:\Users\Pavel\Downloads\homeland.s08e07.web.h264-xlf.mkv
2020-11-19 18:41 - 2020-11-19 19:15 - 584615234 _____ C:\Users\Pavel\Downloads\Homeland.S08E06.720p_CZtitulky.mp4
2020-11-19 18:40 - 2020-11-19 19:21 - 748053683 _____ C:\Users\Pavel\Downloads\Homeland.S08E05.Chalk.Two.Down.1080p.10bit.WEBRip.2CH.CZ.x265.HEVC-BB.mkv
2020-11-19 18:38 - 2020-11-19 19:55 - 1292509008 _____ C:\Users\Pavel\Downloads\Ve jménu vlasti_Homeland_S08E02_1080i. CZ_BoZ_.mkv
2020-11-18 11:01 - 2020-11-20 20:10 - 000000000 ____D C:\Users\Vojta\Desktop\Vojta
2020-11-17 19:12 - 2020-11-17 20:44 - 1496113174 _____ C:\Users\Pavel\Downloads\Ve jménu vlasti_Homeland_S08E04_1080i. CZ_BoZ_.mkv
2020-11-17 19:12 - 2020-11-17 20:23 - 1141914868 _____ C:\Users\Pavel\Downloads\Ve jménu vlasti_Homeland_S08E03_1080i. CZ_BoZ_.avi
2020-11-17 19:11 - 2020-11-17 20:03 - 863177026 _____ C:\Users\Pavel\Downloads\Homeland.S08E01.Deception.Indicated.1080p.10bit.WEBRip.2CH.CZ.x265.HEVC-BB.mkv
2020-11-17 19:10 - 2020-11-17 19:28 - 335361753 _____ C:\Users\Pavel\Downloads\Homeland.S07E12.WEB.H264-DEFLATE.rar
2020-11-15 11:01 - 2020-11-15 11:01 - 000000000 ____D C:\Users\Pavel\Downloads\IOXWebcamX-1.1 (2)
2020-11-15 10:59 - 2005-05-05 20:53 - 011330560 _____ C:\Users\Pavel\Downloads\IOXWebcamX-1.1
2020-11-14 13:11 - 2020-11-14 13:11 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Goldberg SteamEmu Saves
2020-11-14 13:11 - 2020-11-14 13:11 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Axolot Games
2020-11-14 13:11 - 2020-11-14 13:11 - 000000000 ____D C:\Users\Lukáš\AppData\Local\Axolot Games

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-14 11:13 - 2019-06-05 18:47 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2020-12-14 10:48 - 2019-07-14 07:19 - 000000000 ____D C:\Users\Pavel\AppData\Local\CrashDumps
2020-12-14 10:48 - 2019-06-05 18:46 - 000000000 ___RD C:\Users\Pavel\OneDrive
2020-12-14 10:47 - 2020-07-26 17:09 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-14 10:47 - 2019-12-07 15:43 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-14 10:47 - 2019-12-07 15:43 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-14 10:47 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-14 10:45 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-14 10:43 - 2020-07-26 17:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-14 10:43 - 2020-07-26 17:03 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-14 10:43 - 2020-03-26 20:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-12-14 10:43 - 2019-06-05 18:47 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-14 10:42 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2020-12-14 10:42 - 2019-07-05 19:35 - 000106802 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2020-12-14 10:29 - 2019-07-04 16:40 - 000000000 ___RD C:\Users\Pavel\Dropbox
2020-12-13 21:37 - 2020-07-26 17:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-13 18:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-13 15:40 - 2019-06-05 18:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-12 23:15 - 2020-07-26 17:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1001
2020-12-12 23:15 - 2020-07-26 17:04 - 000002365 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-12 23:15 - 2019-12-16 13:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-12-12 23:15 - 2019-12-16 13:24 - 000000000 ____D C:\Program Files\Java
2020-12-12 23:13 - 2019-12-16 13:24 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-12-12 19:43 - 2020-06-05 15:58 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-12 19:43 - 2020-06-05 15:58 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-12 19:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-12 13:09 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-12 10:00 - 2020-10-29 19:19 - 000001425 _____ C:\Users\Lukáš\Desktop\Roblox Player.lnk
2020-12-12 10:00 - 2020-10-29 19:18 - 000001248 _____ C:\Users\Lukáš\Desktop\Roblox Studio.lnk
2020-12-12 10:00 - 2020-10-29 19:18 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-12-11 23:46 - 2019-06-27 21:25 - 000000938 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-12-11 23:46 - 2019-06-27 21:25 - 000000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-12-11 23:40 - 2020-07-26 17:11 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-11 23:40 - 2020-07-26 17:11 - 000003452 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-12-11 23:40 - 2020-07-26 17:11 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-11 23:40 - 2020-07-26 17:11 - 000003228 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-12-11 23:40 - 2020-07-26 17:11 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1003
2020-12-11 23:40 - 2020-07-26 17:11 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1980947671-2380292906-1612769214-1002
2020-12-11 22:40 - 2019-06-05 18:42 - 000000000 ____D C:\Users\Pavel\AppData\Local\VirtualStore
2020-12-11 19:32 - 2020-10-29 18:31 - 000001425 _____ C:\Users\Vojta\Desktop\Roblox Player.lnk
2020-12-11 19:32 - 2020-10-29 18:31 - 000001248 _____ C:\Users\Vojta\Desktop\Roblox Studio.lnk
2020-12-11 19:32 - 2020-10-29 18:31 - 000000000 ____D C:\Users\Vojta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2020-12-11 18:52 - 2019-12-16 13:23 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\.minecraft
2020-12-11 18:51 - 2019-12-16 13:24 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\.tlauncher
2020-12-10 23:04 - 2020-07-26 17:03 - 000437992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-10 23:03 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 23:03 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 20:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-08 13:37 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Lukáš
2020-12-07 22:19 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Vojta
2020-12-07 22:19 - 2020-07-26 17:04 - 000000000 ____D C:\Users\Pavel
2020-12-06 13:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-05 19:46 - 2019-07-05 19:30 - 000000000 ____D C:\Program Files\Microsoft Office
2020-12-05 19:03 - 2019-06-05 18:42 - 000000000 ____D C:\Users\Pavel\AppData\Local\Packages
2020-12-03 22:06 - 2019-06-05 18:45 - 000000000 ____D C:\Users\Pavel\AppData\Local\PlaceholderTileLogoFolder
2020-12-03 08:12 - 2019-06-27 21:25 - 000000000 ____D C:\Program Files (x86)\Dropbox
2020-12-01 08:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps.tmp
2020-11-30 16:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\registration
2020-11-29 20:48 - 2019-06-05 18:47 - 000000000 ____D C:\Users\Pavel\AppData\Local\Google
2020-11-29 20:48 - 2019-06-05 18:47 - 000000000 ____D C:\Program Files (x86)\Google
2020-11-29 15:43 - 2019-06-05 18:47 - 000002138 _____ C:\Users\Public\Desktop\COMODO Antivirus.lnk
2020-11-28 20:40 - 2019-07-05 19:24 - 000000000 ____D C:\Users\Pavel\AppData\Local\D3DSCache
2020-11-25 07:40 - 2020-03-26 20:13 - 000000000 ____D C:\Users\Pavel\AppData\Roaming\TeamViewer
2020-11-19 22:26 - 2019-07-05 22:24 - 000000000 ____D C:\KMPlayer
2020-11-19 16:49 - 2019-07-01 07:48 - 000000000 ____D C:\Users\Pavel\Desktop\Beruška nová
2020-11-18 03:19 - 2019-06-05 18:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-18 03:16 - 2019-06-05 18:50 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-17 11:08 - 2020-04-17 18:50 - 000002368 _____ C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-11-17 11:08 - 2020-04-17 18:50 - 000002360 _____ C:\Users\Pavel\Desktop\Microsoft Teams.lnk

==================== Files in the root of some directories ========

2020-03-24 13:49 - 2020-03-24 13:49 - 000000017 _____ () C:\Users\Pavel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Paull]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-12-2020
Ran by Pavel (14-12-2020 11:15:35)
Running from C:\Users\Pavel\Desktop
Windows 10 Pro Version 2004 19041.685 (X64) (2020-07-26 16:11:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1980947671-2380292906-1612769214-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1980947671-2380292906-1612769214-503 - Limited - Disabled)
Guest (S-1-5-21-1980947671-2380292906-1612769214-501 - Limited - Disabled)
Lukáš (S-1-5-21-1980947671-2380292906-1612769214-1002 - Limited - Enabled) => C:\Users\Lukáš
Pavel (S-1-5-21-1980947671-2380292906-1612769214-1001 - Administrator - Enabled) => C:\Users\Pavel
Vojta (S-1-5-21-1980947671-2380292906-1612769214-1003 - Limited - Enabled) => C:\Users\Vojta
WDAGUtilityAccount (S-1-5-21-1980947671-2380292906-1612769214-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
COMODO Antivirus (HKLM\...\{E6B0FD8D-8799-441B-8734-B8A266C0C303}) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.) Hidden
COMODO Antivirus (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 111.4.472 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.377.1 - Dropbox, Inc.) Hidden
ElsaWin (HKLM-x32\...\ElsaWin) (Version: 4.00 - )
Excel (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
Java 8 Update 271 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.28 - PandoraTV)
LEGO® Piráti z Karibiku Počítačová hra UKÁZKA (HKLM-x32\...\{A85568D7-A01E-4E05-AFEE-4A1852D70281}) (Version: 1.0.0.0 - Disney Interactive Studios)
LG Mobile Driver (HKLM-x32\...\{3F490D0E-3131-438C-BCF9-7549CB88DF41}) (Version: 4.2.0 - LG Electronics)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13426.20308 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.13426.20308 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 83.0 (x64 cs) (HKLM\...\Mozilla Firefox 83.0 (x64 cs)) (Version: 83.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13426.20294 - Microsoft Corporation) Hidden
Outlook (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
PowerPoint (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Revo Uninstaller 2.2.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.0 - VS Revo Group, Ltd.)
RogueKiller version 14.8.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.8.0.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.8.0 - Sophos Limited)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.12.4 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Trust 100K Series Webcam (HKLM-x32\...\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}) (Version: 1.0.4.15 - Trust)
Trust WB-1400T Webcam (HKLM-x32\...\{30837A37-8F9F-4817-8B52-C501B67DC3BE}) (Version: 1.0.4.7 - PC Camera) Hidden
Trust WB-1400T Webcam (HKLM-x32\...\InstallShield_{30837A37-8F9F-4817-8B52-C501B67DC3BE}) (Version: 1.0.4.7 - PC Camera)
UCheck version 3.10.0.0 (HKLM\...\C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1) (Version: 3.10.0.0 - Adlice Software)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.170 - McAfee, LLC)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Word (HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.0.83.0_x86__kgqvnymyfvs32 [2020-12-01] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.48.2.0_x86__kgqvnymyfvs32 [2020-11-30] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-30] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-11-30] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-30] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-12] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1980947671-2380292906-1612769214-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Pavel\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1980947671-2380292906-1612769214-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Pavel\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-1980947671-2380292906-1612769214-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Pavel\Dropbox [2019-07-04 16:40]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.46.0.dll [2020-10-06] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-29] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Pavel\Desktop\Pavel - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Pavel\Desktop\Petra - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Loaded Modules (Whitelisted) =============

2011-12-06 16:03 - 2011-12-06 16:03 - 000364032 _____ (Volkswagen AG) [File not signed] C:\ElsaWin\bin\vfc10u.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-11-20] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-12-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-11-20] (McAfee, LLC -> McAfee, LLC)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiprot.dll [2011-12-06] (TODO: <Company name>) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2019-03-19 05:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1980947671-2380292906-1612769214-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "IseUI"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

12-12-2020 15:44:55 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/14/2020 10:51:36 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (12/14/2020 10:51:31 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (12/14/2020 10:51:26 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (12/14/2020 10:51:21 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (12/14/2020 10:51:16 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (12/14/2020 10:51:11 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (12/14/2020 10:51:06 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (12/14/2020 10:51:01 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.


System errors:
=============
Error: (12/14/2020 10:45:33 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.329.381.0).

Error: (12/14/2020 10:43:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Soubor nebo adresář je porušen a není čitelný.

Error: (12/14/2020 10:42:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-54V8III)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/14/2020 10:42:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-54V8III)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/14/2020 10:42:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-54V8III)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/14/2020 10:42:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-54V8III)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/14/2020 10:42:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-54V8III)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/14/2020 10:42:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-54V8III)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2020-12-13 17:48:58.1500000Z
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Vigorf.A
ID: 2147714384
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Pavel\Downloads\EW400.rar
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-54V8III\Pavel
Název procesu: C:\Users\Pavel\Desktop\FRST64.exe
Verze bezpečnostních informací: AV: 1.329.332.0, AS: 1.329.332.0, NIS: 1.329.332.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

CodeIntegrity:
===================================

Date: 2020-12-14 11:00:13.2770000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-14 10:51:41.4410000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-14 10:51:41.4350000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-14 10:51:39.7480000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-14 10:51:39.7420000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-14 10:51:38.1610000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-14 10:51:38.1570000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-14 10:51:36.4670000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\iseguard64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P2.40 08/29/2014
Motherboard: ASRock B85M
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 61%
Total physical RAM: 8111.44 MB
Available physical RAM: 3158.9 MB
Total Virtual: 18863.44 MB
Available Virtual: 12507.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.56 GB) (Free:69.31 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1863.01 GB) (Free:1285.41 GB) NTFS

\\?\Volume{7d762e9c-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.57 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 7D762E9C)
Partition 1: (Active) - (Size=579 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: DA29E555)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================