Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-07-2021
Ran by jarek111 (administrator) on JAREK (Gigabyte Technology Co., Ltd. H81M-S2V) (03-08-2021 10:13:14)
Running from C:\Users\jarek111\Downloads
Loaded Profiles: jarek111
Platform: Windows 10 Home Version 21H1 19043.1110 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <8>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2665051500-3522279824-1738750142-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\jarek111\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-2665051500-3522279824-1738750142-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\jarek111\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-2665051500-3522279824-1738750142-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2665051500-3522279824-1738750142-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2665051500-3522279824-1738750142-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198000 2019-12-23] (Support.com Inc -> SUPERAntiSpyware)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-03] (Google LLC -> Google LLC)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-04-12] () [File not signed] <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {098377E8-E5DA-4A77-8C50-6E00F75BA2EC} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "https://www.roboform.com/uninstall.html?aaa=KICMIMNJGMMMMMMMJJMMCNLJPMLMLJCNLMKMJMJMCNGMKMPMNJCNNMOJGMHMMJOJLJLMMMOMMJJJJNJICMHMCNJMCNPMFMOMOMCNHMHMKMCNOMIMOMMMLMFMPMCNPMCNOMIMOMMMLMCNNMJNPICMPMFMFMJMLMJMJNHICMEKMICNJJCKJNBJCMFJOJNIKJEJOMOMOMJNKJCMJNNICMJNDJCMMJFIJNMJCMPMFMPMFMPMJNFICMNIJJIIGJPIKJAJKILIBNKJHIKJ"
Task: {09AE4F45-8456-4E26-8D3B-EFD2D1B91960} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27051F4C-D7C8-4439-9A0A-6ADD889432D5} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {2A523C56-608F-41AC-AD8D-1E7112D86999} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {31094CC1-8902-4EDA-9D81-1BEA55987CDA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {32BD99B2-E74B-4380-B5D9-17BA1EA2408F} - System32\Tasks\G2MUploadTask-S-1-5-21-2665051500-3522279824-1738750142-1001 => C:\Users\jarek111\AppData\Local\GoToMeeting\19796\g2mupload.exe [31176 2021-07-07] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {345000A1-4576-4F04-BF7F-CA9609820591} - System32\Tasks\{1840354C-AB7A-4E56-A975-212A1C15EA64} => C:\Windows\system32\pcalua.exe -a D:\AUTORUN.EXE -d D:\
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {36525031-9543-4C87-B524-A3D4DD36B911} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {403B3669-2B0B-49D7-A16A-ED0AE1986DDD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4FE61C4F-DB69-474E-8F43-DCE7830F0D72} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5827BBEF-DC31-46E9-8743-21ED7A60F382} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {588056B5-A933-4933-987C-E758BA54432B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4903192 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
Task: {67FECC6C-749A-4353-BB9E-03A78C928E55} - System32\Tasks\update-S-1-5-21-2665051500-3522279824-1738750142-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {6B5B2658-CE32-4128-B128-009BB93DAE2A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {6CCA58FE-7654-4BBB-86B5-0A88F65155B3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-05-05] (Avast Software s.r.o. -> Avast Software)
Task: {6D19FA7E-6C94-44EF-B858-768A3FE1C57E} - System32\Tasks\ExchangeMonitorStartup-JAREK-jarek111 => C:\Users\jarek111\AppData\Local\Temp\Rar$EXa8248.13626\exchangemonitor.exe <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {75960A05-361B-48D4-8A4C-039DF7A6B2AB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7F3B6329-5A59-419B-886A-C6783EA810E1} - System32\Tasks\Pointstone\System Cleaner\Log On Notice => C:\Program Files (x86)\Pointstone\System Cleaner 7\Helper.exe
Task: {80475760-20F8-41F2-B322-D1F0E4306249} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8A6C9EC5-E9FF-49A9-9264-409E6342179E} - System32\Tasks\{FF2E50CD-8DA0-4153-B4D2-0ACD67C775B7} => C:\Windows\system32\pcalua.exe -a C:\Diablo\diablo.exe -d C:\Diablo
Task: {8D74D339-8B60-4DB6-97CA-0084A4F26F1D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8F4E8144-EC10-408E-ACEC-FFB5FB461FC3} - System32\Tasks\DriverDoc automatic scan and new device notifications => C:\Program Files (x86)\DriverDoc\DOCTray.exe
Task: {9E75DAC4-5643-40B3-AA5D-141E8B21EA77} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A147B71D-2D05-4EAC-A714-F85A6A110147} - System32\Tasks\G2MUpdateTask-S-1-5-21-2665051500-3522279824-1738750142-1001 => C:\Users\jarek111\AppData\Local\GoToMeeting\19796\g2mupdate.exe [31176 2021-07-07] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {A508EAEB-893B-49C5-9059-27B975AEC0C8} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {A6ED65D0-14E3-4DCA-A71D-AE8A7D311767} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {A9EF2022-874A-4C31-A0CD-843C822B307F} - System32\Tasks\Pointstone\System Cleaner\Daily Notice => C:\Program Files (x86)\Pointstone\System Cleaner 7\Helper.exe
Task: {AA652C06-10FB-4F13-BEBA-E725A130F3D6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {ADB92759-8DE4-4895-8FB4-31D1E74938A0} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {AF159E49-2F60-473C-AC60-2DE018CA7C98} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B09D94C6-7D93-417A-A149-91809A288648} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {B16FC5B8-402E-43A3-BD2D-04EAAF181629} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {BF47C412-B498-42C5-8151-01161F20B9DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {C5674BBD-EEBD-4181-B584-5194B6ADF685} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C660F213-4092-4D1B-A404-15CEBA8CD562} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [7415352 2020-05-26] (NCH Software, Inc. -> NCH Software)
Task: {C8A1B3BD-D6BA-4810-87CC-C2A8BADD4ED1} - System32\Tasks\{0E213ACA-1448-44C3-9BAF-7BF925674B2E} => C:\Windows\system32\pcalua.exe -a D:\setup.EXE -d D:\ -c /autorun
Task: {CC7FC21C-1387-43B4-9B8B-D4DDBB2E126A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D65C8C8A-A4F4-467E-AB80-36C424E00FF4} - System32\Tasks\Opera scheduled Autoupdate 1424516048 => C:\Program Files (x86)\Opera\launcher.exe [908408 2015-07-14] (Opera Software ASA -> Opera Software)
Task: {E37705A6-57CE-4A0B-961F-85540BD432F0} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {E86165B3-7C38-4328-80BF-E593F90F68CE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {ECD33A68-99BC-49BC-925F-201855471325} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {EF3EC917-B133-4B1E-8E2D-91152604DEDA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F166C8BC-9089-4F16-95BE-8B86259C79F2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F4B2AFB0-A211-4A13-99A8-E05C59E0EA4F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F5DEC78E-27CA-4CC4-A79C-D1403770F69E} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job => C:\ProgramData\cisB400.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2665051500-3522279824-1738750142-1001.job => C:\Users\jarek111\AppData\Local\GoToMeeting\19796\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2665051500-3522279824-1738750142-1001.job => C:\Users\jarek111\AppData\Local\GoToMeeting\19796\g2mupload.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2665051500-3522279824-1738750142-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1
Tcpip\..\Interfaces\{4fbd9f7e-fe4c-426f-a44e-7c13ce5548e7}: [DhcpNameServer] 192.168.88.1

Edge: 
=======
Edge Notifications: HKU\S-1-5-21-2665051500-3522279824-1738750142-1001 -> hxxps://affmarketers.club; hxxps://massivecommissions.club; hxxps://commissionscrusher.club; hxxps://grants1.club; hxxps://grants2.club; hxxps://janblogs.com; hxxps://gadgetopoly.com; hxxps://www.affiliatesuccessdomination.net; hxxps://finboost3.club; hxxps://best2017games.com; hxxps://wealthpress.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\jarek111\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-03]

FireFox:
========
FF DefaultProfile: 76bflbeu.default-1538226975632
FF ProfilePath: C:\Users\jarek111\AppData\Roaming\Mozilla\Firefox\Profiles\iy2r3k7l.default-release [2021-08-03]
FF Homepage: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> hxxps://porndoe.com; hxxps://voyeurhit.com; hxxps://www.kupi.cz; hxxps://www.penize.cz; hxxps://businesscenter.podnikatel.cz; hxxps://discoverheal.com; hxxps://appcoiner.com; hxxps://blog.mranswerable.com; hxxps://www.amolatina.com; hxxps://goodbase.biz; hxxps://yourbulletproofprofits.com; hxxps://ebuno.net; hxxps://onlineincome.space; hxxps://cbreviewtoday.pushengage.com; hxxps://portal.theconversionpros.com; hxxps://harveyknopp.pushcrew.com; hxxps://khanzai.pushengage.com; hxxps://sexsimulators.com; hxxps://blog.howdywellness.com; hxxps://fucksporn.com; hxxps://vivud.com; hxxps://gameraccesshub.com; hxxps://porcore.com; hxxps://cs.cujournals.com; hxxps://pornone.com; hxxps://www.xozilla.com; hxxps://www.zdnet.com; hxxps://www.acomware.cz; hxxps://searchmarketinglist.pushcrew.com; hxxps://www.smithsonianmag.com; hxxps://porngames.games; hxxps://www.freehookupaffair.com; hxxps://knowledgenuts.com; hxxps://1.watch-video.net; hxxps://imgsrc.ru; hxxps://www.reddit.com; hxxps://twitter.com; hxxps://www.marieclaire.fr; hxxps://www.pastelextras.com; hxxps://www.youtube.com
FF HomepageOverride: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> Disabled: _l1Members_@www.videoconverterhd.com
FF HomepageOverride: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> Disabled: _drMembers_@free.downloadinboxnow.com
FF HomepageOverride: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> Disabled: _qwMembers_@free.shoppingdealslive.com
FF HomepageOverride: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> Disabled: _oiMembers_@screenaddict.thewhizproducts.com
FF HomepageOverride: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> Disabled: _l6Members_@www.propdfconverter.com
FF HomepageOverride: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> Disabled: _k8Members_@www.mymapsexpress.com
FF NewTabOverride: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> Disabled: _l1Members_@www.videoconverterhd.com
FF NewTabOverride: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> Disabled: _drMembers_@free.downloadinboxnow.com
FF NewTabOverride: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> Disabled: {5849fc76-08e3-4d14-9d43-6bba81fd99f0}
FF NewTabOverride: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> Disabled: _qwMembers_@free.shoppingdealslive.com
FF NewTabOverride: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> Disabled: _oiMembers_@screenaddict.thewhizproducts.com
FF NewTabOverride: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> Disabled: _l6Members_@www.propdfconverter.com
FF NewTabOverride: Mozilla\Firefox\Profiles\iy2r3k7l.default-release -> Disabled: _k8Members_@www.mymapsexpress.com
FF Extension: (Gооgle) - C:\Users\jarek111\AppData\Roaming\Mozilla\Firefox\Profiles\iy2r3k7l.default-release\Extensions\{4fcc317a-d0ed-4ab3-b575-c5afa345c78a}.xpi [2020-12-08]
FF SearchPlugin: C:\Users\jarek111\AppData\Roaming\Mozilla\Firefox\Profiles\iy2r3k7l.default-release\searchplugins\seznam-avast.xml [2019-08-28]
FF ProfilePath: C:\Users\jarek111\AppData\Roaming\Mozilla\Firefox\Profiles\76bflbeu.default-1538226975632 [2021-08-03]
FF Homepage: Mozilla\Firefox\Profiles\76bflbeu.default-1538226975632 -> hxxps://www.seznam.cz/?clid=22668
FF NewTab: Mozilla\Firefox\Profiles\76bflbeu.default-1538226975632 -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\76bflbeu.default-1538226975632 -> hxxps://www.amateri.com; hxxps://your-mobile1.os.tc; hxxps://offerzone.click; hxxps://player.filezog.com; hxxps://pornq.com; hxxps://www.txxx.com; hxxps://livenewsextra.com; hxxps://twitter.com; hxxps://www.seznamka.cz; hxxps://www.5nejlepsichseznamek.cz; hxxps://smh.mx; hxxps://www.komando.com; hxxps://goheavy.pushcrew.com; hxxps://incomeprofits2.club; hxxps://successfulaffiliatemarketer.com; hxxps://longtermfortunecom.foxpush.net; hxxps://subscribe.ru; hxxps://13.newpush1.club; hxxps://earnfreedom.club; hxxps://throwyourwallet.com; hxxps://warriorplus.com; hxxps://www.dreamstime.com; hxxps://optinmonster.com; hxxps://accessbonus.club; hxxps://500aday.club; hxxps://abundance.cash; hxxps://onlinewealth.os.tc; hxxps://dotcommoney.pushengage.com; hxxps://money.cz; hxxps://32.nutrk.com; hxxps://loostnews.biz; hxxps://install.notify-service.com; hxxps://zestradar.com; hxxps://gretaith.com; hxxps://10krealvisitors.pushcrew.com; hxxps://fmo.pushcrew.com
FF HomepageOverride: Mozilla\Firefox\Profiles\76bflbeu.default-1538226975632 -> Enabled: _omMembers_@screenwatch.yournewtab.com
FF HomepageOverride: Mozilla\Firefox\Profiles\76bflbeu.default-1538226975632 -> Disabled: _ogMembers_@seen-on-screen.thewhizmarketing.com
FF NewTabOverride: Mozilla\Firefox\Profiles\76bflbeu.default-1538226975632 -> Enabled: _omMembers_@screenwatch.yournewtab.com
FF NewTabOverride: Mozilla\Firefox\Profiles\76bflbeu.default-1538226975632 -> Disabled: _ogMembers_@seen-on-screen.thewhizmarketing.com
FF NewTabOverride: Mozilla\Firefox\Profiles\76bflbeu.default-1538226975632 -> Disabled: _b7Members_@free.mytransitguide.com
FF Extension: (Grammarly for Firefox) - C:\Users\jarek111\AppData\Roaming\Mozilla\Firefox\Profiles\76bflbeu.default-1538226975632\Extensions\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack.xpi [2020-07-01]
FF Extension: (Seen On Screen) - C:\Users\jarek111\AppData\Roaming\Mozilla\Firefox\Profiles\76bflbeu.default-1538226975632\Extensions\_ogMembers_@seen-on-screen.thewhizmarketing.com.xpi [2019-07-29] [UpdateUrl:hxxps:\/\/updates.tb.ask.com\/updateXpi.json?id=235338170&version=100.12.15.63282&track=S29415&trackRevision=1&fromId=_ogMembers_%40seen-on-screen.thewhizmarketing.com&isBridgeExtension=false]
FF SearchPlugin: C:\Users\jarek111\AppData\Roaming\Mozilla\Firefox\Profiles\76bflbeu.default-1538226975632\searchplugins\seznam-avast.xml [2019-08-28]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-2665051500-3522279824-1738750142-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\jarek111\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-01-20] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default [2021-08-03]
CHR Notifications: Default -> hxxps://1.fortynine-minutes.live; hxxps://1.successfulaffiliatemarketer.com; hxxps://115.successfulaffiliatemarketer.com; hxxps://12.cashprofitclub.com; hxxps://12.successfulaffiliatemarketer.com; hxxps://2.fortynine-minutes.live; hxxps://2.newpush1.club; hxxps://22.successfulaffiliatemarketer.com; hxxps://23.successfulaffiliatemarketer.com; hxxps://25.successfulaffiliatemarketer.com; hxxps://3.newpush1.club; hxxps://4.newpush1.club; hxxps://5.goodpush7.club; hxxps://5.newpush1.club; hxxps://500aday.club; hxxps://6.cashprofitclub.com; hxxps://6.newpush1.club; hxxps://7.goodpush5.club; hxxps://7.goodpush6.club; hxxps://7.newpush1.club; hxxps://8.newpush1.club; hxxps://8020research.pushcrew.com; hxxps://abundance.cash; hxxps://accessbonus.club; hxxps://adamhmorgan.com; hxxps://affiliatesuccessdomination.pushcrew.com; hxxps://affmarketers.club; hxxps://alpha9summit.com; hxxps://b8f1b9.offerzone.click; hxxps://basepush.com; hxxps://beclevereveryday.com; hxxps://bengmylf.com; hxxps://beyondsuccess.pushcrew.com; hxxps://bluesolutionforevercom.foxpush.net; hxxps://bonushere.pushcrew.com; hxxps://businessideasrevealed.pushengage.com; hxxps://cerimcwhiskers.com; hxxps://cocomoney.pushengage.com; hxxps://commissions.network; hxxps://commissionscrusher.club; hxxps://cpacommissions.com; hxxps://dailyprofitsguru.com; hxxps://dotcommoney.net; hxxps://easywealthdaily.sendpulse.com; hxxps://elitematex.xyz; hxxps://extrabonus.co; hxxps://fountainofwealth.club; hxxps://freedailygift.space; hxxps://gdbonus.club; hxxps://growthprotip2.club; hxxps://growthprotip3.club; hxxps://growthprotip7.club; hxxps://growthprotip9.club; hxxps://helpyouout.club; hxxps://hiddengiftforyou.com; hxxps://hotchedmothe.club; hxxps://hugmesolutions.com; hxxps://incomeprofits2.club; hxxps://investment-rules.com; hxxps://justforhosting.space; hxxps://kalervomarketers.pushcrew.com; hxxps://launchteam.pro; hxxps://letsmakegreen.com; hxxps://livenewsextra.com; hxxps://longtermfortunecom.foxpush.net; hxxps://loveitlikeitshareit.com; hxxps://magneticcommissions.club; hxxps://makemoneyonline.tv; hxxps://massivecommissions.club; hxxps://mightynews7.club; hxxps://money-all-well-earned.com; hxxps://money-is-funny.online; hxxps://myrecommentions.pushcrew.com; hxxps://myrecommentions.pushengage.com; hxxps://network-teliana-in.space; hxxps://next3xperience.com; hxxps://novaplus.nova.cz; hxxps://offertoday.club; hxxps://onlinebonusesgiveaway-club.pushengage.com; hxxps://onlinecash100.website; hxxps://onlineincome.space; hxxps://optinmonster.com; hxxps://orpvpeervi4a.pushfire.io; hxxps://pallabghosal.pushcrew.com; hxxps://pallabghosal.pushengage.com; hxxps://plus.google.com; hxxps://pusharest.com; hxxps://pushnest.com; hxxps://qliker.io; hxxps://rapidfunnelseasy.pushcrew.com; hxxps://rewards10.click; hxxps://smh.mx; hxxps://successclubcafe.sendpulse.com; hxxps://t-ex02.trkex.com; hxxps://t-ex09.trkex.com; hxxps://t-ex12.trkex.com; hxxps://t-ex13.trkex.com; hxxps://t-ex14.trkex.com; hxxps://t-ex16.trkex.com; hxxps://t-ex18.trkex.com; hxxps://tafahad.pushcrew.com; hxxps://traintoearn.pushcrew.com; hxxps://upornia.com; hxxps://valueforthings.com; hxxps://valueforthingscom.foxpush.net; hxxps://veggiehold.com; hxxps://vivabeyondcom.foxpush.net; hxxps://wealthbeyondclub.foxpush.net; hxxps://woohoo.site; hxxps://wp.easycashsys.com; hxxps://www.3stepmethod.com; hxxps://www.a2hosting.com; hxxps://www.affiliatesuccessdomination.net; hxxps://www.extrabonus.info; hxxps://www.facebook.com; hxxps://www.forbes.com; hxxps://www.hdzog.com; hxxps://www.komando.com; hxxps://www.mattharriscoaching.com; hxxps://www.txxx.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxp://imgsrc.ru/main/search.php?nopass=on&cat=16&page=2","hxxp://imgsrc.ru/paolarisso/55389881.html"
CHR NewTab: Default ->  Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTabSwitcher.html", Active:"chrome-extension://dpjamkmjmigaoobjbekmfgabipmfilij/empty_ntp.html"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Prezentace) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-23]
CHR Extension: (Dokumenty) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-23]
CHR Extension: (Disk Google) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-04]
CHR Extension: (Search App - Music) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdakeabklomkbkpjcfofngojemolgipb [2017-09-22]
CHR Extension: (Seznam doplněk - Email) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-12-03]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-08-01]
CHR Extension: (YouTube) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-09]
CHR Extension: (Vyhledávání Google) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-09]
CHR Extension: (Empty New Tab Page) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij [2019-07-01]
CHR Extension: (Tabulky) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-08-03]
CHR Extension: (Popularity Sort for eBay™) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\gikmaepdichkplhdildclnphgpiaiibf [2021-08-03]
CHR Extension: (Yesware for Chrome) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjnkapjmjfpipfcccnjbjcbgdnahpjp [2021-08-03]
CHR Extension: (RightTasks for Gmail™) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgniockidojcaaolfcbbkaaakbjdebpe [2021-03-23]
CHR Extension: (Commerce Inspector) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\kefmekfmfacbdefimlancoccpocmgmpb [2021-08-03]
CHR Extension: (Rapidcatch eBay auction sniper) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\lipfgikjgiomnaimfagefeljjimbhlha [2021-03-23]
CHR Extension: (SearchApp - Games) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\lofpchfahdddolpdgipilglmfggmnmim [2017-09-22]
CHR Extension: (ToDoList) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbmfidhcfnmomikjffdkconjckhcfdf [2016-05-10]
CHR Extension: (Send Later by The Top Inbox) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfddgbpdnaeliohhkbdbcmenpnkepkgn [2019-05-16]
CHR Extension: (Awesome Movies Search) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngigicgnnbfclgjgfgolihpjghfmaaic [2020-07-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-23]
CHR Extension: (ActiveInbox: Organize Gmail™ tasks) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeehiifcaeengdofhogmkblhkmpephcj [2021-03-23]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2021-03-23]
CHR Extension: (Gmail) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-03]
CHR Extension: (Streak CRM for Gmail) - C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2021-03-23]
CHR Profile: C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-03]
CHR Profile: C:\Users\jarek111\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-03]
CHR HKU\S-1-5-21-2665051500-3522279824-1738750142-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]

Brave: 
=======
BRA Profile: C:\Users\jarek111\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-08-03]
BRA Extension: (Tampermonkey) - C:\Users\jarek111\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2020-05-03]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\jarek111\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-08-27]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\jarek111\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-08-27]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\jarek111\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-05-03]
BRA Extension: (PDF Viewer) - C:\Users\jarek111\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2018-12-01]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\jarek111\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-08-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8249936 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [625432 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [373528 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-20] (Avast Software s.r.o. -> AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606632 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S2 ssinstall; C:\WINDOWS\SysWoW64\ssins.exe [4696960 2016-12-13] (PS Media s.r.o. -> PS Media s.r.o.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [216928 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [366616 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17328 2021-05-20] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [182600 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524400 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107848 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851192 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471920 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215384 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [327536 2021-06-23] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-12-19] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-29] (Disc Soft Ltd -> Disc Soft Ltd)
S3 gdrv; C:\Windows\gdrv.sys [25640 2015-01-28] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
S3 oneagentmon; C:\WINDOWS\system32\DRIVERS\oneagentmon.sys [40904 2018-11-21] (Dynatrace LLC -> Dynatrace LLC)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-07-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425192 2021-07-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-03 10:13 - 2021-08-03 10:22 - 000040930 _____ C:\Users\jarek111\Downloads\FRST.txt
2021-08-03 10:12 - 2021-08-03 10:20 - 000000000 ____D C:\FRST
2021-08-03 10:11 - 2021-08-03 10:11 - 002300416 _____ (Farbar) C:\Users\jarek111\Downloads\FRST64.exe
2021-08-03 10:07 - 2021-08-03 10:07 - 002012672 _____ (Farbar) C:\Users\jarek111\Downloads\FRST.exe
2021-07-29 06:20 - 2021-07-29 06:21 - 026670502 _____ C:\Users\jarek111\Downloads\family_reunion_7_sunday_mandys_sister.exe
2021-07-23 07:31 - 2021-07-23 07:31 - 000016958 _____ C:\WINDOWS\system32\results.xml
2021-07-23 07:25 - 2021-07-23 07:26 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-07-23 05:56 - 2021-07-23 05:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-22 19:23 - 2021-07-23 07:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-15 04:51 - 2021-07-15 04:51 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-15 04:51 - 2021-07-15 04:51 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-15 04:51 - 2021-07-15 04:51 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-15 04:51 - 2021-07-15 04:51 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-15 04:50 - 2021-07-15 04:50 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-15 04:50 - 2021-07-15 04:50 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-14 16:52 - 2021-08-03 10:41 - 000003102 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2021-07-14 16:41 - 2021-07-14 16:41 - 000000000 ____D C:\Users\jarek111\AppData\Local\Intel
2021-07-14 16:40 - 2021-08-03 10:41 - 000003030 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2021-07-14 16:40 - 2021-08-03 10:41 - 000002664 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2021-07-14 16:40 - 2020-12-15 14:37 - 000041816 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2021-07-14 16:38 - 2021-07-14 16:38 - 005980224 _____ (Intel) C:\Users\jarek111\Downloads\Intel-Driver-and-Support-Assistant-Installer.exe
2021-07-14 16:35 - 2021-07-14 16:36 - 131104768 _____ (Intel Corporation) C:\Users\jarek111\Downloads\intel-hd-graphics-driver_15.28.23.64.4101Win7,8,8.164-bit(1).exe
2021-07-14 16:34 - 2021-07-14 16:34 - 021985000 _____ (Igor Pavlov) C:\Users\jarek111\Downloads\nvidia-omega-drivers_1.6693.exe
2021-07-14 16:34 - 2021-07-14 16:34 - 001048576 _____ () C:\Users\jarek111\Downloads\nvidia_wxp_omega_16693.exe
2021-07-14 16:26 - 2021-07-14 16:29 - 131104768 _____ (Intel Corporation) C:\Users\jarek111\Downloads\intel-hd-graphics-driver_15.28.23.64.4101Win7,8,8.164-bit.exe
2021-07-14 16:23 - 2021-07-14 16:29 - 341796888 _____ (Intel) C:\Users\jarek111\Downloads\igfx_win10_100.8336.exe
2021-07-14 16:20 - 2021-08-03 10:41 - 000002478 _____ C:\WINDOWS\system32\Tasks\DriverDoc automatic scan and new device notifications
2021-07-14 16:20 - 2021-07-14 16:52 - 000000000 ____D C:\Users\jarek111\AppData\Roaming\DriverDoc
2021-07-14 16:20 - 2021-07-14 16:50 - 000000000 ____D C:\Program Files (x86)\DriverDoc
2021-07-14 16:20 - 2021-07-14 16:20 - 005873664 _____ (Solvusoft Corporation ) C:\Users\jarek111\Downloads\Setup_DriverDoc_2021.exe
2021-07-14 16:12 - 2021-07-14 16:12 - 000000000 ____D C:\Users\jarek111\Downloads\DirectX_9.0c_Aug2009_Redistributable
2021-07-14 16:05 - 2021-07-14 16:11 - 119098936 _____ C:\Users\jarek111\Downloads\DirectX_9.0c_Aug2009_Redistributable.rar
2021-07-14 08:29 - 2021-07-14 09:27 - 1071133882 _____ C:\Users\jarek111\Desktop\Might_and_Magic_9_EN+CZ_for_Windows_7-8-10_and_later.rar
2021-07-08 08:06 - 2021-07-08 08:49 - 796385560 _____ C:\Users\jarek111\Downloads\Černý-Petr-(1964) -- Miloš- Forman.avi
2021-07-07 08:07 - 2021-07-07 08:07 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-07 08:07 - 2021-07-07 08:07 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-07 08:07 - 2021-07-07 08:07 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-07 08:07 - 2021-07-07 08:07 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-07 08:07 - 2021-07-07 08:07 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-07 08:07 - 2021-07-07 08:07 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-07 08:06 - 2021-07-07 08:06 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-07 08:06 - 2021-07-07 08:06 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-07 08:06 - 2021-07-07 08:06 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-07 08:06 - 2021-07-07 08:06 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-05 08:39 - 2021-06-01 08:23 - 001152000 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-03 10:41 - 2021-01-07 08:09 - 000003378 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d44099309a95
2021-08-03 10:41 - 2020-12-17 09:01 - 000003766 _____ C:\WINDOWS\system32\Tasks\Open URL by RoboForm
2021-08-03 10:41 - 2020-12-17 09:01 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-03 10:41 - 2020-12-17 09:01 - 000003460 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-03 10:41 - 2020-12-17 09:01 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-03 10:41 - 2020-12-17 09:01 - 000003322 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-2665051500-3522279824-1738750142-1001
2021-08-03 10:41 - 2020-12-17 09:01 - 000003236 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-03 10:41 - 2020-12-17 09:01 - 000003228 _____ C:\WINDOWS\system32\Tasks\ExchangeMonitorStartup-JAREK-jarek111
2021-08-03 10:41 - 2020-12-17 09:01 - 000003226 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-2665051500-3522279824-1738750142-1001
2021-08-03 10:41 - 2020-12-17 09:01 - 000003162 _____ C:\WINDOWS\system32\Tasks\Run RoboForm TaskBar Icon
2021-08-03 10:41 - 2020-12-17 09:01 - 000003114 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1424516048
2021-08-03 10:41 - 2020-12-17 09:01 - 000003102 _____ C:\WINDOWS\system32\Tasks\update-S-1-5-21-2665051500-3522279824-1738750142-1001
2021-08-03 10:41 - 2020-12-17 09:01 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-08-03 10:41 - 2020-12-17 09:01 - 000002846 _____ C:\WINDOWS\system32\Tasks\update-sys
2021-08-03 10:41 - 2020-12-17 09:01 - 000002812 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2665051500-3522279824-1738750142-1001
2021-08-03 10:41 - 2020-12-17 09:01 - 000002810 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2665051500-3522279824-1738750142-500
2021-08-03 10:41 - 2020-12-17 09:01 - 000002280 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-08-03 10:41 - 2020-12-17 09:01 - 000002214 _____ C:\WINDOWS\system32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3}
2021-08-03 10:41 - 2020-12-17 09:01 - 000002060 _____ C:\WINDOWS\system32\Tasks\{FF2E50CD-8DA0-4153-B4D2-0ACD67C775B7}
2021-08-03 10:41 - 2020-12-17 09:01 - 000002056 _____ C:\WINDOWS\system32\Tasks\{0E213ACA-1448-44C3-9BAF-7BF925674B2E}
2021-08-03 10:41 - 2020-12-17 09:01 - 000002036 _____ C:\WINDOWS\system32\Tasks\{1840354C-AB7A-4E56-A975-212A1C15EA64}
2021-08-03 10:41 - 2020-12-17 09:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-08-03 10:41 - 2020-05-03 14:48 - 000000664 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2665051500-3522279824-1738750142-1001.job
2021-08-03 10:41 - 2020-05-03 14:48 - 000000568 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2665051500-3522279824-1738750142-1001.job
2021-08-03 10:41 - 2019-08-14 13:34 - 000000406 _____ C:\WINDOWS\Tasks\update-sys.job
2021-08-03 10:41 - 2019-08-14 13:34 - 000000406 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2665051500-3522279824-1738750142-1001.job
2021-08-03 10:19 - 2015-08-14 18:44 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-03 09:49 - 2015-02-18 10:40 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-03 09:48 - 2016-11-19 06:01 - 000000000 ____D C:\Users\jarek111\AppData\LocalLow\Mozilla
2021-08-03 09:46 - 2016-03-29 12:25 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-03 09:46 - 2014-10-29 17:35 - 000000000 ____D C:\Program Files (x86)\Intel
2021-08-03 09:41 - 2017-03-30 10:04 - 000000000 ____D C:\Program Files\CCleaner
2021-08-03 08:40 - 2018-07-19 04:43 - 000000000 ____D C:\Users\jarek111\AppData\Local\CrashDumps
2021-08-03 08:16 - 2015-08-14 18:45 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-03 08:15 - 2017-09-25 18:52 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-08-03 07:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-03 07:57 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-03 07:56 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-03 07:46 - 2020-06-11 20:47 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-03 07:46 - 2020-06-11 20:47 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-08-03 07:13 - 2015-02-21 12:53 - 000000000 ____D C:\Program Files (x86)\Opera
2021-08-03 07:11 - 2020-12-17 09:01 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-08-03 07:08 - 2017-06-06 15:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-08-03 07:08 - 2015-02-17 18:24 - 000000000 __SHD C:\Users\jarek111\IntelGraphicsProfiles
2021-07-30 10:42 - 2020-12-17 08:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-30 10:14 - 2015-09-27 18:43 - 000000000 ____D C:\Users\jarek111\Desktop\kkkkk
2021-07-28 12:37 - 2015-02-19 18:53 - 000001150 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-07-28 12:36 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-28 12:35 - 2015-02-21 12:51 - 000000000 ____D C:\Users\jarek111\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-07-28 12:35 - 2015-02-21 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-07-28 12:35 - 2015-02-21 12:51 - 000000000 ____D C:\Program Files (x86)\WinRAR
2021-07-28 11:19 - 2018-07-18 19:36 - 000000000 ____D C:\Users\jarek111\AppData\Local\AVAST Software
2021-07-23 07:31 - 2015-08-14 18:28 - 000000000 ____D C:\ProgramData\AVAST Software
2021-07-23 07:30 - 2020-12-17 09:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-23 07:30 - 2020-12-17 08:37 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-23 07:30 - 2015-02-18 10:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-23 07:30 - 2014-10-29 17:37 - 000000000 ____D C:\ProgramData\Intel
2021-07-23 07:29 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-23 07:26 - 2017-06-06 15:34 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2021-07-23 07:26 - 2015-08-10 19:24 - 000000000 ____D C:\Intel
2021-07-23 05:56 - 2016-10-27 06:54 - 000001097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-21 07:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-15 05:07 - 2020-12-17 08:51 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-15 05:07 - 2019-12-07 16:41 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-15 05:07 - 2019-12-07 16:41 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-15 05:00 - 2020-12-17 08:38 - 000267080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-15 04:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-15 04:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-15 04:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-15 04:57 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-14 17:03 - 2015-02-21 13:58 - 000000000 ____D C:\GOG Games
2021-07-14 16:39 - 2017-06-06 15:34 - 000000000 ____D C:\Program Files\Intel
2021-07-14 05:45 - 2015-02-19 21:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-14 05:30 - 2015-02-19 21:18 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-12 09:12 - 2018-02-20 08:35 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-08 11:36 - 2015-02-19 18:53 - 000000000 ____D C:\Users\jarek111\AppData\Roaming\vlc
2021-07-07 21:00 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-07 21:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-07 21:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-07 21:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-07 21:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-07 21:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-07 21:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-07 21:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-07 07:36 - 2020-05-03 14:48 - 000000000 ____D C:\Users\jarek111\AppData\Local\GoToMeeting

==================== Files in the root of some directories ========

2020-06-13 00:17 - 2020-07-15 15:04 - 000007003 _____ () C:\Users\jarek111\AppData\Local\PlariumPlay.log
2019-08-14 13:34 - 2019-08-14 13:34 - 000000003 _____ () C:\Users\jarek111\AppData\Local\updater.log
2019-08-14 13:34 - 2019-08-27 14:11 - 000000059 _____ () C:\Users\jarek111\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================