Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-02-2021
Ran by Pavel-BLACK PC (administrator) on DESKTOP-QPUH97D (ASUS All Series) (06-02-2021 08:17:33)
Running from C:\Users\Pavel-BLACK PC\Downloads
Loaded Profiles: Pavel-BLACK PC
Platform: Windows 10 Pro Version 20H2 19042.631 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Users\Pavel-BLACK PC\Desktop\gmer.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwantispam.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwarkdaemon.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwwatcher.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwnetfilter.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\dwservice.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\frwl_svc.exe
(Doctor Web Ltd. -> Doctor Web, Ltd.) C:\Program Files\DrWeb\spideragent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Pavel-BLACK PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11910.1002.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe <2>
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.53.77.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Wen Jia Liu -> wj32) C:\Program Files\Process Hacker 2\ProcessHacker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SpIDerAgent] => C:\Program Files\DrWeb\spideragent.exe [22278336 2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-06] (Google LLC -> Google LLC)
IFEO\taskmgr.exe: [Debugger] "C:\Program Files\Process Hacker 2\ProcessHacker.exe"
BootExecute: autocheck autochk * ffnd.exe {949E979C-EB1F-11DB-92AC-22C456D89593}

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {524DBB41-3A59-4DD2-BE7F-A6A618786BA9} - System32\Tasks\FreeFixer background scan => C:\Program Files\FreeFixer\freefixer.exe [4492288 2018-10-04] (Kephyr) [File not signed]
Task: {8039AEC5-C4C3-49CA-B0EE-B13C562E1E09} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-06] (Google LLC -> Google LLC)
Task: {8D7796AC-0C06-4BBF-90FD-E51278DC8880} - System32\Tasks\Doctor Web\Dr.Web Daily scan => C:\Program Files\DrWeb\dwscanner.exe [12240264 2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)
Task: {BB1624FA-CC54-4F61-99DC-4462C1190B0C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-06] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\FreeFixer background scan.job => C:\Program Files\FreeFixer\freefixer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.111.1.10
Tcpip\..\Interfaces\{7064fd85-e163-48f9-902d-4051fbbdc5c8}: [DhcpNameServer] 212.111.1.10

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Pavel-BLACK PC\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-06]

Chrome: 
=======
CHR Profile: C:\Users\Pavel-BLACK PC\AppData\Local\Google\Chrome\User Data\Default [2021-02-06]
CHR Extension: (Prezentace) - C:\Users\Pavel-BLACK PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-06]
CHR Extension: (Dokumenty) - C:\Users\Pavel-BLACK PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-06]
CHR Extension: (Disk Google) - C:\Users\Pavel-BLACK PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-06]
CHR Extension: (YouTube) - C:\Users\Pavel-BLACK PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-06]
CHR Extension: (Tabulky) - C:\Users\Pavel-BLACK PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel-BLACK PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel-BLACK PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-06]
CHR Extension: (Gmail) - C:\Users\Pavel-BLACK PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-06]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel-BLACK PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-06]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DrWebAVService; C:\Program Files\DrWeb\dwservice.exe [14541376 2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebEngine; C:\Program Files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [2222488 2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebFwSvc; C:\Program Files\DrWeb\frwl_svc.exe [5384696 2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R3 DrWebNetFilter; C:\Program Files\DrWeb\dwnetfilter.exe [7212832 2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\Windows\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_90685a092bcf58c7\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 DrWebLwf; C:\Windows\System32\drivers\drweblwf.sys [505592 2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R0 DwDevGuard; C:\Windows\System32\drivers\dwdg.sys [302824 2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S0 DwELAM; C:\Windows\System32\drivers\dwelam.sys [31952 2021-02-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Doctor Web, Ltd.)
R0 DwProt; C:\Windows\System32\drivers\dwprot.sys [1144448 2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)
R0 SpiderG3; C:\Windows\System32\drivers\spiderg3.sys [390560 2021-02-06] (Doctor Web Ltd. -> Doctor Web, Ltd.)
S3 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 awtdykow; \??\C:\Users\PAVEL-~1\AppData\Local\Temp\awtdykow.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-06 08:17 - 2021-02-06 08:17 - 000010176 _____ C:\Users\Pavel-BLACK PC\Downloads\FRST.txt
2021-02-06 08:17 - 2021-02-06 08:17 - 000000000 ____D C:\FRST
2021-02-06 08:16 - 2021-02-06 08:16 - 002297856 _____ (Farbar) C:\Users\Pavel-BLACK PC\Downloads\FRST64.exe
2021-02-06 08:08 - 2021-02-06 08:15 - 000000000 ____D C:\Users\Pavel-BLACK PC\Desktop\VIRY
2021-02-06 07:47 - 2021-02-06 07:47 - 000000000 ____D C:\Windows\LastGood
2021-02-06 07:47 - 2021-02-06 07:47 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-02-06 07:47 - 2021-02-06 07:47 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-02-06 07:46 - 2021-02-06 07:46 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2021-02-06 07:45 - 2019-10-04 16:15 - 001006800 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-02-06 07:45 - 2019-10-04 16:15 - 001006800 _____ C:\Windows\system32\vulkan-1.dll
2021-02-06 07:45 - 2019-10-04 16:15 - 000870096 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-02-06 07:45 - 2019-10-04 16:15 - 000870096 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-02-06 07:45 - 2019-10-04 16:15 - 000552328 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-02-06 07:45 - 2019-10-04 16:15 - 000456640 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-02-06 07:45 - 2019-10-04 16:15 - 000286416 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-02-06 07:45 - 2019-10-04 16:15 - 000286416 _____ C:\Windows\system32\vulkaninfo.exe
2021-02-06 07:45 - 2019-10-04 16:15 - 000260304 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-02-06 07:45 - 2019-10-04 16:15 - 000260304 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-02-06 07:45 - 2019-10-04 16:14 - 011059400 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2021-02-06 07:45 - 2019-10-04 16:14 - 009492680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2021-02-06 07:45 - 2019-10-04 16:14 - 000676608 _____ C:\Windows\system32\nvofapi64.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 020194504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 017471368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 005443976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 005425600 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 004767952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 002041784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 001543424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 001472408 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 001164168 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 001136024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 001004936 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 000914120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 000822016 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 000810240 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 000656128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 000633936 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 000572376 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2021-02-06 07:45 - 2019-10-04 16:13 - 000543952 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 000523728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-02-06 07:45 - 2019-10-04 16:13 - 000449736 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2021-02-06 07:45 - 2019-10-04 16:13 - 000237424 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2021-02-06 07:45 - 2019-10-04 16:13 - 000055664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2021-02-06 07:45 - 2019-10-04 16:12 - 040412552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2021-02-06 07:45 - 2019-10-04 16:12 - 035269840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2021-02-06 07:45 - 2019-10-04 16:12 - 005087232 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2021-02-06 07:45 - 2019-10-04 16:12 - 004342736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2021-02-06 07:45 - 2019-10-04 16:12 - 000858504 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2021-02-06 07:45 - 2019-10-04 15:53 - 000104564 _____ C:\Windows\system32\nvidia-smi.1.pdf
2021-02-06 07:45 - 2019-10-04 15:53 - 000057400 _____ C:\Windows\system32\nvinfo.pb
2021-02-06 07:42 - 2021-02-06 07:42 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Local\PlaceholderTileLogoFolder
2021-02-06 07:41 - 2021-02-06 07:42 - 000022600 _____ C:\Users\Pavel-BLACK PC\Downloads\MTB.txt
2021-02-06 07:41 - 2021-02-06 07:41 - 000892416 _____ (Farbar) C:\Users\Pavel-BLACK PC\Downloads\MiniToolBox.exe
2021-02-06 07:41 - 2021-02-06 07:41 - 000000000 ___HD C:\$WinREAgent
2021-02-06 07:41 - 2021-02-06 07:41 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Local\PeerDistRepub
2021-02-06 07:40 - 2021-02-06 07:44 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Local\Google
2021-02-06 07:40 - 2021-02-06 07:40 - 000002323 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-06 07:40 - 2021-02-06 07:40 - 000002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-02-06 07:40 - 2021-02-06 07:40 - 000000000 ____D C:\Program Files\KeyboardNotification
2021-02-06 07:40 - 2021-02-06 07:40 - 000000000 ____D C:\Program Files\Google
2021-02-06 07:39 - 2021-02-06 07:39 - 000003472 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-06 07:39 - 2021-02-06 07:39 - 000003348 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-06 07:39 - 2021-02-06 07:39 - 000000000 ____D C:\Program Files (x86)\Google
2021-02-06 07:19 - 2021-02-06 07:19 - 000003108 _____ C:\Windows\system32\Tasks\FreeFixer background scan
2021-02-06 07:19 - 2021-02-06 07:19 - 000000358 _____ C:\Windows\Tasks\FreeFixer background scan.job
2021-02-06 07:18 - 2010-03-08 11:10 - 000013824 _____ (Kephyr) C:\Windows\system32\ffnd.exe
2021-02-06 07:16 - 2021-02-06 07:16 - 000003961 _____ C:\Users\Pavel-BLACK PC\Desktop\freefixer-log.txt
2021-02-06 07:14 - 2021-02-06 07:14 - 000000001 _____ C:\Users\Pavel-BLACK PC\Desktop\dsafsa
2021-02-06 07:13 - 2021-02-06 07:22 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Roaming\FreeFixer
2021-02-06 07:13 - 2021-02-06 07:22 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Local\FreeFixer
2021-02-06 07:13 - 2021-02-06 07:13 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeFixer
2021-02-06 07:13 - 2021-02-06 07:13 - 000000000 ____D C:\Program Files\FreeFixer
2021-02-06 06:51 - 2021-02-06 06:58 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Roaming\Notepad++
2021-02-06 06:51 - 2021-02-06 06:51 - 000000877 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-02-06 06:51 - 2021-02-06 06:51 - 000000865 _____ C:\Users\Public\Desktop\Notepad++.lnk
2021-02-06 06:51 - 2021-02-06 06:51 - 000000000 ____D C:\Program Files\Notepad++
2021-02-06 06:48 - 2021-02-06 06:48 - 000020480 _____ C:\Users\Pavel-BLACK PC\Desktop\tracking.txt
2021-02-06 06:48 - 2021-02-06 06:48 - 000000000 ____D C:\Users\Pavel-BLACK PC\Desktop\TreeView
2021-02-06 06:46 - 2021-02-06 06:46 - 000008192 _____ C:\Users\Pavel-BLACK PC\Desktop\DumpStacklog.txt
2021-02-06 06:44 - 2021-02-06 06:44 - 000413738 _____ C:\Users\Pavel-BLACK PC\Desktop\bootmngr.txt
2021-02-06 06:36 - 2021-02-06 06:36 - 000523020 _____ C:\Windows\Minidump\020621-2953-01.dmp
2021-02-06 06:14 - 2021-02-06 06:14 - 000021817 _____ C:\Users\Pavel-BLACK PC\Desktop\Process Hacker - vypis windows-all.txt
2021-02-06 05:57 - 2021-02-06 06:35 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Roaming\Process Hacker 2
2021-02-06 05:50 - 2021-02-06 05:50 - 000001965 _____ C:\Users\Pavel-BLACK PC\Desktop\Process Hacker 2.lnk
2021-02-06 05:50 - 2021-02-06 05:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2021-02-06 05:50 - 2021-02-06 05:50 - 000000000 ____D C:\Program Files\Process Hacker 2
2021-02-06 05:49 - 2021-02-06 05:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2021-02-06 05:49 - 2021-02-06 05:49 - 000000000 ____D C:\Program Files\HWiNFO64
2021-02-06 05:41 - 2021-02-06 05:41 - 000012794 _____ C:\Users\Pavel-BLACK PC\Desktop\2-gmer_druhy_restart_pozdeji.txt
2021-02-06 05:21 - 2021-02-06 05:21 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2021-02-06 05:20 - 2021-02-06 06:35 - 000198576 _____ C:\Windows\ntbtlog.txt
2021-02-06 05:18 - 2021-02-06 05:18 - 000579924 _____ C:\Windows\Minidump\020621-2984-01.dmp
2021-02-06 05:10 - 2021-02-06 05:10 - 000004471 _____ C:\Users\Pavel-BLACK PC\Desktop\gmer – zástupce.lnk
2021-02-06 05:10 - 2021-01-08 12:16 - 000380928 _____ C:\Users\Pavel-BLACK PC\Desktop\gmer.exe
2021-02-06 04:55 - 2021-02-06 06:36 - 737706028 _____ C:\Windows\MEMORY.DMP
2021-02-06 04:55 - 2021-02-06 06:36 - 000000000 ____D C:\Windows\Minidump
2021-02-06 04:55 - 2021-02-06 04:55 - 000644540 _____ C:\Windows\Minidump\020621-3062-01.dmp
2021-02-06 04:47 - 2021-02-06 04:48 - 000000000 ____D C:\Users\Pavel-BLACK PC\Desktop\!!!!DEBUG
2021-02-06 04:46 - 2021-02-06 04:46 - 000000000 __SHD C:\DrWeb Quarantine
2021-02-06 04:42 - 2021-02-06 04:42 - 000000000 ____D C:\Users\Pavel-BLACK PC\Doctor Web
2021-02-06 04:42 - 2021-02-06 04:42 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Local\Comms
2021-02-06 04:41 - 2021-02-06 04:41 - 001144448 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\dwprot.sys
2021-02-06 04:41 - 2021-02-06 04:41 - 000505592 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\drweblwf.sys
2021-02-06 04:41 - 2021-02-06 04:41 - 000390560 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\spiderg3.sys
2021-02-06 04:41 - 2021-02-06 04:41 - 000314888 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\dwsguard64.dll
2021-02-06 04:41 - 2021-02-06 04:41 - 000302824 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\dwdg.sys
2021-02-06 04:41 - 2021-02-06 04:41 - 000269168 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\dwsguard32.dll
2021-02-06 04:41 - 2021-02-06 04:41 - 000031952 _____ (Doctor Web, Ltd.) C:\Windows\system32\Drivers\dwelam.sys
2021-02-06 04:41 - 2021-02-06 04:41 - 000001010 _____ C:\Users\Public\Desktop\Dr.Web Scanner.lnk
2021-02-06 04:41 - 2021-02-06 04:41 - 000000051 _____ C:\Windows\restoro.ini
2021-02-06 04:41 - 2021-02-06 04:41 - 000000000 ____D C:\Windows\system32\Tasks\Doctor Web
2021-02-06 04:41 - 2021-02-06 04:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dr.Web
2021-02-06 04:40 - 2021-02-06 04:42 - 000000000 ____D C:\Users\Pavel-BLACK PC\Desktop\XIAOMI
2021-02-06 04:40 - 2021-02-06 04:42 - 000000000 ____D C:\Users\Pavel-BLACK PC\Desktop\foto
2021-02-06 04:40 - 2021-02-06 04:41 - 000000000 ____D C:\Program Files\DrWeb
2021-02-06 04:40 - 2021-02-06 04:40 - 000000000 ____D C:\Program Files\Common Files\Doctor Web
2021-02-06 04:40 - 2021-02-06 04:40 - 000000000 ____D C:\Program Files\Common Files\AV
2021-02-06 04:39 - 2021-02-06 04:47 - 000000000 ____D C:\Users\Pavel-BLACK PC\Desktop\!!!BILY COMP
2021-02-06 04:38 - 2021-02-06 06:36 - 000000000 ____D C:\ProgramData\Doctor Web
2021-02-06 04:18 - 2021-02-06 04:18 - 000003398 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3026336146-1677301123-4024542510-1001
2021-02-06 04:18 - 2021-02-06 04:18 - 000000000 ___RD C:\Users\Pavel-BLACK PC\OneDrive
2021-02-06 04:16 - 2021-02-06 04:16 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Local\Publishers
2021-02-06 04:15 - 2021-02-06 07:48 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Local\Packages
2021-02-06 04:15 - 2021-02-06 04:42 - 000000000 ____D C:\Users\Pavel-BLACK PC
2021-02-06 04:15 - 2021-02-06 04:18 - 000002392 _____ C:\Users\Pavel-BLACK PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-06 04:15 - 2021-02-06 04:16 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Local\ConnectedDevicesPlatform
2021-02-06 04:15 - 2021-02-06 04:15 - 000000020 ___SH C:\Users\Pavel-BLACK PC\ntuser.ini
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 _SHDL C:\Users\Pavel-BLACK PC\Šablony
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 _SHDL C:\Users\Pavel-BLACK PC\Soubory cookie
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 _SHDL C:\Users\Pavel-BLACK PC\Poslední
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 _SHDL C:\Users\Pavel-BLACK PC\Okolní tiskárny
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 _SHDL C:\Users\Pavel-BLACK PC\Okolní síť
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 _SHDL C:\Users\Pavel-BLACK PC\Nabídka Start
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 _SHDL C:\Users\Pavel-BLACK PC\Dokumenty
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 _SHDL C:\Users\Pavel-BLACK PC\Documents\Obrázky
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 _SHDL C:\Users\Pavel-BLACK PC\Documents\Hudba
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 _SHDL C:\Users\Pavel-BLACK PC\Documents\Filmy
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 _SHDL C:\Users\Pavel-BLACK PC\Data aplikací
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 _SHDL C:\Users\Pavel-BLACK PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 _SHDL C:\Users\Pavel-BLACK PC\AppData\Local\Data aplikací
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 ___RD C:\Users\Pavel-BLACK PC\3D Objects
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Roaming\Adobe
2021-02-06 04:15 - 2021-02-06 04:15 - 000000000 ____D C:\Users\Pavel-BLACK PC\AppData\Local\VirtualStore
2021-02-06 04:14 - 2021-02-06 04:14 - 000000000 ____D C:\Windows\CSC
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default\Šablony
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default\Poslední
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default\Okolní síť
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default\Dokumenty
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default\Data aplikací
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default User\Šablony
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default User\Soubory cookie
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default User\Poslední
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default User\Okolní tiskárny
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default User\Okolní síť
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default User\Nabídka Start
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default User\Dokumenty
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default User\Data aplikací
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\ProgramData\Šablony
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\ProgramData\Plocha
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\ProgramData\Dokumenty
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\ProgramData\Data aplikací
2021-02-06 04:12 - 2021-02-06 04:12 - 000000000 _SHDL C:\Documents and Settings
2021-02-06 04:10 - 2021-02-06 04:10 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3026336146-1677301123-4024542510-500
2021-02-06 04:10 - 2021-02-06 04:10 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2021-02-06 04:09 - 2021-02-06 06:36 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-06 04:09 - 2021-02-06 04:11 - 000000000 ____D C:\Windows\Panther

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-06 08:17 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-02-06 07:50 - 2020-11-19 00:55 - 001605410 _____ C:\Windows\system32\PerfStringBackup.INI
2021-02-06 07:50 - 2019-12-07 15:43 - 000682184 _____ C:\Windows\system32\perfh005.dat
2021-02-06 07:50 - 2019-12-07 15:43 - 000137000 _____ C:\Windows\system32\perfc005.dat
2021-02-06 07:48 - 2020-11-19 00:50 - 000000000 ____D C:\ProgramData\Packages
2021-02-06 07:48 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-06 07:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-02-06 07:47 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-06 06:36 - 2020-11-19 00:46 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-02-06 06:36 - 2020-11-18 23:46 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-02-06 05:19 - 2019-12-07 10:03 - 000262144 _____ C:\Windows\system32\config\BBI
2021-02-06 04:41 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-02-06 04:21 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-02-06 04:15 - 2020-11-19 00:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-02-06 04:14 - 2019-12-07 15:45 - 000000000 ____D C:\Windows\system32\FxsTmp
2021-02-06 04:12 - 2020-11-19 00:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-06 04:12 - 2020-11-19 00:48 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-06 04:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2021-02-06 04:12 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows NT
2021-02-06 04:10 - 2020-11-19 00:48 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-06 04:10 - 2020-11-19 00:48 - 000003286 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-06 04:10 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2021-02-06 04:10 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-02-06 04:09 - 2020-11-18 23:46 - 000258096 _____ C:\Windows\system32\FNTCACHE.DAT
2021-02-06 04:09 - 2019-12-07 10:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================