Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2022
Ran by Lenka (administrator) on LENKA_NTB (SAMSUNG ELECTRONICS CO., LTD. RC410/RC510/RC710) (20-03-2022 01:39:07)
Running from C:\Users\Lenka\Downloads
Loaded Profiles: Lenka
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(C:\Program Files (x86)\Avira\Antivirus\avguard.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(C:\Program Files (x86)\Mozilla Firefox\firefox.exe ->) (Adlice -> ) C:\Users\Lenka\Downloads\RogueKiller_portable64.exe
(C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(hkcmd.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\GfxUI.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dfrgui.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <10>
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(taskeng.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe
(taskeng.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(taskeng.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(taskeng.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(taskeng.exe ->) (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\SamsungFastStart\SmartRestarter.exe
(taskeng.exe ->) (Samsung Electronics Co., Ltd.) [File not signed] C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(taskeng.exe ->) (Sun Microsystems, Inc. -> Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2149160 2010-05-21] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [618496 2010-06-08] () [File not signed]
HKLM-x32\...\Run: [Avira Security startup helper] => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [255408 2022-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe --startup_mode (No File)
HKU\S-1-5-21-4280770497-168080415-3478767895-1001\...\Run: [] => [X]
HKU\S-1-5-21-4280770497-168080415-3478767895-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe --startup_mode (No File)
HKLM\...\Windows x64\Print Processors\spd__PC: C:\Windows\System32\spool\prtprocs\x64\spd__pc.dll [33792 2007-06-27] (Windows (R) Server 2003 DDK provider) [File not signed]
HKLM\...\Print\Monitors\EPSON SX410 Series 64MonitorBE: C:\Windows\system32\E_ILMFCE.DLL [108032 2008-08-08] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\HP E111 Status Monitor: C:\Windows\system32\hpinkstsE111LM.dll [393352 2017-04-14] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\spd__ Langmon: C:\Windows\system32\spd__l.dll [27648 2008-06-05] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.74\Installer\chrmstp.exe [2022-03-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-12-24] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2010-10-22] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03156FF3-CF90-467E-B1D8-F26EE22082DC} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [775336 2010-08-19] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) [File not signed]
Task: {0AC37877-88BD-40BF-B75F-251E388155F7} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {0D47584D-4577-404F-9BCE-CF94C627936A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {110E45D2-481C-49A5-9833-C11569940277} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2996592 2010-08-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
Task: {13ED95FC-753A-42F3-8148-9B7E0EFB42DF} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {17E75D6C-6E21-4B47-B14F-2C361C2482CE} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2648424 2021-10-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {19AAF6F2-3F74-4027-B38D-3FBAB3ED106A} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4387632 2010-11-17] (Samsung Electronics CO., LTD. -> SEC)
Task: {325CD12E-2623-4923-9F8B-487489F0F021} - System32\Tasks\{E163BBD2-0370-4B06-B1BA-22FFE06B723E} => C:\Windows\system32\pcalua.exe -a "C:\Users\Lenka\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe" -c /uninstl
Task: {33D2CA59-1811-4388-98EF-1DA41C4F3810} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {354DFDAD-903A-4040-86ED-2A9966AF3D28} - System32\Tasks\{3937F2AD-7EB7-4DDE-9B09-2AAD0C8EB033} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\SMARTM~1\UNWISE.EXE -c C:\PROGRA~2\SMARTM~1\INSTALL.LOG
Task: {44625E6B-FC51-4FDF-982C-9496E5A74567} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\4 => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B055486-57EA-4368-9BF3-852BB6658EDC} - System32\Tasks\{EEE1968F-E650-4061-8009-082194EBEA71} => C:\Windows\system32\pcalua.exe -a E:\Driver\setup.exe -d E:\Driver
Task: {4C522322-A89F-4AB3-9F30-F6F5AC4EBD8F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [270936 2017-02-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {50B2DB0D-5554-4665-A3E9-B52D1AEBE1C7} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\2 => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {54CF8438-A4F2-4E7F-BB9F-747E0F6A9893} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6675672 2016-04-15] (Piriform Ltd -> Piriform Ltd)
Task: {6F82FF0E-04C7-4447-AE82-D2E181C43DB9} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {71B75EE3-0C82-43B5-85D1-2092E572A646} - System32\Tasks\Avira\System Speedup\SecurityTestScheduler => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [255408 2022-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {7538927C-5AE7-4E5F-8CBA-AC296541B381} - System32\Tasks\Avira_Security_Update => C:\Windows\system32\net.exe [55808 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {7F917D6B-E25A-4055-8D0B-DA4303585CEC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-02] (Google Inc -> Google Inc.)
Task: {88E1D0E9-6D0E-4102-8EED-E18BEFD58D19} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1668112 2022-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {8B07EB10-61CC-4DBF-B488-4DFADF7E53FD} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe hide (No File)
Task: {8D3FA7A4-AE27-4E6A-B65F-0A140D7BE9E9} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [255408 2022-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {9984F489-EC7F-4E5F-8404-EF67ABEDF118} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {9984F489-EC7F-4E5F-8404-EF67ABEDF118} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {9984F489-EC7F-4E5F-8404-EF67ABEDF118} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {9A014C30-C1FF-4D8E-88BF-9ED9A6F2E54B} - System32\Tasks\{FC850C6F-1392-42A1-927A-6E1D5F1309B8} => "c:\users\lenka\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/5.8.0.158/en/abandoninstall?page=tsPlugin
Task: {A567CE52-3E99-4B9B-9FF8-10A3672704D1} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-05053A95\EPM.exe (No File)
Task: {A8FA23E0-DE42-4319-B9E6-BCD46833B283} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe /2 (No File)
Task: {B02133D2-0F4D-4026-85D3-A6CC7C547A7B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {B4CB0575-476A-4654-8791-8E99464E6C60} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [32806920 2022-03-10] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {D701714B-2C65-4B00-9055-4D045C3E90EC} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe (No File)
Task: {E6C6FE5F-C072-40D1-A35E-AF305421EF22} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\3 => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
Task: {E9FF6E31-D2AC-4E92-89A1-2C1227276793} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC9B918E-58FE-40B8-B3C0-1BCD5C7A4018} - System32\Tasks\Avira\System Speedup\Delayed Startup\Lenka\1 => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [255408 2022-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) -> LaunchApp "C:\Users\Lenka\AppData\Local\Avira\Security\Delay Load for Current\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk" /tsr
Task: {EFD2CF3E-13B1-4521-8672-9DEE65FAEEEB} - System32\Tasks\EasySpeedUpManager => Command(1): "%programfiles(x86)%\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe" -> /s
Task: {EFD2CF3E-13B1-4521-8672-9DEE65FAEEEB} - System32\Tasks\EasySpeedUpManager => Command(2): C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [719360  [719360 2010-02-10]] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {FFC6235D-6617-4864-92E2-8C40CD122FF7} - System32\Tasks\Avira\System Speedup\Delayed Startup\All users\1 => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [255408 2022-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) -> LaunchApp "C:\ProgramData\Avira\Security\Delay Load for ALL\Bluetooth.lnk"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{DA0E780E-F719-468A-BA57-E81BA4D561B8}: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{E15DA4A3-0301-4689-908A-3948AD6EAE4F}: [DhcpNameServer] 10.0.0.138
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge: 
=======
Edge Profile: C:\Users\Lenka\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-30]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]

FireFox:
========
FF DefaultProfile: m3hykz8w.default
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\m3hykz8w.default [2022-03-20]
FF user.js: detected! => C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\m3hykz8w.default\user.js [2022-03-19]
FF Homepage: Mozilla\Firefox\Profiles\m3hykz8w.default -> hxxps://www.malwarebytes.org/restorebrowser/3_pr__alt__ddc_dsssyc_bd_com
FF Extension: (No Name) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\m3hykz8w.default\extensions\DivXWebPlayer@divx.com.xpi [not found]
FF Extension: (No Name) - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\m3hykz8w.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [not found]
FF SearchPlugin: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\m3hykz8w.default\searchplugins\firmycz.xml [2013-04-02]
FF SearchPlugin: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\m3hykz8w.default\searchplugins\mapycz.xml [2013-04-02]
FF SearchPlugin: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\m3hykz8w.default\searchplugins\zbocz.xml [2013-04-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-02-09] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-02-09] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-24] (Sun Microsystems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default [2022-03-19]
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.netflix.com
CHR Extension: (Disk Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-22]
CHR Extension: (Avira Password Manager) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-03-19]
CHR Extension: (Avira Safe Shopping) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-03-19]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-02-27]
CHR Extension: (Avira Browser Safety) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-03-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-09]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-03-09]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-04]
CHR HKU\S-1-5-21-4280770497-168080415-3478767895-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Lenka\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-11-18]
CHR HKU\S-1-5-21-4280770497-168080415-3478767895-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-4280770497-168080415-3478767895-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"TrueSight" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\TrueSight => \??\C:\Windows\System32\drivers\truesight.sys <==== ATTENTION (Rootkit!/Locked Service)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [270936 2017-02-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1206648 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [485048 2021-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [574832 2022-01-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3000232 2022-02-18] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [261936 2022-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [265608 2022-03-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [132144 2022-02-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [90776 2014-03-20] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [158912 2019-03-28] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [163840 2007-12-17] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [221600 2021-10-22] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [177112 2021-02-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [35376 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2022-03-20] (Malwarebytes Corporation -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 MpKslb16bf09a; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E50A76CF-9E24-4931-BB13-68B7CF3B53C5}\MpKslDrv.sys [48360 2022-03-20] (Microsoft Windows -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-04-12] (Realtek Semiconductor Corp -> Windows (R) 2003 DDK 3790 provider)
R1 SABI; C:\Windows\system32\Drivers\SABI.sys [13824 2009-05-28] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
S3 smsbda; C:\Windows\System32\drivers\smsbda.sys [63520 2009-09-18] (Siano Mobile Silicon -> Siano)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-04-25] (Apple, Inc.) [File not signed]
U1 aswbdisk; no ImagePath
S3 clwvd; system32\DRIVERS\clwvd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-20 01:45 - 2022-03-20 01:45 - 000000022 _____ C:\Users\Lenka\Downloads\log.zip
2022-03-20 01:27 - 2022-03-20 01:39 - 000047809 _____ C:\Users\Lenka\Downloads\Addition.txt
2022-03-20 01:12 - 2022-03-20 01:42 - 000031527 _____ C:\Users\Lenka\Downloads\FRST.txt
2022-03-20 01:10 - 2022-03-20 01:41 - 000000000 ____D C:\FRST
2022-03-20 01:09 - 2022-03-20 01:09 - 002364928 _____ (Farbar) C:\Users\Lenka\Downloads\FRST64.exe
2022-03-20 00:30 - 2022-03-20 00:30 - 000000017 _____ C:\Users\Lenka\AppData\Local\resmon.resmoncfg
2022-03-20 00:26 - 2022-03-20 01:34 - 000000000 ____D C:\ProgramData\RogueKiller
2022-03-20 00:26 - 2022-03-20 00:26 - 037124664 _____ C:\Users\Lenka\Downloads\RogueKiller_portable64.exe
2022-03-20 00:14 - 2022-03-20 00:14 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-03-19 23:40 - 2022-03-19 23:40 - 000011788 _____ C:\Users\Lenka\Desktop\cc_20220319_234007.reg
2022-03-19 23:40 - 2022-03-19 23:40 - 000000450 _____ C:\Users\Lenka\Desktop\cc_20220319_234026.reg
2022-03-19 23:39 - 2022-03-19 23:39 - 000066456 _____ C:\Users\Lenka\Desktop\cc_20220319_233925.reg
2022-03-19 12:47 - 2022-03-19 12:47 - 000003710 _____ C:\Windows\system32\Tasks\Avira_Security_Maintenance
2022-03-19 12:45 - 2022-03-19 12:45 - 000003232 _____ C:\Windows\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-03-14 20:01 - 2022-03-20 00:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-03-10 23:05 - 2022-03-10 23:06 - 000007334 _____ C:\Users\Lenka\Desktop\Nový Textový dokument OpenDocument.odt
2022-03-10 22:39 - 2022-03-12 06:01 - 000000000 ____D C:\AdwCleaner
2022-03-10 22:38 - 2022-03-10 22:38 - 008540344 _____ (Malwarebytes) C:\Users\Lenka\Downloads\adwcleaner.exe
2022-03-10 22:15 - 2022-03-10 22:16 - 000161280 ___SH C:\Users\Lenka\Documents\Thumbs.db
2022-03-10 22:13 - 2022-03-10 22:13 - 000001718 _____ C:\Users\Lenka\Desktop\Fotky – zástupce.lnk
2022-03-10 22:10 - 2022-03-10 22:16 - 000000000 ____D C:\Users\Lenka\Documents\Fotky
2022-03-10 21:22 - 2022-03-10 21:22 - 000000000 ____D C:\Users\Lenka\Documents\Nová složka
2022-03-10 20:15 - 2022-03-10 20:15 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2022-03-10 19:54 - 2022-03-20 00:18 - 000000000 ____D C:\Users\Public\Security Sessions
2022-03-10 19:47 - 2022-03-10 19:47 - 000003292 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2022-03-10 19:47 - 2022-03-10 19:47 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2022-03-10 19:46 - 2021-10-22 08:45 - 000221600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2022-03-10 19:46 - 2021-02-09 18:03 - 000177112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2022-03-10 19:46 - 2019-06-07 14:09 - 000068152 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2022-03-10 19:46 - 2019-03-20 18:50 - 000078600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2022-03-10 19:46 - 2019-03-20 18:50 - 000036072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2022-03-10 19:46 - 2019-03-20 18:50 - 000035376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2022-03-10 19:39 - 2022-03-12 06:05 - 000000000 ____D C:\Users\Public\Speedup Sessions
2022-03-10 19:39 - 2022-03-10 19:55 - 000000000 ____D C:\Users\Lenka\AppData\Local\Avira
2022-03-10 19:39 - 2022-03-10 19:39 - 000003664 _____ C:\Windows\system32\Tasks\AviraSystemSpeedupUpdate
2022-03-10 19:38 - 2022-03-10 19:38 - 000000000 ____D C:\Windows\SysWOW64\statReporter
2022-03-10 19:36 - 2022-03-19 12:47 - 000002648 _____ C:\Windows\system32\Tasks\Avira_Security_Systray
2022-03-10 19:36 - 2022-03-19 12:45 - 000003310 _____ C:\Windows\system32\Tasks\Avira_Security_Update
2022-03-10 19:35 - 2022-03-19 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-03-10 19:35 - 2022-03-19 12:44 - 000000965 _____ C:\Users\Public\Desktop\Avira.lnk
2022-03-10 19:34 - 2022-03-10 19:54 - 000000000 ____D C:\ProgramData\Avira
2022-03-10 19:34 - 2022-03-10 19:45 - 000000000 ____D C:\Program Files (x86)\Avira
2022-03-10 19:26 - 2022-03-10 19:26 - 005954888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Lenka\Downloads\avira_en_sptl1_1420016541-1646936754__phpws-spotlight-release.exe
2022-03-10 19:23 - 2022-03-10 22:27 - 000000000 ____D C:\Windows\pss
2022-03-09 20:40 - 2022-03-20 01:46 - 000000000 ____D C:\Users\Lenka\AppData\LocalLow\Mozilla
2022-03-09 20:40 - 2022-03-20 00:25 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-09 20:40 - 2022-03-20 00:24 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-20 01:37 - 2014-02-17 20:34 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-20 00:24 - 2017-02-09 19:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-20 00:20 - 2009-07-14 05:45 - 000026496 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-03-20 00:20 - 2009-07-14 05:45 - 000026496 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-03-20 00:16 - 2012-05-17 21:36 - 002660352 ___SH C:\Users\Lenka\Desktop\Thumbs.db
2022-03-20 00:11 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-03-20 00:09 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2022-03-19 23:35 - 2017-03-10 08:54 - 000003132 _____ C:\Windows\system32\Tasks\{3937F2AD-7EB7-4DDE-9B09-2AAD0C8EB033}
2022-03-19 23:35 - 2011-05-30 17:59 - 000003062 _____ C:\Windows\system32\Tasks\{EEE1968F-E650-4061-8009-082194EBEA71}
2022-03-19 23:34 - 2012-05-24 21:24 - 000003108 _____ C:\Windows\system32\Tasks\{FC850C6F-1392-42A1-927A-6E1D5F1309B8}
2022-03-19 23:28 - 2018-02-11 17:36 - 000000000 ____D C:\Program Files (x86)\HP
2022-03-19 23:28 - 2018-02-11 17:08 - 000000000 ____D C:\ProgramData\HP
2022-03-19 23:27 - 2018-02-11 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2022-03-19 23:25 - 2018-03-30 20:20 - 000000000 ____D C:\Program Files\Google
2022-03-19 23:22 - 2010-12-20 03:46 - 000000000 ____D C:\Program Files (x86)\Windows Live
2022-03-19 23:19 - 2010-12-20 02:29 - 000000000 ____D C:\Program Files (x86)\CyberLink
2022-03-19 23:17 - 2010-12-20 02:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-03-19 23:16 - 2010-12-20 02:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2022-03-19 23:05 - 2010-12-20 02:15 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-19 23:05 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Help
2022-03-19 22:56 - 2011-05-23 13:48 - 000000000 ____D C:\ProgramData\Skype
2022-03-19 22:54 - 2010-12-20 02:19 - 000000000 ____D C:\Program Files\SAMSUNG
2022-03-19 22:53 - 2010-12-20 02:41 - 000000000 ____D C:\ProgramData\WildTangent
2022-03-19 22:53 - 2010-12-20 02:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2022-03-19 22:52 - 2010-12-20 02:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games
2022-03-19 22:52 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2022-03-19 18:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\tracing
2022-03-19 13:05 - 2014-04-27 15:11 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-19 13:05 - 2014-04-27 15:11 - 000002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-19 12:24 - 2020-10-30 18:25 - 000002181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-19 12:24 - 2020-10-30 18:25 - 000002140 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-03-19 12:21 - 2016-04-25 08:52 - 000003974 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{9E98DCFF-5EA1-4B78-AE79-982B79976FD2}
2022-03-12 11:07 - 2016-05-14 19:11 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\WildTangent
2022-03-12 11:07 - 2011-07-28 20:13 - 000001546 _____ C:\Users\Public\Desktop\WildTangent Games App - wildgames.lnk
2022-03-12 11:01 - 2011-05-30 17:47 - 000000000 ____D C:\Program Files (x86)\TV IR
2022-03-12 06:05 - 2011-12-21 14:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Samsung
2022-03-12 06:05 - 2010-12-20 02:40 - 000000000 ____D C:\ProgramData\WinClon
2022-03-12 06:05 - 2010-12-20 02:19 - 000000000 ____D C:\Program Files (x86)\Samsung
2022-03-12 06:05 - 2010-12-20 02:15 - 000000000 ____D C:\Users\UpdatusUser
2022-03-12 06:04 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2022-03-11 21:06 - 2011-05-23 13:39 - 000000000 ____D C:\Users\Lenka
2022-03-10 22:45 - 2011-06-26 19:09 - 000000000 ____D C:\ProgramData\ICQ
2022-03-10 22:45 - 2010-12-20 02:20 - 000000000 ____D C:\ProgramData\SAMSUNG
2022-03-10 22:28 - 2014-04-27 15:10 - 000003390 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-03-10 22:28 - 2014-04-27 15:10 - 000003262 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2022-03-10 21:51 - 2009-07-14 05:45 - 000453016 _____ C:\Windows\system32\FNTCACHE.DAT
2022-03-10 21:50 - 2017-02-09 19:53 - 000000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2022-03-10 19:52 - 2011-05-23 13:39 - 000121968 _____ C:\Users\Lenka\AppData\Local\GDIPFONTCACHEV1.DAT
2022-03-10 19:43 - 2013-08-01 21:14 - 000000000 ____D C:\Windows\system32\MRT
2022-03-10 19:20 - 2011-05-27 20:38 - 145666720 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-03-10 19:18 - 2020-10-30 18:24 - 000003356 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-10 19:18 - 2017-02-09 19:53 - 000003854 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2022-03-09 20:38 - 2020-10-30 18:24 - 000003484 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA

==================== Files in the root of some directories ========

2011-05-27 20:26 - 2011-05-27 20:26 - 000003584 _____ () C:\Users\Lenka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-03-20 00:30 - 2022-03-20 00:30 - 000000017 _____ () C:\Users\Lenka\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2022-03-13 15:02
==================== End of FRST.txt ========================