Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2021
Ran by Koltmen (administrator) on LAPTOP-IOPB4Q9E (LENOVO 80WK) (22-03-2021 19:13:55)
Running from C:\Users\Koltmen\Desktop
Loaded Profiles: Koltmen
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Online Connect -> Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Intel(R) Online Connect Access -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [NerveCenterTray] => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe [245088 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1903224 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [829632 2016-06-24] (Dolby Laboratories, Inc. -> )
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4293120 2017-06-09] (Disc Soft Ltd) [File not signed]
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [19405824 2017-04-14] () [File not signed]
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [8555008 2017-10-16] () [File not signed]
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Run: [Koltmen] => explorer.exe hxxp://dinoraptzor.org <==== ATTENTION
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\MountPoints2: {12905d53-6217-11e7-83df-0028f8690842} - "G:\AutoRun.exe" 
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\MountPoints2: {897fc491-0190-11eb-8437-0028f8690842} - "H:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-128453223-1902492851-2738235570-1001\...\MountPoints2: {c607fb7c-6cab-11e7-83e0-0028f8690842} - "G:\setup.exe" 
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116224 2017-06-15] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-18] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0405440A-A6DA-4250-98DF-45FDAC8C383E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\60f0dc31-b9e1-46ab-8d18-fb2dcb6df942 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {083F4A58-9EFD-4B0D-92F1-FE3750E71202} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-09] (Google Inc -> Google Inc.)
Task: {12932C7D-6B5C-495B-8E12-615E661DA379} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1395FE75-1FBF-44AF-BB03-BDB262E73A9A} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
Task: {20F9FB43-D689-419E-B61E-8A2FAB607138} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\ScheduleEventAction.exe [15768 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
Task: {2C9CE8F7-1C47-41FC-9AAE-A29904D41A7A} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [732280 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {301291CF-183F-4FA2-B363-3029EEB90F0F} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {3D7EB9E9-E33E-41AE-80BE-DA56B5CAE45A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {49FDA6B5-9321-440D-894F-7FE43C05C42C} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-15] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {4DA8F4A3-007B-4D9C-B816-E43778E34135} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649336 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {507F55AC-E475-4E86-A83B-3C0C340BBF5E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8cb30162-31dc-4b5a-bd55-b3204307018d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {57373005-70C5-46E7-ABC4-C81AC0B96E44} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-10-14] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {5FC34A08-3F08-4F8E-A47B-D324F1E8072F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {6D4E384A-F0C8-4D5B-8F62-1A457AA927AE} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-15] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {771F84FE-DFA1-4305-8A31-C9E3AB28B4FA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [732280 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {81E651B7-13F4-4867-8150-A09BC870A1C9} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {842E60DC-42B5-40EB-A1F8-54D1AE809084} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {86E9152D-13CB-4B10-B18D-4BAEDF3E196E} - System32\Tasks\Microsoft Windows Mail => C:\Users\Koltmen\AppData\Roaming\NVIDIA\Windows Mail\wabmig.exe
Task: {8ED36A54-6849-413C-9C14-69351B679B25} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {9855E922-BD89-49E2-941F-2017DC459BDA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A31A38C8-3663-4E6C-8724-33DC3DC0AA6D} - System32\Tasks\NerveCenterUpdate => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe [744800 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
Task: {A7F04BA3-58E8-41C0-B5D0-D9BB69C8981E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {B23BD0CE-E571-4363-BD17-6097C610BFD2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B3A8AC6F-78C0-4E1E-B3BB-62CF98173264} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436856 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3EC21D6-7E70-459D-A68F-B94B78A6A644} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-03-04] (Avast Software s.r.o. -> AVAST Software)
Task: {C54FC365-84C8-4BD3-9A9D-7BB04AC909C4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D52316BD-CD8A-4712-85CF-35D12172C05E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-09] (Google Inc -> Google Inc.)
Task: {D70836F7-0DE9-4B98-AAB0-6BDEFDE306B6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c293f687-8f0a-4cc8-8738-76bf3dd9eba7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {D9CE9103-692F-4A08-A921-C25938BA8709} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62368 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {D9E539F5-4E7E-49DC-9E7C-8DCC611AEFF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DE90E0BE-9E87-4128-B13B-32EE203D3135} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [946296 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E694F061-F1A2-4C45-AB86-B3491BE338AD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [649336 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E87B2B06-8BBD-4398-97C7-FC60DC653109} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\39269b97-3d1d-450f-ba94-5abfd4f99984 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {F7870503-D1DF-4A78-AAD6-63D16C3B077D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1704568 2017-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FE09CF0B-8401-416B-9CF0-535C8F791979} - System32\Tasks\Koltmen => cmd.exe /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Koltmen /t REG_SZ /d "explorer.exe http://dinoraptzor.org" <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{40b110d3-32d4-444e-9d9f-59bc2fccb845}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{a3364c84-2acf-4cb8-a463-901140117078}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Koltmen\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-21]
Edge HomePage: Default -> hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP

FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files (x86)\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-10-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-16] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-16] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default [2021-03-22]
CHR Notifications: Default -> hxxps://www.lgshop.cz
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-07]
CHR Extension: (Dokumenty) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-07]
CHR Extension: (Disk Google) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-29]
CHR Extension: (YouTube) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-09]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-14]
CHR Extension: (Tabulky) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-12]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Gmail) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\Koltmen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-13]
CHR HKU\S-1-5-21-128453223-1902492851-2738235570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-18] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-18] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57536 2020-03-18] (Avast Software s.r.o. -> AVAST Software)
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-07] (LENOVO -> Lenovo)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-05-30] (Disc Soft Ltd -> Disc Soft Ltd)
S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2017-10-06] (Dassault Systèmes) [File not signed]
S2 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [392032 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2413024 2018-04-05] (Intel Corporation -> Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
U3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25312 2016-11-02] (Intel(R) Online Connect -> Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [34528 2016-11-02] (Intel(R) Online Connect -> Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-15] (Intel(R) Software Asset Manager -> Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-18] (Intel(R) Online Connect Access -> Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-18] (Intel(R) Online Connect Access -> Intel(R) Corporation)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe [20880 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
S2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (pdfforge GmbH -> Â© pdfforge GmbH.)
S2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [966496 2017-04-28] (LENOVO -> Lenovo(beijing) Limited)
S2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37864 2020-03-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205576 2020-03-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [271120 2020-03-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [206608 2020-03-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [64272 2020-03-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279360 2020-03-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42976 2020-03-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110560 2020-03-04] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84056 2020-03-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848672 2020-03-04] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [458584 2020-03-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316256 2020-03-04] (Avast Software s.r.o. -> AVAST Software)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [173432 2016-08-11] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 CMUAC; C:\WINDOWS\system32\DRIVERS\Headset6400x1.SYS [387072 2013-10-03] (C-MEDIA ELECTRONICS INC. -> A4Tech Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-06-09] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-06-09] (Disc Soft Ltd -> Disc Soft Ltd)
R3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [46576 2017-04-28] (Lenovo (Beijing) Co., Ltd. -> Lenovo(beijing) Limited)
R3 MpKsl983512f2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A226D329-F16C-4833-A982-3A8085C696BB}\MpKslDrv.sys [90360 2021-03-22] (Microsoft Windows -> Microsoft Corporation)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-14] (Intel(R) Technology Access -> Intel Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-17] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-22 19:10 - 2021-03-22 19:12 - 000048649 _____ C:\Users\Koltmen\Desktop\Addition.txt
2021-03-22 19:09 - 2021-03-22 19:14 - 000027503 _____ C:\Users\Koltmen\Desktop\FRST.txt
2021-03-22 19:09 - 2021-03-22 19:09 - 000000000 ____D C:\Users\Koltmen\Desktop\FRST-OlderVersion
2021-03-22 19:03 - 2021-03-22 19:03 - 000042486 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (17).pdf
2021-03-22 19:00 - 2021-03-22 19:00 - 000059008 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1616436033.pdf
2021-03-21 19:30 - 2021-03-21 19:30 - 000059009 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1616351424.pdf
2021-03-21 19:30 - 2021-03-21 19:30 - 000042450 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (16).pdf
2021-03-21 19:29 - 2021-03-21 19:29 - 000059009 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1616351379.pdf
2021-03-21 09:31 - 2021-03-21 09:31 - 001440460 _____ C:\Users\Koltmen\Downloads\3.pdf
2021-03-21 06:38 - 2021-03-21 06:38 - 008463216 _____ (Malwarebytes) C:\Users\Koltmen\Downloads\AdwCleaner.exe
2021-03-21 06:37 - 2021-03-21 06:37 - 008463216 _____ (Malwarebytes) C:\Users\Koltmen\Downloads\adwcleaner_8.1 (2).exe
2021-03-17 17:03 - 2021-03-17 17:03 - 000042770 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (15).pdf
2021-03-17 17:00 - 2021-03-17 17:00 - 000059012 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1615996825.pdf
2021-03-15 18:26 - 2021-03-15 18:26 - 000042756 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (14).pdf
2021-03-15 18:23 - 2021-03-15 18:23 - 000059011 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1615829038.pdf
2021-03-14 19:39 - 2021-03-14 19:39 - 002346549 _____ C:\Users\Koltmen\Downloads\F57DFDC7-2241-4DD2-89A2-6B56E1E53BF0.jpeg
2021-03-14 19:39 - 2021-03-14 19:39 - 001639669 _____ C:\Users\Koltmen\Downloads\CAC92101-C6E1-475E-95AA-70997988CE2C.jpeg
2021-03-14 18:12 - 2021-03-14 18:12 - 000042606 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (13).pdf
2021-03-14 18:08 - 2021-03-14 18:08 - 000059009 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1615741719.pdf
2021-03-14 04:15 - 2021-03-14 04:15 - 008463216 _____ (Malwarebytes) C:\Users\Koltmen\Downloads\adwcleaner_8.1 (1).exe
2021-03-12 20:42 - 2021-03-12 20:42 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-12 20:41 - 2021-03-12 20:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-12 20:41 - 2021-03-12 20:41 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-12 20:41 - 2021-03-12 20:41 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-12 20:41 - 2021-03-12 20:41 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-12 20:41 - 2021-03-12 20:41 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-12 20:41 - 2021-03-12 20:41 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-12 20:41 - 2021-03-12 20:41 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-12 20:41 - 2021-03-12 20:41 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-12 19:41 - 2021-03-12 19:41 - 000001269 _____ C:\Users\Koltmen\Downloads\hranol.wrl
2021-03-12 19:41 - 2021-03-12 19:41 - 000001269 _____ C:\Users\Koltmen\Downloads\hranol (1).wrl
2021-03-12 06:01 - 2021-03-12 06:01 - 001810588 _____ C:\WINDOWS\Minidump\031221-15140-01.dmp
2021-03-11 18:36 - 2021-03-11 18:36 - 000042630 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (12).pdf
2021-03-10 20:28 - 2021-03-10 20:28 - 000042690 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (11).pdf
2021-03-10 20:27 - 2021-03-10 20:27 - 000059010 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1615404459.pdf
2021-03-08 18:38 - 2021-03-08 18:38 - 000042674 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (10).pdf
2021-03-08 18:32 - 2021-03-08 18:32 - 000058484 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1615224758.pdf
2021-03-07 18:02 - 2021-03-07 18:02 - 000042604 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (9).pdf
2021-03-07 17:57 - 2021-03-07 17:57 - 000058726 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1615136235.pdf
2021-03-07 11:24 - 2021-03-07 11:24 - 000001093 _____ C:\Users\Public\Desktop\Heroes of Might and Magic V - Tribes of the East.lnk
2021-03-07 11:20 - 2021-03-07 11:20 - 000000748 _____ C:\Users\Public\Desktop\Heroes of Might & Magic V - Hammers of Fate.lnk
2021-03-07 11:18 - 2021-03-07 11:18 - 000000736 _____ C:\Users\Public\Desktop\Heroes of Might and Magic V.lnk
2021-03-07 11:16 - 2021-03-07 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2021-03-07 11:16 - 2021-03-07 11:16 - 000000001 _____ C:\WINDOWS\SysWOW64\SI.bin
2021-03-07 06:36 - 2021-03-07 06:36 - 000035342 _____ C:\Users\Koltmen\Downloads\[SkT]Heroes_of_Might_and_Magic_V_ _Hammers_of_fate__ _Tribes_of_the_east_vse_v_cz_dabingu.torrent
2021-03-04 19:05 - 2021-03-04 19:05 - 000042504 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (8).pdf
2021-03-03 18:48 - 2021-03-03 18:48 - 000042550 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (7).pdf
2021-03-03 18:41 - 2021-03-03 18:41 - 000058721 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1614793314.pdf
2021-03-01 18:17 - 2021-03-01 18:17 - 000058720 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1614619027.pdf
2021-02-28 10:32 - 2021-02-28 10:32 - 000042456 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (6).pdf
2021-02-28 10:23 - 2021-02-28 10:24 - 000172718 _____ C:\Users\Koltmen\Downloads\Analyseergebnis.pdf
2021-02-28 10:21 - 2021-02-28 10:21 - 000033288 _____ C:\Users\Koltmen\Downloads\Person-ID.pdf
2021-02-28 07:11 - 2021-03-22 19:10 - 000000000 ____D C:\Users\Koltmen\AppData\Local\WhatsApp
2021-02-28 07:11 - 2021-02-28 07:11 - 000002214 _____ C:\Users\Koltmen\Desktop\WhatsApp.lnk
2021-02-26 19:02 - 2021-02-26 19:02 - 000042430 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (5).pdf
2021-02-26 05:03 - 2021-02-26 05:03 - 008463216 _____ (Malwarebytes) C:\Users\Koltmen\Downloads\adwcleaner_8.1.exe
2021-02-25 18:21 - 2021-02-25 18:21 - 000042670 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (4).pdf
2021-02-25 18:19 - 2021-02-25 18:19 - 000058723 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1614273567.pdf
2021-02-24 16:54 - 2021-02-24 16:54 - 000042630 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (3).pdf
2021-02-24 16:53 - 2021-02-24 16:53 - 000058720 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1614182013.pdf
2021-02-23 18:12 - 2021-02-23 18:12 - 000042484 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (2).pdf
2021-02-23 18:06 - 2021-02-23 18:06 - 000058720 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1614100014.pdf
2021-02-22 17:12 - 2021-02-22 17:12 - 000042422 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung (1).pdf
2021-02-22 17:11 - 2021-02-22 17:11 - 000058698 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1614010271.pdf
2021-02-21 19:46 - 2021-02-21 19:46 - 000042512 _____ C:\Users\Koltmen\Downloads\Einreiseanmeldung.pdf
2021-02-21 19:37 - 2021-02-21 19:37 - 000058698 _____ C:\Users\Koltmen\Downloads\Cadova_Vera_1613932656.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-22 19:14 - 2017-09-15 20:14 - 000000000 ____D C:\FRST
2021-03-22 19:13 - 2020-09-26 17:23 - 000000000 ____D C:\Users\Koltmen\AppData\Roaming\WhatsApp
2021-03-22 19:09 - 2017-09-15 20:11 - 002300928 _____ (Farbar) C:\Users\Koltmen\Desktop\FRST64.exe
2021-03-22 18:58 - 2020-11-28 01:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-22 18:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-22 16:57 - 2017-09-29 05:15 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-22 16:55 - 2021-01-03 09:01 - 000000000 ____D C:\Users\Koltmen\AppData\Roaming\.tlauncher
2021-03-22 16:55 - 2019-04-19 18:40 - 000000000 ____D C:\Users\Koltmen\AppData\Roaming\.minecraft
2021-03-21 06:38 - 2017-09-16 05:10 - 000000000 ____D C:\AdwCleaner
2021-03-19 16:55 - 2020-08-22 04:30 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-19 16:55 - 2020-08-22 04:30 - 000002264 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-03-19 16:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-19 16:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-18 11:31 - 2017-06-09 18:54 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-18 11:31 - 2017-06-09 18:54 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-03-17 16:18 - 2018-06-29 18:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-14 04:13 - 2017-06-09 17:15 - 000000000 __SHD C:\Users\Koltmen\IntelGraphicsProfiles
2021-03-13 05:52 - 2020-11-28 01:15 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-13 05:52 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-13 05:52 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-13 05:52 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-13 05:50 - 2020-11-28 01:12 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-128453223-1902492851-2738235570-1001
2021-03-13 05:50 - 2020-11-28 01:06 - 000002374 _____ C:\Users\Koltmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-13 05:50 - 2017-06-09 17:16 - 000000000 ___RD C:\Users\Koltmen\OneDrive
2021-03-13 05:45 - 2020-11-28 01:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-13 05:45 - 2020-11-28 01:04 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-13 05:45 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-12 21:06 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-12 21:05 - 2020-11-28 01:04 - 000548880 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-12 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-12 20:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-12 20:35 - 2017-06-09 19:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-12 20:32 - 2017-06-09 19:04 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-12 19:41 - 2018-02-20 19:17 - 000000000 ___RD C:\Users\Koltmen\3D Objects
2021-03-12 19:25 - 2017-07-20 05:57 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-12 19:16 - 2017-06-21 15:19 - 000119168 _____ C:\Users\Koltmen\AppData\Local\GDIPFONTCACHEV1.DAT
2021-03-12 17:48 - 2020-11-28 01:06 - 000000000 ____D C:\Users\Koltmen
2021-03-12 06:01 - 2021-01-11 10:30 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-11 18:33 - 2020-10-31 19:48 - 000000000 ___HD C:\$WinREAgent
2021-03-07 18:04 - 2019-11-10 08:41 - 000000000 ____D C:\Users\Koltmen\AppData\Roaming\qBittorrent
2021-03-07 11:26 - 2017-07-08 05:56 - 000000000 ____D C:\Users\Koltmen\Documents\My Games
2021-03-07 11:23 - 2017-02-17 05:02 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-03-07 07:26 - 2017-06-22 15:43 - 000000000 ____D C:\Users\Koltmen\AppData\Roaming\vlc
2021-03-07 07:23 - 2019-08-07 08:50 - 000000000 ____D C:\Users\Koltmen\Desktop\Nová složka
2021-03-04 11:12 - 2020-11-28 06:05 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c51ad35f69aa
2021-03-04 11:12 - 2020-11-28 01:12 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-28 07:11 - 2020-09-26 17:23 - 000000000 ____D C:\Users\Koltmen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-02-28 07:11 - 2020-09-26 17:23 - 000000000 ____D C:\Users\Koltmen\AppData\Local\SquirrelTemp
2021-02-27 10:56 - 2020-11-28 01:12 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-23 18:24 - 2020-10-25 03:47 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-02-23 18:24 - 2020-10-25 03:47 - 000062368 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-02-23 18:24 - 2017-12-16 06:55 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-02-23 18:23 - 2020-10-25 03:47 - 000429936 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-02-21 08:44 - 2020-10-25 17:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2017-09-15 19:15 - 2017-09-15 19:19 - 000000600 _____ () C:\Users\Koltmen\AppData\Local\PUTTY.RND
2019-08-21 05:20 - 2019-08-21 05:20 - 000000017 _____ () C:\Users\Koltmen\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================