Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2019
Ran by Paulie (administrator) on LAPTOP-MGGJ92FO (HP HP 250 G6 Notebook PC) (13-09-2019 13:05:25)
Running from C:\Users\Paulie\Downloads
Loaded Profiles: Paulie (Available Profiles: Paulie)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(FabulaTech -> ) C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgrhv.exe
(FabulaTech -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(FabulaTech -> VMware) C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google) C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\SwReporter\44.211.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\SwReporter\44.211.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\SwReporter\44.211.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\SwReporter\44.211.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\SwReporter\44.211.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\SwReporter\44.211.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\SwReporter\44.211.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\SwReporter\44.211.200.3\software_reporter_tool.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19061.18920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Power Software Limited -> Power Software Ltd) C:\Programy\PowerISO\PWRISOVM.EXE
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279328 2018-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [VMware Netlink 3 HV Install Utility] => C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [75680 2017-07-12] (FabulaTech -> )
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Programy\PowerISO\PWRISOVM.EXE [406664 2016-05-25] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1321984 2018-09-05] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [81165544 2019-06-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\Run: [uTorrent] => C:\Users\Paulie\AppData\Roaming\uTorrent\uTorrent.exe [1815736 2019-03-03] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\Run: [BackgroundSwitcher] => C:\Programy\John's Background Switcher\BackgroundSwitcher.exe [120424 2013-05-20] (John Conners -> johnsadventures.com)
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Paulie\AppData\Local\Microsoft\Teams\Update.exe [1790192 2019-08-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\...\MountPoints2: {ccf3ac0b-b40b-11e8-996d-9061ae26b320} - "F:\HiSuiteDownLoader.exe" 
HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb] -> GOG.com Heroes of Might and Magic 3
HKLM\Software\...\AppCompatFlags\InstalledSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb [2012-11-28]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-09-04] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {001A2872-C545-49D4-9D15-E62038FD2C1A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0864728C-CFD0-46B3-900D-1B6BB5BE1BE2} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {0C49640E-A22D-413F-84B3-01BC75150BB0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. -> HP Inc.)
Task: {1875289A-5BDF-410C-9075-7EC8BC661948} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [616232 2016-11-30] (Dropbox, Inc -> DropboxOEM)
Task: {2486D8B1-414C-4689-B275-36F0EDB64F00} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1569912 2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A3E58B4-AC33-4159-80EA-1E5E7F2D04A0} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {43056187-D560-4A72-B7E9-1757395018D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4467864 2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {47716E7A-1D3B-456A-8F8C-86CC9D6ADD5B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2045832 2019-08-24] (AVAST Software s.r.o. -> AVAST Software)
Task: {57DAC375-B28F-4F89-996D-C8C0EDF23183} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {6861B2D7-F53C-4206-8B6E-81C0A8E64D29} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6D225826-849C-4FF7-AB8F-BC8EF1870DD8} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459264 2017-02-01] (HP Inc. -> )
Task: {72D14675-032A-4E59-9EFB-BE8CB3855CF6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117296 2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {7465BBC1-7D7E-4318-AFAA-2E5568E7C8A6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [117296 2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {773AABCF-91AC-4313-8428-1B089773BE25} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-11] (Adobe Inc. -> Adobe)
Task: {77B1257C-1C19-4DD1-90BA-FB0CE9899203} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {7F11D812-A86D-4976-98ED-35713F9F4027} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2018-09-06] (Piriform Ltd -> Piriform Ltd)
Task: {8EB41A9C-7BD9-403B-ACEC-969B92E8B645} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-12-06] (HP Inc. -> HP Inc.)
Task: {998432C5-E8B2-4074-A097-E8A274573A83} - System32\Tasks\HPCeeScheduleForPaulie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99392 2016-05-12] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {9EFD2385-FBFB-4E77-B95F-94114187DB47} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3942792 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
Task: {9FDC22DE-9BD3-4C8C-B12C-CD9B3F9CAC89} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428624 2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B0A2B7C6-1923-4BDB-A63C-C58A24054C6E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1428624 2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3BE97FC-1C42-4DED-BEFB-8ED9F15D8197} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-11] (Adobe Inc. -> Adobe)
Task: {C3823823-231C-4A38-AE9E-9A0992A49467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-28] (Google Inc -> Google Inc.)
Task: {C99C0964-97BC-4EE2-AC1E-423FD15514E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [217976 2018-11-08] (HP Inc. -> HP Inc.)
Task: {CF883E84-884B-4990-85EB-6A2FCFCE807A} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [356936 2017-08-02] (MAGIX Software GmbH -> MAGIX Software GmbH)
Task: {D4177F66-8D72-4295-9405-99F80FB036AC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-28] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E229AEC2-D04D-4956-80D8-50B86FA3B61A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {E277B359-F6F8-4B81-B4B5-30CC6AC9C98D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-28] (Google Inc -> Google Inc.)
Task: {E2F05FF5-5EB8-4DE6-A187-F82FF5CB1AE7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4467864 2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E400513A-3AEA-47EF-A3D4-2A0AF748337E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1488248 2018-12-10] (HP Inc. -> HP Inc.)
Task: {E46E4FE7-9DD6-43C1-80C9-AFAF3753F981} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367016 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9E6208F-C40E-4D49-B004-C6CE1E19D40E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPaulie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 view-localhost # view localhost server
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4871caf0-c49c-4e3f-b145-0e9acb7bd3d0}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-265973849-1346121208-2514518910-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {1B265AAC-23DF-4E46-9281-0738EB5EDB22} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {45874B18-1862-4CD0-A55B-7CE51F7F6EF2} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {718A4562-BD54-4539-AECA-648053E509E4} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {9A4D53F8-AA8D-4A5B-A591-8D01B01C4A4C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {9C921D4F-2756-4936-9228-B4A89AC8C09B} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {A6E6E4DC-C64C-4D57-BB22-C7EDFF79FBD6} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {AE22E9F4-B6D2-4295-A76E-BE92D562FE96} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {B7A2D660-D06E-403D-A186-C991A77291D3} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-265973849-1346121208-2514518910-1001 -> {ED2E8233-80D0-403B-BDB0-53D1FD8E2DD6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-06] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-06] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-11] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-09-11] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: mnftvyw4.default
FF ProfilePath: C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default [2019-08-01]
FF DownloadDir: C:\Users\Paulie\Downloads
FF Homepage: Mozilla\Firefox\Profiles\mnftvyw4.default -> www.seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\mnftvyw4.default -> is enabled.
FF Extension: (Web Security) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\contact@web-security.com.xpi [2018-05-24]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\sko-extension@firma.seznam.cz [2018-01-11]
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-12-09]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\sp@avast.com.xpi [2019-03-03]
FF Extension: (Avast Online Security) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\wrc@avast.com.xpi [2018-06-24]
FF Extension: (No Name) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-03-03]
FF Extension: (Seznam doplněk - Email) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-12-15]
FF Extension: (No Name) - C:\Users\Paulie\AppData\Roaming\Mozilla\Firefox\Profiles\mnftvyw4.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-08-21] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default [2019-09-13]
CHR Extension: (Prezentace) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-28]
CHR Extension: (YouTube) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-28]
CHR Extension: (Flash Player) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2018-11-01]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-09-13]
CHR Extension: (Adobe Acrobat) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-09-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (Avast Online Security) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-08-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Social Profile view notification) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pegkceflonohbcefcbflfpficfkmpeod [2019-09-13]
CHR Extension: (Gmail) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-03]
CHR Extension: (Chrome Media Router) - C:\Users\Paulie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-13]
CHR HKU\S-1-5-21-265973849-1346121208-2514518910-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-265973849-1346121208-2514518910-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-265973849-1346121208-2514518910-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5975136 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [405072 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11568224 2019-08-24] (Microsoft Corporation -> Microsoft Corporation)
R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [532456 2017-09-27] (VMware, Inc. -> VMware, Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-28] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-28] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1419424 2017-03-28] (Intel(R) Software -> Intel Corporation)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [218528 2017-07-12] (FabulaTech -> )
R2 ftscanmgrhv; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgrhv.exe [2949024 2017-06-15] (FabulaTech -> )
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370856 2019-03-18] (Intel Corporation -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887784 2015-09-03] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268128 2018-09-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 vmwsprrdpwks; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [276896 2017-06-15] (FabulaTech -> VMware)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [209552 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [263008 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [282768 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [169408 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [478096 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [387176 2019-09-11] (AVAST Software s.r.o. -> AVAST Software)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55792 2017-03-28] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52208 2017-03-28] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260080 2017-03-28] (Intel(R) Software -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [199192 2018-05-11] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7409320 2019-03-18] (Intel Corporation -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8723648 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-04-14] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420832 2017-04-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [264192 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [60504 2017-04-28] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146200 2015-10-15] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [73616 2018-09-05] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-05-16] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-13 13:05 - 2019-09-13 13:07 - 000038498 _____ C:\Users\Paulie\Downloads\FRST.txt
2019-09-13 13:02 - 2019-09-13 13:02 - 001614848 _____ (Farbar) C:\Users\Paulie\Downloads\FRST64.exe
2019-09-13 13:00 - 2019-09-13 13:00 - 001222144 _____ C:\Users\Paulie\Downloads\RSITx64 (2).exe
2019-09-13 11:30 - 2019-09-13 12:33 - 000000000 ____D C:\WINDOWS\Panther
2019-09-11 14:47 - 2019-06-24 13:38 - 376092738 ____C C:\Users\Paulie\Desktop\H3SW_v0.8.1_Installer.exe
2019-09-11 13:34 - 2019-09-11 13:34 - 000002566 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-09-11 13:34 - 2019-09-11 13:34 - 000002560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-09-11 13:34 - 2019-09-11 13:34 - 000002542 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2019-09-11 13:34 - 2019-09-11 13:34 - 000002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-09-11 13:34 - 2019-09-11 13:34 - 000002532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-09-11 13:34 - 2019-09-11 13:34 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2019-09-11 13:34 - 2019-09-11 13:34 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-09-11 13:34 - 2019-09-11 13:34 - 000002458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-09-11 13:34 - 2019-09-11 13:34 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-09-11 13:34 - 2019-09-11 13:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-09-11 13:26 - 2019-09-11 13:26 - 000001897 _____ C:\Users\Public\Desktop\Heroes of Might and Magic 3 Complete.lnk
2019-09-11 13:26 - 2019-09-11 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of Might and Magic 3 Complete [GOG.com]
2019-09-11 13:25 - 2019-09-11 13:25 - 000000000 ____D C:\GOG Games
2019-09-11 13:21 - 2019-09-11 14:49 - 000000000 ____D C:\Heroes of Might and Magic III (Complete Edition) + Patch [GOG]
2019-09-11 13:07 - 2019-09-11 13:07 - 000363912 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-09-11 13:07 - 2019-09-11 13:07 - 000236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-09-11 13:07 - 2019-09-11 13:07 - 000169408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-09-04 21:57 - 2019-02-17 02:51 - 987508536 ___RC (GOG.com ) C:\Users\Paulie\Desktop\setup_homm3_complete_2.0.0.16.exe
2019-08-24 17:54 - 2019-08-24 17:54 - 000002368 ____C C:\Users\Paulie\Desktop\Microsoft Teams.lnk
2019-08-24 17:54 - 2019-08-24 17:54 - 000000000 ___DC C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2019-08-24 17:53 - 2019-08-24 17:54 - 000000000 ___DC C:\Users\Paulie\AppData\Local\SquirrelTemp
2019-08-24 17:53 - 2019-08-24 17:53 - 000000000 ___DC C:\Users\Paulie\AppData\Roaming\Microsoft Teams

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-13 13:05 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-09-13 13:05 - 2018-03-08 16:21 - 000000000 ____D C:\FRST
2019-09-13 13:00 - 2018-01-25 12:45 - 000000000 ____D C:\Program Files\trend micro
2019-09-13 12:50 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-13 12:41 - 2018-05-24 17:08 - 001878058 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-13 12:41 - 2018-04-12 17:50 - 000780210 _____ C:\WINDOWS\system32\perfh005.dat
2019-09-13 12:41 - 2018-04-12 17:50 - 000177260 _____ C:\WINDOWS\system32\perfc005.dat
2019-09-13 12:33 - 2019-03-23 22:11 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-09-13 12:33 - 2018-05-24 17:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-13 12:33 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-13 12:33 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-13 12:33 - 2018-03-29 18:11 - 000000378 _____ C:\WINDOWS\Tasks\Connect.job
2019-09-13 12:33 - 2018-02-17 16:32 - 000000368 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPaulie.job
2019-09-13 12:33 - 2017-09-28 21:16 - 000000000 __SHD C:\Users\Paulie\IntelGraphicsProfiles
2019-09-13 12:33 - 2017-05-18 08:56 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-09-13 12:33 - 2017-05-18 08:56 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-09-13 12:32 - 2018-07-28 21:44 - 000000000 ___DC C:\Users\Paulie\AppData\Local\CrashDumps
2019-09-13 12:32 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-09-13 12:29 - 2018-06-10 21:02 - 000000000 ___DC C:\Users\Paulie\AppData\Local\D3DSCache
2019-09-13 11:37 - 2018-05-24 17:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-13 11:27 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-13 11:26 - 2018-11-17 03:03 - 000000000 ____D C:\Program Files\rempl
2019-09-13 11:23 - 2018-05-24 17:23 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-09-13 11:23 - 2018-05-24 17:23 - 000004212 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{76598262-0A1A-4313-BFFB-AF6DD7275A06}
2019-09-11 13:41 - 2017-11-29 21:44 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2019-09-11 13:37 - 2017-10-01 11:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-09-11 13:31 - 2017-05-18 08:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-09-11 13:30 - 2017-10-01 11:34 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-09-11 13:28 - 2019-07-28 10:30 - 000002766 _____ C:\WINDOWS\System32\Tasks\HPAudioSwitch
2019-09-11 13:28 - 2018-09-06 15:42 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-09-11 13:28 - 2018-05-24 17:23 - 000003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-11 13:28 - 2018-05-24 17:23 - 000003530 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-09-11 13:28 - 2018-05-24 17:23 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-09-11 13:28 - 2018-05-24 17:23 - 000003462 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-09-11 13:28 - 2018-05-24 17:23 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-09-11 13:28 - 2018-05-24 17:23 - 000003238 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-09-11 13:28 - 2018-05-24 17:23 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-11 13:28 - 2018-05-24 17:23 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-265973849-1346121208-2514518910-1001
2019-09-11 13:28 - 2018-05-24 17:23 - 000002856 _____ C:\WINDOWS\System32\Tasks\HPJumpStartLaunch
2019-09-11 13:28 - 2018-05-24 17:23 - 000002806 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForPaulie
2019-09-11 13:28 - 2018-05-24 17:23 - 000002500 _____ C:\WINDOWS\System32\Tasks\HPEA3JOBS
2019-09-11 13:28 - 2018-05-24 17:23 - 000002388 _____ C:\WINDOWS\System32\Tasks\Connect
2019-09-11 13:28 - 2018-05-24 17:23 - 000002318 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2019-09-11 13:28 - 2018-05-24 17:23 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-09-11 13:28 - 2018-05-24 17:23 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-09-11 13:16 - 2018-05-24 17:09 - 000002371 ____C C:\Users\Paulie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-11 13:16 - 2017-09-28 21:19 - 000000000 ___RD C:\Users\Paulie\OneDrive
2019-09-11 13:11 - 2017-10-30 22:23 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-09-11 13:07 - 2019-02-15 14:29 - 000282768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-09-11 13:07 - 2019-01-18 03:30 - 000263008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-09-11 13:07 - 2019-01-08 15:03 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-09-11 13:07 - 2019-01-08 15:03 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-09-11 13:07 - 2019-01-08 15:03 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-09-11 13:07 - 2018-10-13 16:40 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-09-11 13:07 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-11 13:07 - 2017-11-09 20:31 - 000209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-09-11 13:07 - 2017-10-02 22:42 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-09-11 13:07 - 2017-10-02 22:42 - 000478096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-09-11 13:07 - 2017-10-02 22:42 - 000387176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-09-11 13:07 - 2017-10-02 22:42 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-09-11 13:07 - 2017-10-02 22:42 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-09-11 13:04 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-09-11 13:04 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-09-04 21:59 - 2017-09-28 23:24 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-24 18:03 - 2019-08-04 12:58 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================