Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Notebook se zasekne

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Notebook se zasekne

#1 Příspěvek od Mortiz696 »

Dobrý den, Notebook mé známé se po chvíli práce zasekne a po celé obrazovce se zobrazí šachovnicový vzor po restartu jde pracovat a problém nastane neočekávaně nepravidelně někdy jde s notebookem pracovat i déle. Přikládám logy z FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05.2019
Ran by Jiří Schwarzer (administrator) on SCHWARZER (Acer Aspire 5740) (12-05-2019 12:21:36)
Running from C:\Users\Jiří Schwarzer\Downloads
Loaded Profiles: Jiří Schwarzer (Available Profiles: Jiří Schwarzer & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(LSI Corporation -> LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jiří Schwarzer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nero AG -> ) C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Oki Data Corporation -> Oki Data Corporation) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Software Sarl -> Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Software Sarl -> Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [728640 2014-09-15] (Oki Data Corporation -> Oki Data Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27815896 2017-07-28] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\Run: [] => [X]
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\MountPoints2: {ecd85716-212c-11e6-a554-806e6f6e6963} - "D:\launcher.exe"
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02985467-9870-499D-8935-D1793FAFB468} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {049FFD54-3923-4C8D-8077-85667E767DB6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {074D16A8-12B8-4236-9511-EC1E4C65941A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation)
Task: {09436BD2-40E4-4915-AE53-F82A65BAD14A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A50DFA9-9C52-480E-B860-5BFCDC7C86CF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {12976133-E3F2-4265-AF6B-3DFC515F69A5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {13D9E8F1-0648-4FC2-89F1-AC0D3D67A32E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {18BCDA2F-AB98-4AAB-BDA1-89DA28155A7D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1B2967D0-4D7C-4ACC-861C-ADA85D5D01B9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2BE0A806-EFB4-4CEE-9C5D-1D46E3D8785A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [698400 2019-05-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2F3DAFB8-AFE5-4E6C-9FD2-DC40478FC8DB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {321117F1-FD2E-4F1B-97B5-FC807D840EE8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {474F773F-C053-4C60-84E6-4C3812AE12AC} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {47B94C44-CA23-47B6-BD8A-8C9E6D2C6E7E} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: {4B69953A-B619-4667-8611-23C6074FC6B1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5F4B995D-026D-470C-9F4B-F4950E39443B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {5FE8A694-2E01-4544-8E45-BE440678CCFC} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {609A468C-7202-4350-AE07-D31FDE861C4F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {63ED4DD8-0935-488B-AE7A-5231E41AD4D3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6CADE188-F753-4A03-A2BA-B2E043CC36F0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {752996AB-9BC3-40BC-BF7C-8A6BFE26A7A3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {785A87E4-9491-4B0C-A8B4-81FC3D0BAC1C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B941E6C-CABB-4B34-8601-817AFBEB7908} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-09] (Adobe Inc. -> Adobe)
Task: {8777A7BE-7EB3-4F61-87AE-9A4208CE4453} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation)
Task: {8E1C5543-9617-4745-B5C0-1F3D6B7339F0} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {8F8077C2-37CE-4A09-9CEB-601291FA8408} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9A41FE16-5F2C-4DF4-9F55-2419E450CA18} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation)
Task: {A111F850-5368-4A1A-8661-19050B360D80} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A1DF13C3-C189-4196-B920-E8D7CAADA4ED} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {A5673961-24CD-4C65-9E71-71D1694AEFD4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B4E6B477-6B16-4FA3-96E0-42FEEDFD2BB9} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BAD7E8F7-32B9-4013-AD1A-2965F509BFDC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC98A90A-B77C-4A83-A06E-A1B365DA9374} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {BE7DA1D2-EE93-4F37-8A8C-BB5A413B8DB0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C358D492-426C-4A1A-8B7E-470B96BF391B} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {C4523028-38AE-48AD-8777-3469411B4535} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C715FFAB-F4C7-436E-B919-E633CF0E89D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C764611B-5FC3-4FB7-A570-0059C6664C6A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {CB8B3039-224B-4BFC-BDE6-9C10A3D2B47B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CC86AE7D-E46D-4B73-A66A-A681B1B2B93B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-09] (Adobe Inc. -> Adobe)
Task: {D7A14216-01E6-4A52-9217-C9B40F24B0E2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DCDB45C7-78B1-4145-90FF-281357160EAD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E6257CA8-86D1-4987-AB1E-837901D27FB0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E66BCAB3-3253-447D-A40A-984F7E5A4646} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EFDA732A-DD22-49D4-9DA8-B239A20E1A8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F1CE6005-0CF8-484B-A5AC-1BBE43C37B14} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F24CCC5A-58E9-4665-A6DF-B80508D8D769} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.96.161.7 212.96.160.6 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{0f9972a8-54fc-4912-9c85-e4d4f9f4eb23}: [DhcpNameServer] 212.96.161.7 212.96.160.6 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{40fdb800-1c6c-41c4-b715-ea4a407e12e1}: [DhcpNameServer] 212.96.161.7 212.96.160.6 8.8.8.8 192.168.1.1

Internet Explorer:
==================
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 6a1x2owl.default
FF ProfilePath: C:\Users\Jiří Schwarzer\AppData\Roaming\Mozilla\Firefox\Profiles\6a1x2owl.default [2019-05-12]
FF Homepage: Mozilla\Firefox\Profiles\6a1x2owl.default -> www.seznam.cz
FF NetworkProxy: Mozilla\Firefox\Profiles\6a1x2owl.default -> type", 0
FF Extension: (Web of Trust) - C:\Users\Jiří Schwarzer\AppData\Roaming\Mozilla\Firefox\Profiles\6a1x2owl.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2019-04-12]
FF Extension: (No Name) - C:\Users\Jiří Schwarzer\AppData\Roaming\Mozilla\Firefox\Profiles\6a1x2owl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-25]
FF Extension: (Google Privacy) - C:\Users\Jiří Schwarzer\AppData\Roaming\Mozilla\Firefox\Profiles\6a1x2owl.default\Extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi [2016-05-01] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)

Chrome:
=======
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [908168 2019-05-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [310688 2019-05-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [246336 2019-05-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [246336 2019-05-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1180496 2019-05-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc. -> Apple Inc.)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [451800 2019-01-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2016-09-20] (Nero AG -> Nero AG)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AgereSoftModem; C:\WINDOWS\system32\DRIVERS\agrsm64.sys [1212416 2010-03-15] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athwnx.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [75432 2019-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-02-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [200992 2019-05-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [194136 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 htcnprot; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42664 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-12 12:21 - 2019-05-12 12:22 - 000021772 _____ C:\Users\Jiří Schwarzer\Downloads\FRST.txt
2019-05-12 12:21 - 2019-05-12 12:21 - 000000000 ____D C:\FRST
2019-05-12 12:17 - 2019-05-12 12:17 - 002430976 _____ (Farbar) C:\Users\Jiří Schwarzer\Downloads\FRST64.exe
2019-05-12 12:06 - 2019-05-12 12:06 - 000951188 _____ C:\WINDOWS\Minidump\051219-9625-01.dmp
2019-05-02 23:00 - 2019-05-12 12:06 - 000000000 ____D C:\WINDOWS\Minidump
2019-04-12 22:02 - 2019-05-02 23:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-12 12:23 - 2016-09-16 11:06 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\Roaming\Skype
2019-05-12 12:21 - 2018-06-25 07:44 - 001956152 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-12 12:21 - 2018-04-12 17:50 - 000809482 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-12 12:21 - 2018-04-12 17:50 - 000186690 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-12 12:21 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-12 12:19 - 2018-06-25 08:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-12 12:19 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-12 12:19 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-05-12 12:19 - 2017-07-30 13:23 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\Local\HTC MediaHub
2019-05-12 12:15 - 2018-08-06 22:45 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\Local\D3DSCache
2019-05-12 12:14 - 2018-06-25 08:04 - 000004216 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{58C851E0-42D5-4145-9A49-76954694F1CE}
2019-05-12 12:14 - 2018-06-25 08:04 - 000003384 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-587923702-3901416241-2912820861-1001
2019-05-12 12:14 - 2018-06-25 07:50 - 000002427 _____ C:\Users\Jiří Schwarzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-12 12:14 - 2016-05-24 00:00 - 000000000 ___RD C:\Users\Jiří Schwarzer\OneDrive
2019-05-12 12:06 - 2018-06-25 07:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-12 12:06 - 2016-11-28 23:15 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\LocalLow\Mozilla
2019-05-11 13:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-11 12:50 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-11 12:47 - 2018-06-25 07:50 - 000000000 ____D C:\Users\Jiří Schwarzer
2019-05-11 12:41 - 2016-09-30 03:26 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-11 12:39 - 2018-03-05 17:31 - 000200992 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2019-05-06 22:13 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-02 23:00 - 2016-04-08 16:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-02 21:40 - 2018-03-06 10:18 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\Local\Packages
2019-04-18 02:24 - 2018-11-27 21:40 - 000000000 ____D C:\Users\Jiří Schwarzer\Desktop\mobil
2019-04-18 01:54 - 2019-03-11 15:36 - 000000000 ____D C:\Users\Jiří Schwarzer\Desktop\Eva iphone
2019-04-15 00:24 - 2016-04-08 16:15 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-12 22:07 - 2018-03-05 17:31 - 000194136 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

==================== Files in the root of some directories =======

2019-02-02 18:41 - 2019-02-02 18:41 - 001558480 _____ ( ) C:\Users\Jiří Schwarzer\xlsreader_setup.exe
2016-04-08 17:04 - 2016-05-24 00:02 - 000003584 _____ () C:\Users\Jiří Schwarzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-06 21:47 - 2016-04-06 21:47 - 000000017 _____ () C:\Users\Jiří Schwarzer\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05.2019
Ran by Jiří Schwarzer (12-05-2019 12:23:14)
Running from C:\Users\Jiří Schwarzer\Downloads
Windows 10 Home Version 1803 17134.706 (X64) (2018-06-25 06:04:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-587923702-3901416241-2912820861-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-587923702-3901416241-2912820861-503 - Limited - Disabled)
Guest (S-1-5-21-587923702-3901416241-2912820861-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-587923702-3901416241-2912820861-1002 - Limited - Enabled)
Jiří Schwarzer (S-1-5-21-587923702-3901416241-2912820861-1001 - Administrator - Enabled) => C:\Users\Jiří Schwarzer
WDAGUtilityAccount (S-1-5-21-587923702-3901416241-2912820861-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActKey (HKLM-x32\...\{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.9.1.0 - Oki Data Corporation) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Any Video Converter 6.2.2 (HKLM-x32\...\Any Video Converter) (Version: 6.2.2 - Anvsoft)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Avira (HKLM-x32\...\{4771539a-931b-4378-8d4a-721ba62effca}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{C22F76F2-AC9E-44BA-B297-71485F94022F}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.45.1214 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM-x32\...\Broadcom 802.11b Network Adapter) (Version: - )
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.77.0 - HTC)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.3.4.400 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.101 - LSI Corporation)
Microsoft OneDrive (HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movavi Video Converter 17 (HKLM-x32\...\Movavi Video Converter 17) (Version: 17.2.1 - Movavi)
Mozilla Firefox 66.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.3 (x64 cs)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.3.7038 - Mozilla)
Muppet Babies - Air, Land and Sea (HKLM-x32\...\{52496559-216D-483F-AC79-9F9B089F4274}) (Version: - )
Muppet Babies - Sorting and Thinking (HKLM-x32\...\{D91EBEEC-700D-44A1-A394-6EBD1D93F281}) (Version: - )
OKI ActKey (HKLM-x32\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.9.1.0 - Oki Data Corporation)
OKI MB4x1/ES41x1/MPS42x Scanner (HKLM-x32\...\InstallShield_{59B5BAE2-6CB8-4375-AF76-ECF3D34095FA}) (Version: 1.1.1.0 - Oki Data Corporation)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
ScannerDriver (HKLM\...\{59B5BAE2-6CB8-4375-AF76-ECF3D34095FA}) (Version: 1.1.1.0 - Oki Data Corporation) Hidden
Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
SOTI Pocket Controller for Android (HKLM-x32\...\{27C323C9-C757-44E2-AF70-245586D0F462}) (Version: 2.1.0 - SOTI Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{567756E0-361F-4E88-AF74-8B0E4628E5BC}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XLS Reader (HKLM-x32\...\{30D6D257-BE4B-48F2-8D9E-E787A52A0738}_is1) (Version: 1.0 - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-10-17 15:27 - 2013-10-17 15:27 - 000166912 _____ () [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2019-04-12 22:18 - 2019-04-12 22:18 - 000032256 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\A4.Foundation\8af9d1861a87825db3038c2d1ca74c2f\A4.Foundation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\01470d19a5458a3f9bc1f0353a9594f2\AEM.Actions.CCAA.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\f5506b5802ccf0d7a3986b6da5521786\AEM.Plugin.EEU.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\d274806ca78f5825f737bb856f0cb925\AEM.Plugin.Hotkeys.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\f72bb3bb2bc0ffcabcfc9f420f75fd59\AEM.Plugin.DPPE.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000275968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\b0a56b48054f55aa69e4395821ff9720\AEM.Plugin.Source.Kit.Server.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\30f2ea746fa5aa3b9ce9b82c655875ba\AEM.Plugin.WinMessages.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\8f2c2382faac09aefb4f98c7b26e966f\AEM.Plugin.REG.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\0a6fc827499b84a00aaf42e9f5b88f97\AEM.Plugin.GD.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\d144c5adab93ac24ad641cc8f90a465b\AEM.Server.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\0dd84be3d71396c880811e04810d6971\AEM.Server.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000056320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Foundation\30f0b7083b68ead7e224d79951fd0d2a\APM.Foundation.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000122368 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\d78c5a3a3fc3f307d064e53e5ed93e50\ATICCCom.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000199168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\38f0b613e68bce904567554958abc968\CCC.Implementation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC\e1637f1318b74f4cee52c3e29f211730\CCC.ni.exe
2019-04-12 22:19 - 2019-04-12 22:19 - 000152064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\1f62098b171c7c366e58f40266de01b3\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000124928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\184029452b1cce7abde6f9e20e98ecea\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\2bde34c5f8de0e5f4886127381f7efb0\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\3732c3a902a4bd23e566b62671fe01ad\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000104448 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\a1faae16cba58709eb354f2bea063f73\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000206336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\cd955e4fd3fe9c7929b0c214dc581648\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000130048 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\990841178185a1dc6b0b9264d09b5813\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\0a511e2208eb4f9ab6604908dd63a88b\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\a377447dbd661130c66656984e30362a\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000073216 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\ef7f8ae49e868dfd003e009953dbb866\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000259584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\29de85c6194ee4e0345b449c049825e1\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000355840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\df9ae9fd71caaf217660457a7622590c\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000062976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\7da5198ea8675197b234c6884e870388\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000666112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\4a6506bead33325f91a4a4ef853e90d3\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000727552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\beb05bd86f0411fc8460d94bd11ce634\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000446464 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\d5c19f90736b4ff936f19772a398c0b5\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\ba8c4ae913abc927be12e6405486dc11\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\8a55784bd677079c63943d467f2db7ef\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000056320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\19903ab839effd7a20736918c0aedaba\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\ebe51c687b8f536fc386c77a6de62005\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000451584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\d77f00bd621689873309235b01b7e19a\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\2ef9b782216279c7b873764e6dc1e1cd\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000066560 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\7716d6a0213b7998fbb06afa0d8e6568\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000337408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\4b4ea44fc567e5a37bc23ac3d229aa57\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\8177cab1c1cff00f6c11937b9add688b\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000270848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\62faea212276f5297b36f7f5ccbdb57e\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 003282432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\93dd902cbf664ff60577e32f538c5695\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000236032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\0bc2047a70b8a4a6f9e933487af3bd71\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000046592 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\b8bcab419f60fc460b316c1163836c19\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000050176 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\53a950c391a6d38be1ee42342e1be40c\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\71f08c505f474724e26348b87f224e7e\CLI.Caste.A4.Runtime.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\41f3eb09db5ac2da3802d8fff77cdddd\CLI.Caste.A4.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000027648 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\8980d6cc10217edce41650e25fff16ad\CLI.Caste.A4.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\a60cc06196dc6e9eb702ac3944cf206b\CLI.Caste.Fuel.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000304640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\8ad12b68b85cead739240f5a1658aa54\CLI.Caste.Fuel.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000027648 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\b492ab1e8ed98899bb6d1c6081c22193\CLI.Caste.Fuel.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000038400 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\53e4b29741c95cb66950fce65679c757\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 001537536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\5daf9c8f9a4871d2190f134dfcccc9d1\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000574976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\40ba1c0b90f43b0d3606c2249bfafb6e\CLI.Caste.Graphics.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\0b7288afd45dd59319cc0a1ab9bc3b11\CLI.Caste.HydraVision.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\69eaab735767dd6c38f5e27e5a91d56a\CLI.Caste.HydraVision.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\a5df62b559b7321b9c490460847e548d\CLI.Caste.HydraVision.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\d17a58c5f328ead46168bcfb04c33648\CLI.Caste.Platform.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000043520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\ac04af084b76f6c6a37524b483d44e23\CLI.Caste.Platform.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\c997e4e6d0ac7db7003ce1fd2279050a\CLI.Caste.Platform.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\69dd6b02e4c5d346759250fe9341a019\CLI.Component.Runtime.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000884736 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\3eee4c81b4c69030dd75f89a76c4af05\CLI.Component.Systemtray.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000168960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\844a0c4875ee0bd374c1271e5e12adf3\CLI.Component.Dashboard.ProfileManager2.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\64c6260af1d159c2881106bb16214cf5\CLI.Component.Runtime.Shared.Private.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\49058932c2485dfbf05a98712d12433d\CLI.Component.Runtime.Extension.EEU.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 001605632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\1cdbe0724d39e48faab573b81ddee58b\CLI.Component.Dashboard.Shared.Private.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\9a10f67293415e49a4620d6c524eec45\CLI.Component.Client.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000086016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\0f64001b31cd2d3d284022551328ee70\CLI.Component.Dashboard.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\769b7035927a9b7abea73fe11b19c1c8\CLI.Foundation.Private.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\b741682eaaa17d2145b227bdd546d55e\CLI.Foundation.XManifest.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000090624 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\03aed5b3f337a2a2cecd281f94288f13\CLI.Foundation.CoreAudioAPI.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 001052672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\b4cf6557e7e40888c8009d30b47dbd50\CLI.Foundation.Client.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000295424 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\91253e2e17e58c7422a60e3fd926a616\CLI.Foundation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\308315d12d4186aaf6edae99acf34c49\DEM.Foundation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000117248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\5b73066a8331e76c088653d732e5eb13\DEM.Graphics.I0601.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000015872 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\4461bd5e4e9bb2513891a5233cb09db0\DEM.Graphics.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\5ca491f4e15da8d35140c237139d4e75\Fuel.Foundation.ni.dll
2019-04-12 22:20 - 2019-04-12 22:20 - 000289792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\40d860cf3794552d0f0b4fa517e1c9ed\LOG.Foundation.Implementation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000146432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\03599b71bf26f01cc7a1b4c2c4335468\LOG.Foundation.Private.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\ac57ce17bf2d6e3386730b9218ccbcea\LOG.Foundation.Implementation.Private.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000132096 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\7c5d190a93a2814457b9372c699d2398\LOG.Foundation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\98a3e7989e10d0891249f2edc8389474\MOM.Foundation.ni.dll
2019-04-12 22:20 - 2019-04-12 22:20 - 000391680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\f779fbb8c40d4637127ebfc3cb5a589e\MOM.Implementation.ni.dll
2019-04-12 22:20 - 2019-04-12 22:20 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM\23e628c030049e8c0d07b78014827e03\MOM.ni.exe
2019-04-12 22:18 - 2019-04-12 22:18 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\28c9f1e9ce4d30b78913ac1c5c18e9b4\NEWAEM.Foundation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000890368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\d95c85fea7217b76a531434d81d9c904\ADL.Foundation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000250368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Server\61e980db64c89e54c2da2408753b67c7\APM.Server.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000290816 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\3d491b116a7773c9b6f7fd809be411c5\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 001642496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\93100182dbb45e272e91aa020b4656b0\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 006323200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\183459586fb8af95b7b18f92a3ed4e38\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 007986176 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\3886899643d328c5a219a42d7578a3ff\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 001131008 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\0d24815179e8eefb07412e1cb1c1ce86\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000133632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\5cb51d031916488d1ff9672cbb7a50fb\CLI.Component.Client.Shared.Private.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000228352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\71ba9a5d16443f619abcce3330a3f139\CLI.Component.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000910336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\2ce483c8b33eb3a4ae10f31ded025b1c\CLI.Component.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\ec559ba57759504cdf6211baf4756f46\DEM.Graphics.I0706.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000083456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\6df6ab92591942c94bdf22eac4986469\DEM.Graphics.I0709.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\e536f226eb1b1958a0799d44e796ea3a\DEM.Graphics.I0712.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000018944 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\09205738995c8ac6301a20f66c21798b\DEM.Graphics.I0804.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000011264 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\bd35abed050fdd8be525f4f78bf3484e\DEM.Graphics.I0805.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000011776 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\7b1650dae468888db83dbc08a1cdc37e\DEM.Graphics.I0812.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\2eedf5d5a254cc3104b4c0a380269d6a\DEM.Graphics.I0906.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000014848 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\9fb4db7b3f6bf5524964b1f3bd60920f\DEM.Graphics.I0912.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\f94be5b8564326e40dcd40ce1c67785e\DEM.Graphics.I1010.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 001144320 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\3f90d9ec4a944e5ff531f4dac138ac11\Localization.Foundation.Private.ni.dll
2019-04-12 22:20 - 2019-04-12 22:20 - 000242688 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\4e9ce48f6acb75b0bb01ffc9b1fd7ab0\ResourceManagement.Foundation.Implementation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\77a49ce0a6e1e96332c920450728e724\ResourceManagement.Foundation.Private.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000090112 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\efdba66c33cfe192d8aa7169281a4a9b\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 002786304 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\67f80c7ca0513f55d64571ca35945027\CLI.Caste.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 003187712 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\a2a9464d7f91c8804907966993ec1ba4\CLI.Caste.Graphics.Runtime.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000332800 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\830d44b4e4f8087f23a5dd80c0d5ccb8\Microsoft.WindowsAPICodePack.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 002497536 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\c3a0ec59c383f31a87ac63f29577f2f4\Microsoft.WindowsAPICodePack.Shell.ni.dll
2011-08-23 21:33 - 2011-08-23 21:33 - 000163840 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\NCRes.dll
2010-01-22 19:22 - 2010-01-22 19:22 - 000032768 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\Scanner Assist\OPCOMAPI.dll
2014-09-13 11:29 - 2014-09-13 11:29 - 000188416 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\Scanner Assist\Scanner Assist.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\WLTRAY.EXE:Microsoft_Appcompat_ReinstallUpgrade [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-587923702-3901416241-2912820861-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 212.96.161.7 - 212.96.160.6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1A6D839A-6D3A-45C5-8CB1-62DE4B296CC3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{829A4AE5-E646-4CDA-BF3A-BF9CC2EB84F7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E7E4445-B55B-4056-B6F6-9BE4D70D416D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2666A9E8-88F3-4EAC-B27A-AFACEB443820}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F544DEEC-CD7D-4C3B-A87C-1AD6491BFADF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1A4A5B3E-204D-48B3-BBF2-D363C1385AB6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{96EB89E9-486B-4572-ABEE-D17A50E7EDBB}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{065D9BF1-0746-49AE-9CB4-513888E99A33}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{6026679A-971B-4F2E-98EE-42039AD514C1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4DE8BAB6-FDC0-4F69-85BE-DC56CA4D5FFB}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{FE160018-40D7-4D68-BB99-8F501D6BDF5F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{45CB2686-6C5F-4D4C-8C2A-DDAA78AF9D9F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A3C5BFD7-736E-485C-9112-97AD1238ABFC}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe (Nero AG -> )
FirewallRules: [TCP Query User{5BC9DEFD-1E04-4D72-87CB-D6AED43743A5}C:\program files (x86)\soti\pocket controller for android\pocketcontroller.exe] => (Allow) C:\program files (x86)\soti\pocket controller for android\pocketcontroller.exe (SOTI Inc.) [File not signed]
FirewallRules: [UDP Query User{F0342DBA-8C3A-4453-B34C-94149B3DAD24}C:\program files (x86)\soti\pocket controller for android\pocketcontroller.exe] => (Allow) C:\program files (x86)\soti\pocket controller for android\pocketcontroller.exe (SOTI Inc.) [File not signed]
FirewallRules: [TCP Query User{FEF336FB-BA5D-4254-AD05-5CC3B0E49D08}C:\users\jiří schwarzer\desktop\my mobile\mymobiler\mymobiler.exe] => (Allow) C:\users\jiří schwarzer\desktop\my mobile\mymobiler\mymobiler.exe (MTUX Corp) [File not signed]
FirewallRules: [UDP Query User{6B5E2C26-FC1C-412F-8254-B0A04E94742B}C:\users\jiří schwarzer\desktop\my mobile\mymobiler\mymobiler.exe] => (Allow) C:\users\jiří schwarzer\desktop\my mobile\mymobiler\mymobiler.exe (MTUX Corp) [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2019 12:19:47 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/12/2019 12:19:44 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/12/2019 12:08:19 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/12/2019 12:06:15 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/11/2019 01:02:04 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/11/2019 12:51:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/11/2019 12:47:23 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/11/2019 12:41:36 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.


System errors:
=============
Error: (05/12/2019 12:22:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/12/2019 12:19:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/12/2019 12:19:09 PM) (Source: DCOM) (EventID: 10010) (User: Schwarzer)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/12/2019 12:06:29 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x00000116 (0xffff83029faf14a0, 0xfffff80e6763cc54, 0x0000000000000000, 0x000000000000000d). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: 43478fa7-8620-41e3-810d-8516aff5af9d

Error: (05/12/2019 12:06:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:53:27, ‎11.‎05.‎2019) bylo neočekávané.

Error: (05/11/2019 01:39:40 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (05/11/2019 01:02:46 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (05/11/2019 01:02:14 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x00000116 (0xffffdc82e7e5e010, 0xfffff80a980dcc54, 0x0000000000000000, 0x000000000000000d). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: 9a7d0510-3234-4d01-a6f8-4eb7cb7db5c0


CodeIntegrity:
===================================

Date: 2019-05-03 14:41:43.257
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Phoenix Technologies LTD V1.09 11/26/2009
Motherboard: Acer Aspire 5740
Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 56%
Total physical RAM: 3956.5 MB
Available physical RAM: 1704.48 MB
Total Virtual: 7924.5 MB
Available Virtual: 5680.92 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.41 GB) (Free:20.59 GB) NTFS
Drive d: (MuppetBabies) (CDROM) (Total:0.35 GB) (Free:0 GB) CDFS
Drive g: (Elements) (Fixed) (Total:931.48 GB) (Free:316.04 GB) NTFS

\\?\Volume{9f49f909-fc18-11e5-89f4-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{dea12e0c-0000-0000-0000-a0a01b000000}\ () (Fixed) (Total:0.8 GB) (Free:0.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: DEA12E0C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=815 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 701B48B0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Notebook se zasekne

#2 Příspěvek od Rudy »

Zdravím!
PC vyčistíme, problém ale může být hardwraový (vada grafiky). Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Notebook se zasekne

#3 Příspěvek od Mortiz696 »

Provedeno log adwcleaner
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-12-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1250 octets] - [12/05/2019 20:12:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Nový FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-05.2019
Ran by Jiří Schwarzer (administrator) on SCHWARZER (Acer Aspire 5740) (12-05-2019 20:17:38)
Running from C:\Users\Jiří Schwarzer\Desktop
Loaded Profiles: Jiří Schwarzer (Available Profiles: Jiří Schwarzer & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(LSI Corporation -> LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jiří Schwarzer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nero AG -> ) C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Oki Data Corporation -> Oki Data Corporation) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Software Sarl -> Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [728640 2014-09-15] (Oki Data Corporation -> Oki Data Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27815896 2017-07-28] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\Run: [] => [X]
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\MountPoints2: {ecd85716-212c-11e6-a554-806e6f6e6963} - "D:\launcher.exe"
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02985467-9870-499D-8935-D1793FAFB468} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {049FFD54-3923-4C8D-8077-85667E767DB6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {074D16A8-12B8-4236-9511-EC1E4C65941A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation)
Task: {09436BD2-40E4-4915-AE53-F82A65BAD14A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A50DFA9-9C52-480E-B860-5BFCDC7C86CF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {12976133-E3F2-4265-AF6B-3DFC515F69A5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {13D9E8F1-0648-4FC2-89F1-AC0D3D67A32E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {18BCDA2F-AB98-4AAB-BDA1-89DA28155A7D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1B2967D0-4D7C-4ACC-861C-ADA85D5D01B9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2BE0A806-EFB4-4CEE-9C5D-1D46E3D8785A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [700368 2019-05-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {2F3DAFB8-AFE5-4E6C-9FD2-DC40478FC8DB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {321117F1-FD2E-4F1B-97B5-FC807D840EE8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {474F773F-C053-4C60-84E6-4C3812AE12AC} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {47B94C44-CA23-47B6-BD8A-8C9E6D2C6E7E} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: {4B69953A-B619-4667-8611-23C6074FC6B1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5F4B995D-026D-470C-9F4B-F4950E39443B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {5FE8A694-2E01-4544-8E45-BE440678CCFC} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {609A468C-7202-4350-AE07-D31FDE861C4F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {63ED4DD8-0935-488B-AE7A-5231E41AD4D3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6CADE188-F753-4A03-A2BA-B2E043CC36F0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {752996AB-9BC3-40BC-BF7C-8A6BFE26A7A3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {785A87E4-9491-4B0C-A8B4-81FC3D0BAC1C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B941E6C-CABB-4B34-8601-817AFBEB7908} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-09] (Adobe Inc. -> Adobe)
Task: {8777A7BE-7EB3-4F61-87AE-9A4208CE4453} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation)
Task: {8E1C5543-9617-4745-B5C0-1F3D6B7339F0} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {8F8077C2-37CE-4A09-9CEB-601291FA8408} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9A41FE16-5F2C-4DF4-9F55-2419E450CA18} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation)
Task: {A111F850-5368-4A1A-8661-19050B360D80} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A1DF13C3-C189-4196-B920-E8D7CAADA4ED} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {A5673961-24CD-4C65-9E71-71D1694AEFD4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B4E6B477-6B16-4FA3-96E0-42FEEDFD2BB9} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BAD7E8F7-32B9-4013-AD1A-2965F509BFDC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC98A90A-B77C-4A83-A06E-A1B365DA9374} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {BE7DA1D2-EE93-4F37-8A8C-BB5A413B8DB0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C358D492-426C-4A1A-8B7E-470B96BF391B} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {C4523028-38AE-48AD-8777-3469411B4535} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C715FFAB-F4C7-436E-B919-E633CF0E89D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C764611B-5FC3-4FB7-A570-0059C6664C6A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {CB8B3039-224B-4BFC-BDE6-9C10A3D2B47B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CC86AE7D-E46D-4B73-A66A-A681B1B2B93B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_Plugin.exe [1456696 2019-04-09] (Adobe Inc. -> Adobe)
Task: {D7A14216-01E6-4A52-9217-C9B40F24B0E2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DCDB45C7-78B1-4145-90FF-281357160EAD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E6257CA8-86D1-4987-AB1E-837901D27FB0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E66BCAB3-3253-447D-A40A-984F7E5A4646} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EFDA732A-DD22-49D4-9DA8-B239A20E1A8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F1CE6005-0CF8-484B-A5AC-1BBE43C37B14} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F24CCC5A-58E9-4665-A6DF-B80508D8D769} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.96.161.7 212.96.160.6 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{0f9972a8-54fc-4912-9c85-e4d4f9f4eb23}: [DhcpNameServer] 212.96.161.7 212.96.160.6 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{40fdb800-1c6c-41c4-b715-ea4a407e12e1}: [DhcpNameServer] 212.96.161.7 212.96.160.6 8.8.8.8 192.168.1.1

Internet Explorer:
==================
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 6a1x2owl.default
FF ProfilePath: C:\Users\Jiří Schwarzer\AppData\Roaming\Mozilla\Firefox\Profiles\6a1x2owl.default [2019-05-12]
FF Homepage: Mozilla\Firefox\Profiles\6a1x2owl.default -> www.seznam.cz
FF NetworkProxy: Mozilla\Firefox\Profiles\6a1x2owl.default -> type", 0
FF Extension: (Web of Trust) - C:\Users\Jiří Schwarzer\AppData\Roaming\Mozilla\Firefox\Profiles\6a1x2owl.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2019-04-12]
FF Extension: (No Name) - C:\Users\Jiří Schwarzer\AppData\Roaming\Mozilla\Firefox\Profiles\6a1x2owl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-25]
FF Extension: (Google Privacy) - C:\Users\Jiří Schwarzer\AppData\Roaming\Mozilla\Firefox\Profiles\6a1x2owl.default\Extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi [2016-05-01] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)

Chrome:
=======
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [908168 2019-05-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [312664 2019-05-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [246336 2019-05-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [246336 2019-05-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1182464 2019-05-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc. -> Apple Inc.)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [451800 2019-01-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2016-09-20] (Nero AG -> Nero AG)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AgereSoftModem; C:\WINDOWS\system32\DRIVERS\agrsm64.sys [1212416 2010-03-15] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athwnx.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [75432 2019-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-02-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [200992 2019-05-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [194136 2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 htcnprot; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42664 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-12 20:17 - 2019-05-12 20:18 - 000022027 _____ C:\Users\Jiří Schwarzer\Desktop\FRST.txt
2019-05-12 20:11 - 2019-05-12 20:12 - 000000000 ____D C:\AdwCleaner
2019-05-12 20:11 - 2019-05-12 20:11 - 007025360 _____ (Malwarebytes) C:\Users\Jiří Schwarzer\Downloads\adwcleaner_7.3.exe
2019-05-12 12:23 - 2019-05-12 12:24 - 000049008 _____ C:\Users\Jiří Schwarzer\Downloads\Addition.txt
2019-05-12 12:21 - 2019-05-12 20:17 - 000000000 ____D C:\FRST
2019-05-12 12:21 - 2019-05-12 12:24 - 000026115 _____ C:\Users\Jiří Schwarzer\Downloads\FRST.txt
2019-05-12 12:17 - 2019-05-12 12:17 - 002430976 _____ (Farbar) C:\Users\Jiří Schwarzer\Desktop\FRST64.exe
2019-05-12 12:06 - 2019-05-12 12:06 - 000951188 _____ C:\WINDOWS\Minidump\051219-9625-01.dmp
2019-05-02 23:00 - 2019-05-12 12:06 - 000000000 ____D C:\WINDOWS\Minidump
2019-04-12 22:02 - 2019-05-02 23:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-12 20:18 - 2016-09-16 11:06 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\Roaming\Skype
2019-05-12 20:15 - 2016-11-28 23:15 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\LocalLow\Mozilla
2019-05-12 20:14 - 2018-06-25 08:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-12 20:14 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-12 20:14 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-05-12 20:14 - 2017-07-30 13:23 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\Local\HTC MediaHub
2019-05-12 20:11 - 2018-06-25 08:04 - 000004216 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{58C851E0-42D5-4145-9A49-76954694F1CE}
2019-05-12 20:09 - 2018-06-25 07:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-12 12:24 - 2018-06-25 07:44 - 001956152 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-12 12:24 - 2018-04-12 17:50 - 000809482 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-12 12:24 - 2018-04-12 17:50 - 000186690 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-12 12:24 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-05-12 12:19 - 2018-06-25 07:50 - 000000000 ____D C:\Users\Jiří Schwarzer
2019-05-12 12:15 - 2018-08-06 22:45 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\Local\D3DSCache
2019-05-12 12:14 - 2018-06-25 08:04 - 000003384 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-587923702-3901416241-2912820861-1001
2019-05-12 12:14 - 2018-06-25 07:50 - 000002427 _____ C:\Users\Jiří Schwarzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-12 12:14 - 2016-05-24 00:00 - 000000000 ___RD C:\Users\Jiří Schwarzer\OneDrive
2019-05-11 13:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-11 12:50 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-11 12:41 - 2016-09-30 03:26 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-11 12:39 - 2018-03-05 17:31 - 000200992 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2019-05-06 22:13 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-02 23:00 - 2016-04-08 16:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-02 21:40 - 2018-03-06 10:18 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\Local\Packages
2019-04-18 02:24 - 2018-11-27 21:40 - 000000000 ____D C:\Users\Jiří Schwarzer\Desktop\mobil
2019-04-18 01:54 - 2019-03-11 15:36 - 000000000 ____D C:\Users\Jiří Schwarzer\Desktop\Eva iphone
2019-04-15 00:24 - 2016-04-08 16:15 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-04-12 22:07 - 2018-03-05 17:31 - 000194136 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

==================== Files in the root of some directories =======

2019-02-02 18:41 - 2019-02-02 18:41 - 001558480 _____ ( ) C:\Users\Jiří Schwarzer\xlsreader_setup.exe
2016-04-08 17:04 - 2016-05-24 00:02 - 000003584 _____ () C:\Users\Jiří Schwarzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-06 21:47 - 2016-04-06 21:47 - 000000017 _____ () C:\Users\Jiří Schwarzer\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05.2019
Ran by Jiří Schwarzer (12-05-2019 20:19:08)
Running from C:\Users\Jiří Schwarzer\Desktop
Windows 10 Home Version 1803 17134.706 (X64) (2018-06-25 06:04:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-587923702-3901416241-2912820861-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-587923702-3901416241-2912820861-503 - Limited - Disabled)
Guest (S-1-5-21-587923702-3901416241-2912820861-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-587923702-3901416241-2912820861-1002 - Limited - Enabled)
Jiří Schwarzer (S-1-5-21-587923702-3901416241-2912820861-1001 - Administrator - Enabled) => C:\Users\Jiří Schwarzer
WDAGUtilityAccount (S-1-5-21-587923702-3901416241-2912820861-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActKey (HKLM-x32\...\{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.9.1.0 - Oki Data Corporation) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.171 - Adobe)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Any Video Converter 6.2.2 (HKLM-x32\...\Any Video Converter) (Version: 6.2.2 - Anvsoft)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Avira (HKLM-x32\...\{4771539a-931b-4378-8d4a-721ba62effca}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{C22F76F2-AC9E-44BA-B297-71485F94022F}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.1905.1249 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM-x32\...\Broadcom 802.11b Network Adapter) (Version: - )
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.77.0 - HTC)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.3.4.400 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.101 - LSI Corporation)
Microsoft OneDrive (HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movavi Video Converter 17 (HKLM-x32\...\Movavi Video Converter 17) (Version: 17.2.1 - Movavi)
Mozilla Firefox 66.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.3 (x64 cs)) (Version: 66.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.3.7038 - Mozilla)
Muppet Babies - Air, Land and Sea (HKLM-x32\...\{52496559-216D-483F-AC79-9F9B089F4274}) (Version: - )
Muppet Babies - Sorting and Thinking (HKLM-x32\...\{D91EBEEC-700D-44A1-A394-6EBD1D93F281}) (Version: - )
OKI ActKey (HKLM-x32\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.9.1.0 - Oki Data Corporation)
OKI MB4x1/ES41x1/MPS42x Scanner (HKLM-x32\...\InstallShield_{59B5BAE2-6CB8-4375-AF76-ECF3D34095FA}) (Version: 1.1.1.0 - Oki Data Corporation)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
ScannerDriver (HKLM\...\{59B5BAE2-6CB8-4375-AF76-ECF3D34095FA}) (Version: 1.1.1.0 - Oki Data Corporation) Hidden
Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
SOTI Pocket Controller for Android (HKLM-x32\...\{27C323C9-C757-44E2-AF70-245586D0F462}) (Version: 2.1.0 - SOTI Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{567756E0-361F-4E88-AF74-8B0E4628E5BC}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XLS Reader (HKLM-x32\...\{30D6D257-BE4B-48F2-8D9E-E787A52A0738}_is1) (Version: 1.0 - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-04-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-10-17 15:27 - 2013-10-17 15:27 - 000166912 _____ () [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2019-04-12 22:18 - 2019-04-12 22:18 - 000032256 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\A4.Foundation\8af9d1861a87825db3038c2d1ca74c2f\A4.Foundation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\01470d19a5458a3f9bc1f0353a9594f2\AEM.Actions.CCAA.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\f5506b5802ccf0d7a3986b6da5521786\AEM.Plugin.EEU.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\d274806ca78f5825f737bb856f0cb925\AEM.Plugin.Hotkeys.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\f72bb3bb2bc0ffcabcfc9f420f75fd59\AEM.Plugin.DPPE.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000275968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\b0a56b48054f55aa69e4395821ff9720\AEM.Plugin.Source.Kit.Server.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\30f2ea746fa5aa3b9ce9b82c655875ba\AEM.Plugin.WinMessages.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\8f2c2382faac09aefb4f98c7b26e966f\AEM.Plugin.REG.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\0a6fc827499b84a00aaf42e9f5b88f97\AEM.Plugin.GD.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\d144c5adab93ac24ad641cc8f90a465b\AEM.Server.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\0dd84be3d71396c880811e04810d6971\AEM.Server.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000056320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Foundation\30f0b7083b68ead7e224d79951fd0d2a\APM.Foundation.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000122368 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\d78c5a3a3fc3f307d064e53e5ed93e50\ATICCCom.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000199168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\38f0b613e68bce904567554958abc968\CCC.Implementation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC\e1637f1318b74f4cee52c3e29f211730\CCC.ni.exe
2019-04-12 22:19 - 2019-04-12 22:19 - 000152064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\1f62098b171c7c366e58f40266de01b3\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000124928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\184029452b1cce7abde6f9e20e98ecea\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\2bde34c5f8de0e5f4886127381f7efb0\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\3732c3a902a4bd23e566b62671fe01ad\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000104448 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\a1faae16cba58709eb354f2bea063f73\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000206336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\cd955e4fd3fe9c7929b0c214dc581648\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000130048 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\990841178185a1dc6b0b9264d09b5813\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\0a511e2208eb4f9ab6604908dd63a88b\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\a377447dbd661130c66656984e30362a\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000073216 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\ef7f8ae49e868dfd003e009953dbb866\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000259584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\29de85c6194ee4e0345b449c049825e1\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000355840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\df9ae9fd71caaf217660457a7622590c\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000062976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\7da5198ea8675197b234c6884e870388\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000666112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\4a6506bead33325f91a4a4ef853e90d3\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000727552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\beb05bd86f0411fc8460d94bd11ce634\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000446464 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\d5c19f90736b4ff936f19772a398c0b5\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\ba8c4ae913abc927be12e6405486dc11\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\8a55784bd677079c63943d467f2db7ef\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000056320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\19903ab839effd7a20736918c0aedaba\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\ebe51c687b8f536fc386c77a6de62005\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000451584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\d77f00bd621689873309235b01b7e19a\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\2ef9b782216279c7b873764e6dc1e1cd\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000066560 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\7716d6a0213b7998fbb06afa0d8e6568\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000337408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\4b4ea44fc567e5a37bc23ac3d229aa57\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\8177cab1c1cff00f6c11937b9add688b\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000270848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\62faea212276f5297b36f7f5ccbdb57e\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 003282432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\93dd902cbf664ff60577e32f538c5695\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000236032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\0bc2047a70b8a4a6f9e933487af3bd71\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000046592 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\b8bcab419f60fc460b316c1163836c19\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000050176 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\53a950c391a6d38be1ee42342e1be40c\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\71f08c505f474724e26348b87f224e7e\CLI.Caste.A4.Runtime.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\41f3eb09db5ac2da3802d8fff77cdddd\CLI.Caste.A4.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000027648 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\8980d6cc10217edce41650e25fff16ad\CLI.Caste.A4.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\a60cc06196dc6e9eb702ac3944cf206b\CLI.Caste.Fuel.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000304640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\8ad12b68b85cead739240f5a1658aa54\CLI.Caste.Fuel.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000027648 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\b492ab1e8ed98899bb6d1c6081c22193\CLI.Caste.Fuel.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000038400 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\53e4b29741c95cb66950fce65679c757\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 001537536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\5daf9c8f9a4871d2190f134dfcccc9d1\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000574976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\40ba1c0b90f43b0d3606c2249bfafb6e\CLI.Caste.Graphics.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\0b7288afd45dd59319cc0a1ab9bc3b11\CLI.Caste.HydraVision.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\69eaab735767dd6c38f5e27e5a91d56a\CLI.Caste.HydraVision.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\a5df62b559b7321b9c490460847e548d\CLI.Caste.HydraVision.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\d17a58c5f328ead46168bcfb04c33648\CLI.Caste.Platform.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000043520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\ac04af084b76f6c6a37524b483d44e23\CLI.Caste.Platform.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\c997e4e6d0ac7db7003ce1fd2279050a\CLI.Caste.Platform.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\69dd6b02e4c5d346759250fe9341a019\CLI.Component.Runtime.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000884736 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\3eee4c81b4c69030dd75f89a76c4af05\CLI.Component.Systemtray.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000168960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\844a0c4875ee0bd374c1271e5e12adf3\CLI.Component.Dashboard.ProfileManager2.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\64c6260af1d159c2881106bb16214cf5\CLI.Component.Runtime.Shared.Private.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\49058932c2485dfbf05a98712d12433d\CLI.Component.Runtime.Extension.EEU.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 001605632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\1cdbe0724d39e48faab573b81ddee58b\CLI.Component.Dashboard.Shared.Private.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\9a10f67293415e49a4620d6c524eec45\CLI.Component.Client.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000086016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\0f64001b31cd2d3d284022551328ee70\CLI.Component.Dashboard.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\769b7035927a9b7abea73fe11b19c1c8\CLI.Foundation.Private.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\b741682eaaa17d2145b227bdd546d55e\CLI.Foundation.XManifest.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000090624 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\03aed5b3f337a2a2cecd281f94288f13\CLI.Foundation.CoreAudioAPI.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 001052672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\b4cf6557e7e40888c8009d30b47dbd50\CLI.Foundation.Client.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000295424 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\91253e2e17e58c7422a60e3fd926a616\CLI.Foundation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\308315d12d4186aaf6edae99acf34c49\DEM.Foundation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000117248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\5b73066a8331e76c088653d732e5eb13\DEM.Graphics.I0601.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000015872 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\4461bd5e4e9bb2513891a5233cb09db0\DEM.Graphics.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\5ca491f4e15da8d35140c237139d4e75\Fuel.Foundation.ni.dll
2019-04-12 22:20 - 2019-04-12 22:20 - 000289792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\40d860cf3794552d0f0b4fa517e1c9ed\LOG.Foundation.Implementation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000146432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\03599b71bf26f01cc7a1b4c2c4335468\LOG.Foundation.Private.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\ac57ce17bf2d6e3386730b9218ccbcea\LOG.Foundation.Implementation.Private.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000132096 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\7c5d190a93a2814457b9372c699d2398\LOG.Foundation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\98a3e7989e10d0891249f2edc8389474\MOM.Foundation.ni.dll
2019-04-12 22:20 - 2019-04-12 22:20 - 000391680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\f779fbb8c40d4637127ebfc3cb5a589e\MOM.Implementation.ni.dll
2019-04-12 22:20 - 2019-04-12 22:20 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM\23e628c030049e8c0d07b78014827e03\MOM.ni.exe
2019-04-12 22:18 - 2019-04-12 22:18 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\28c9f1e9ce4d30b78913ac1c5c18e9b4\NEWAEM.Foundation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000890368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\d95c85fea7217b76a531434d81d9c904\ADL.Foundation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000250368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Server\61e980db64c89e54c2da2408753b67c7\APM.Server.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000290816 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\3d491b116a7773c9b6f7fd809be411c5\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 001642496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\93100182dbb45e272e91aa020b4656b0\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 006323200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\183459586fb8af95b7b18f92a3ed4e38\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 007986176 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\3886899643d328c5a219a42d7578a3ff\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 001131008 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\0d24815179e8eefb07412e1cb1c1ce86\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000133632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\5cb51d031916488d1ff9672cbb7a50fb\CLI.Component.Client.Shared.Private.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000228352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\71ba9a5d16443f619abcce3330a3f139\CLI.Component.Runtime.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000910336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\2ce483c8b33eb3a4ae10f31ded025b1c\CLI.Component.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\ec559ba57759504cdf6211baf4756f46\DEM.Graphics.I0706.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000083456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\6df6ab92591942c94bdf22eac4986469\DEM.Graphics.I0709.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\e536f226eb1b1958a0799d44e796ea3a\DEM.Graphics.I0712.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000018944 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\09205738995c8ac6301a20f66c21798b\DEM.Graphics.I0804.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000011264 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\bd35abed050fdd8be525f4f78bf3484e\DEM.Graphics.I0805.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000011776 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\7b1650dae468888db83dbc08a1cdc37e\DEM.Graphics.I0812.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\2eedf5d5a254cc3104b4c0a380269d6a\DEM.Graphics.I0906.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000014848 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\9fb4db7b3f6bf5524964b1f3bd60920f\DEM.Graphics.I0912.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\f94be5b8564326e40dcd40ce1c67785e\DEM.Graphics.I1010.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 001144320 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\3f90d9ec4a944e5ff531f4dac138ac11\Localization.Foundation.Private.ni.dll
2019-04-12 22:20 - 2019-04-12 22:20 - 000242688 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\4e9ce48f6acb75b0bb01ffc9b1fd7ab0\ResourceManagement.Foundation.Implementation.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\77a49ce0a6e1e96332c920450728e724\ResourceManagement.Foundation.Private.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000090112 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\efdba66c33cfe192d8aa7169281a4a9b\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 002786304 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\67f80c7ca0513f55d64571ca35945027\CLI.Caste.Graphics.Shared.ni.dll
2019-04-12 22:19 - 2019-04-12 22:19 - 003187712 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\a2a9464d7f91c8804907966993ec1ba4\CLI.Caste.Graphics.Runtime.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 000332800 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\830d44b4e4f8087f23a5dd80c0d5ccb8\Microsoft.WindowsAPICodePack.ni.dll
2019-04-12 22:18 - 2019-04-12 22:18 - 002497536 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\c3a0ec59c383f31a87ac63f29577f2f4\Microsoft.WindowsAPICodePack.Shell.ni.dll
2011-08-23 21:33 - 2011-08-23 21:33 - 000163840 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\NCRes.dll
2010-01-22 19:22 - 2010-01-22 19:22 - 000032768 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\Scanner Assist\OPCOMAPI.dll
2014-09-13 11:29 - 2014-09-13 11:29 - 000188416 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\Scanner Assist\Scanner Assist.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\SysWOW64\WLTRAY.EXE:Microsoft_Appcompat_ReinstallUpgrade [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-587923702-3901416241-2912820861-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 212.96.161.7 - 212.96.160.6
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1A6D839A-6D3A-45C5-8CB1-62DE4B296CC3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{829A4AE5-E646-4CDA-BF3A-BF9CC2EB84F7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E7E4445-B55B-4056-B6F6-9BE4D70D416D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2666A9E8-88F3-4EAC-B27A-AFACEB443820}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F544DEEC-CD7D-4C3B-A87C-1AD6491BFADF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1A4A5B3E-204D-48B3-BBF2-D363C1385AB6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{96EB89E9-486B-4572-ABEE-D17A50E7EDBB}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{065D9BF1-0746-49AE-9CB4-513888E99A33}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{6026679A-971B-4F2E-98EE-42039AD514C1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4DE8BAB6-FDC0-4F69-85BE-DC56CA4D5FFB}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{FE160018-40D7-4D68-BB99-8F501D6BDF5F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{45CB2686-6C5F-4D4C-8C2A-DDAA78AF9D9F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A3C5BFD7-736E-485C-9112-97AD1238ABFC}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe (Nero AG -> )
FirewallRules: [TCP Query User{5BC9DEFD-1E04-4D72-87CB-D6AED43743A5}C:\program files (x86)\soti\pocket controller for android\pocketcontroller.exe] => (Allow) C:\program files (x86)\soti\pocket controller for android\pocketcontroller.exe (SOTI Inc.) [File not signed]
FirewallRules: [UDP Query User{F0342DBA-8C3A-4453-B34C-94149B3DAD24}C:\program files (x86)\soti\pocket controller for android\pocketcontroller.exe] => (Allow) C:\program files (x86)\soti\pocket controller for android\pocketcontroller.exe (SOTI Inc.) [File not signed]
FirewallRules: [TCP Query User{FEF336FB-BA5D-4254-AD05-5CC3B0E49D08}C:\users\jiří schwarzer\desktop\my mobile\mymobiler\mymobiler.exe] => (Allow) C:\users\jiří schwarzer\desktop\my mobile\mymobiler\mymobiler.exe (MTUX Corp) [File not signed]
FirewallRules: [UDP Query User{6B5E2C26-FC1C-412F-8254-B0A04E94742B}C:\users\jiří schwarzer\desktop\my mobile\mymobiler\mymobiler.exe] => (Allow) C:\users\jiří schwarzer\desktop\my mobile\mymobiler\mymobiler.exe (MTUX Corp) [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/12/2019 08:14:52 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/12/2019 08:14:50 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/12/2019 04:26:55 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/12/2019 12:19:47 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/12/2019 12:19:44 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/12/2019 12:08:19 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/12/2019 12:06:15 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (05/11/2019 01:02:04 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.


System errors:
=============
Error: (05/12/2019 08:17:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/12/2019 08:14:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/12/2019 08:14:14 PM) (Source: DCOM) (EventID: 10010) (User: Schwarzer)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/12/2019 08:14:14 PM) (Source: DCOM) (EventID: 10010) (User: Schwarzer)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/12/2019 08:14:14 PM) (Source: DCOM) (EventID: 10010) (User: Schwarzer)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/12/2019 08:14:14 PM) (Source: DCOM) (EventID: 10010) (User: Schwarzer)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/12/2019 08:14:14 PM) (Source: DCOM) (EventID: 10010) (User: Schwarzer)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/12/2019 08:14:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Remediation Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


CodeIntegrity:
===================================

Date: 2019-05-03 14:41:43.257
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Phoenix Technologies LTD V1.09 11/26/2009
Motherboard: Acer Aspire 5740
Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 59%
Total physical RAM: 3956.5 MB
Available physical RAM: 1584.89 MB
Total Virtual: 7924.5 MB
Available Virtual: 5457.99 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.41 GB) (Free:20.51 GB) NTFS
Drive d: (MuppetBabies) (CDROM) (Total:0.35 GB) (Free:0 GB) CDFS
Drive g: (Elements) (Fixed) (Total:931.48 GB) (Free:316.04 GB) NTFS

\\?\Volume{9f49f909-fc18-11e5-89f4-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{dea12e0c-0000-0000-0000-a0a01b000000}\ () (Fixed) (Total:0.8 GB) (Free:0.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: DEA12E0C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=815 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 701B48B0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Notebook se zasekne

#4 Příspěvek od Rudy »

OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\Run: [] => [X]
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\MountPoints2: {ecd85716-212c-11e6-a554-806e6f6e6963} - "D:\launcher.exe"
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Task: {049FFD54-3923-4C8D-8077-85667E767DB6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {13D9E8F1-0648-4FC2-89F1-AC0D3D67A32E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {18BCDA2F-AB98-4AAB-BDA1-89DA28155A7D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {321117F1-FD2E-4F1B-97B5-FC807D840EE8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4B69953A-B619-4667-8611-23C6074FC6B1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5F4B995D-026D-470C-9F4B-F4950E39443B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {5FE8A694-2E01-4544-8E45-BE440678CCFC} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {63ED4DD8-0935-488B-AE7A-5231E41AD4D3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8E1C5543-9617-4745-B5C0-1F3D6B7339F0} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {A5673961-24CD-4C65-9E71-71D1694AEFD4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C358D492-426C-4A1A-8B7E-470B96BF391B} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {C4523028-38AE-48AD-8777-3469411B4535} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C764611B-5FC3-4FB7-A570-0059C6664C6A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DCDB45C7-78B1-4145-90FF-281357160EAD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E66BCAB3-3253-447D-A40A-984F7E5A4646} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EFDA732A-DD22-49D4-9DA8-B239A20E1A8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
U3 idsvc; no ImagePath
C:\Users\Jiří Schwarzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
AlternateDataStreams: C:\WINDOWS\SysWOW64\WLTRAY.EXE:Microsoft_Appcompat_ReinstallUpgrade [0]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Notebook se zasekne

#5 Příspěvek od Mortiz696 »

Provedeno omlouvám se že až teď bohužel jsem se k notebooku dlouho nedostal nicméně přikládám fixlog a nový FRST.

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by Jiří Schwarzer (03-06-2019 17:02:19) Run:1
Running from C:\Users\Jiří Schwarzer\Desktop
Loaded Profiles: Jiří Schwarzer (Available Profiles: Jiří Schwarzer & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\Run: [] => [X]
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\MountPoints2: {ecd85716-212c-11e6-a554-806e6f6e6963} - "D:\launcher.exe"
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Task: {049FFD54-3923-4C8D-8077-85667E767DB6} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {13D9E8F1-0648-4FC2-89F1-AC0D3D67A32E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {18BCDA2F-AB98-4AAB-BDA1-89DA28155A7D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {321117F1-FD2E-4F1B-97B5-FC807D840EE8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {4B69953A-B619-4667-8611-23C6074FC6B1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {5F4B995D-026D-470C-9F4B-F4950E39443B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {5FE8A694-2E01-4544-8E45-BE440678CCFC} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {63ED4DD8-0935-488B-AE7A-5231E41AD4D3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8E1C5543-9617-4745-B5C0-1F3D6B7339F0} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {A5673961-24CD-4C65-9E71-71D1694AEFD4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C358D492-426C-4A1A-8B7E-470B96BF391B} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {C4523028-38AE-48AD-8777-3469411B4535} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C764611B-5FC3-4FB7-A570-0059C6664C6A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DCDB45C7-78B1-4145-90FF-281357160EAD} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E66BCAB3-3253-447D-A40A-984F7E5A4646} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EFDA732A-DD22-49D4-9DA8-B239A20E1A8B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
U3 idsvc; no ImagePath
C:\Users\Ji�� Schwarzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
AlternateDataStreams: C:\WINDOWS\SysWOW64\WLTRAY.EXE:Microsoft_Appcompat_ReinstallUpgrade [0]
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-587923702-3901416241-2912820861-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ecd85716-212c-11e6-a554-806e6f6e6963} => removed successfully
HKLM\Software\Classes\CLSID\{ecd85716-212c-11e6-a554-806e6f6e6963} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\Software\Classes\CLSID\{503739d0-4c5e-4cfd-b3ba-d881334f0df2} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{049FFD54-3923-4C8D-8077-85667E767DB6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{049FFD54-3923-4C8D-8077-85667E767DB6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{13D9E8F1-0648-4FC2-89F1-AC0D3D67A32E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{13D9E8F1-0648-4FC2-89F1-AC0D3D67A32E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18BCDA2F-AB98-4AAB-BDA1-89DA28155A7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18BCDA2F-AB98-4AAB-BDA1-89DA28155A7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{321117F1-FD2E-4F1B-97B5-FC807D840EE8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{321117F1-FD2E-4F1B-97B5-FC807D840EE8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4B69953A-B619-4667-8611-23C6074FC6B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B69953A-B619-4667-8611-23C6074FC6B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F4B995D-026D-470C-9F4B-F4950E39443B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F4B995D-026D-470C-9F4B-F4950E39443B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FE8A694-2E01-4544-8E45-BE440678CCFC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FE8A694-2E01-4544-8E45-BE440678CCFC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63ED4DD8-0935-488B-AE7A-5231E41AD4D3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63ED4DD8-0935-488B-AE7A-5231E41AD4D3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E1C5543-9617-4745-B5C0-1F3D6B7339F0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E1C5543-9617-4745-B5C0-1F3D6B7339F0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5673961-24CD-4C65-9E71-71D1694AEFD4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5673961-24CD-4C65-9E71-71D1694AEFD4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C358D492-426C-4A1A-8B7E-470B96BF391B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C358D492-426C-4A1A-8B7E-470B96BF391B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C4523028-38AE-48AD-8777-3469411B4535}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C4523028-38AE-48AD-8777-3469411B4535}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C764611B-5FC3-4FB7-A570-0059C6664C6A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C764611B-5FC3-4FB7-A570-0059C6664C6A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DCDB45C7-78B1-4145-90FF-281357160EAD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCDB45C7-78B1-4145-90FF-281357160EAD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E66BCAB3-3253-447D-A40A-984F7E5A4646}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E66BCAB3-3253-447D-A40A-984F7E5A4646}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EFDA732A-DD22-49D4-9DA8-B239A20E1A8B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFDA732A-DD22-49D4-9DA8-B239A20E1A8B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
"C:\Users\Ji�� Schwarzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
C:\WINDOWS\SysWOW64\WLTRAY.EXE => ":Microsoft_Appcompat_ReinstallUpgrade" ADS removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 87051881 B
Java, Flash, Steam htmlcache => 27502 B
Windows/system/drivers => 340400 B
Edge => 7713497 B
Chrome => 0 B
Firefox => 1130620333 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 23330 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 4204582 B
LocalService => 0 B
NetworkService => 6656 B
NetworkService => 0 B
Jiří Schwarzer => 61739743 B
DefaultAppPool => 23330 B

RecycleBin => 122431461 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:04:47 ====

Nový frst

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-06-2019
Ran by Jiří Schwarzer (administrator) on SCHWARZER (Acer Aspire 5740) (03-06-2019 18:21:01)
Running from C:\Users\Jiří Schwarzer\Desktop
Loaded Profiles: Jiří Schwarzer (Available Profiles: Jiří Schwarzer & DefaultAppPool)
Platform: Windows 10 Home Version 1803 17134.765 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [728640 2014-09-15] (Oki Data Corporation -> Oki Data Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27815896 2017-07-28] (Skype Software Sarl -> Skype Technologies S.A.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02985467-9870-499D-8935-D1793FAFB468} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {074D16A8-12B8-4236-9511-EC1E4C65941A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation)
Task: {09436BD2-40E4-4915-AE53-F82A65BAD14A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A50DFA9-9C52-480E-B860-5BFCDC7C86CF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {12976133-E3F2-4265-AF6B-3DFC515F69A5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {1B2967D0-4D7C-4ACC-861C-ADA85D5D01B9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2F3DAFB8-AFE5-4E6C-9FD2-DC40478FC8DB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4643E492-39A9-4B92-BC87-18F7979402C1} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 => {429BC048-379E-45E0-80E4-EB1977941B5C} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {474F773F-C053-4C60-84E6-4C3812AE12AC} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {47B94C44-CA23-47B6-BD8A-8C9E6D2C6E7E} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {609A468C-7202-4350-AE07-D31FDE861C4F} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {62573B62-C559-4528-9136-AA80E1ABCD40} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 => {84F0FAE1-C27B-4F6F-807B-28CF6F96287D} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {66490DD2-30AF-4395-A262-DCA306F86889} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {6CADE188-F753-4A03-A2BA-B2E043CC36F0} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {752996AB-9BC3-40BC-BF7C-8A6BFE26A7A3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {785A87E4-9491-4B0C-A8B4-81FC3D0BAC1C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B941E6C-CABB-4B34-8601-817AFBEB7908} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-05-14] (Adobe Inc. -> Adobe)
Task: {83795B87-BDC9-4F80-A96D-48ED113712D9} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical => {DE434264-8FE9-4C0B-A83B-89EBEEBFF78E} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {85DC10D3-72EB-4E0D-8E6B-7233BCA03F13} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {8777A7BE-7EB3-4F61-87AE-9A4208CE4453} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation)
Task: {8DCD9024-88C2-4EE7-96BB-77699EE41BCC} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {8F8077C2-37CE-4A09-9CEB-601291FA8408} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9A41FE16-5F2C-4DF4-9F55-2419E450CA18} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation)
Task: {9C4F4ACB-5122-40E1-9D7E-99555BC2F2C1} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical => {613FBA38-A3DF-4AB8-9674-5604984A299A} C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentasklauncher.dll [29360 2018-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A111F850-5368-4A1A-8661-19050B360D80} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A1DF13C3-C189-4196-B920-E8D7CAADA4ED} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {A6D88883-0A3D-4EE8-B44A-1E5750B34D09} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B4E6B477-6B16-4FA3-96E0-42FEEDFD2BB9} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BAD7E8F7-32B9-4013-AD1A-2965F509BFDC} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC98A90A-B77C-4A83-A06E-A1B365DA9374} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
Task: {BE7DA1D2-EE93-4F37-8A8C-BB5A413B8DB0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C0E9390C-F6E2-4961-A3E8-2CD58A87BFFD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {C715FFAB-F4C7-436E-B919-E633CF0E89D7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CB8B3039-224B-4BFC-BDE6-9C10A3D2B47B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CC86AE7D-E46D-4B73-A66A-A681B1B2B93B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-14] (Adobe Inc. -> Adobe)
Task: {D7A14216-01E6-4A52-9217-C9B40F24B0E2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E6257CA8-86D1-4987-AB1E-837901D27FB0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F1CE6005-0CF8-484B-A5AC-1BBE43C37B14} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F24CCC5A-58E9-4665-A6DF-B80508D8D769} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0f9972a8-54fc-4912-9c85-e4d4f9f4eb23}: [DhcpNameServer] 212.96.161.7 212.96.160.6 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{40fdb800-1c6c-41c4-b715-ea4a407e12e1}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF DefaultProfile: 6a1x2owl.default
FF ProfilePath: C:\Users\Jiří Schwarzer\AppData\Roaming\Mozilla\Firefox\Profiles\6a1x2owl.default [2019-06-03]
FF Homepage: Mozilla\Firefox\Profiles\6a1x2owl.default -> http://www.seznam.cz
FF NetworkProxy: Mozilla\Firefox\Profiles\6a1x2owl.default -> type", 0
FF Extension: (Web of Trust) - C:\Users\Jiří Schwarzer\AppData\Roaming\Mozilla\Firefox\Profiles\6a1x2owl.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}.xpi [2019-04-12]
FF Extension: (No Name) - C:\Users\Jiří Schwarzer\AppData\Roaming\Mozilla\Firefox\Profiles\6a1x2owl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-25]
FF Extension: (Google Privacy) - C:\Users\Jiří Schwarzer\AppData\Roaming\Mozilla\Firefox\Profiles\6a1x2owl.default\Extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi [2016-05-01] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-14] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)

Chrome:
=======
StartMenuInternet: Google Chrome - Chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc. -> Apple Inc.)
S4 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [451800 2019-01-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S4 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2016-09-20] (Nero AG -> Nero AG)
S4 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation)
S4 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246448 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AgereSoftModem; C:\WINDOWS\system32\DRIVERS\agrsm64.sys [1212416 2010-03-15] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athwnx.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 htcnprot; C:\WINDOWS\system32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (Sqa.com(Test) -> QUALCOMM Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42664 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-03 17:05 - 2019-06-03 17:05 - 209665216 _____ C:\WINDOWS\MEMORY.DMP
2019-06-03 17:02 - 2019-06-03 17:04 - 000012285 _____ C:\Users\Jiří Schwarzer\Desktop\Fixlog.txt
2019-06-03 17:02 - 2019-06-03 17:02 - 000000000 ____D C:\Users\Jiří Schwarzer\Desktop\FRST-OlderVersion
2019-06-03 16:56 - 2019-06-03 16:56 - 000658036 _____ C:\WINDOWS\Minidump\060319-9671-01.dmp
2019-06-03 14:21 - 2019-06-03 14:21 - 000645220 _____ C:\WINDOWS\Minidump\060319-8968-01.dmp
2019-06-01 18:47 - 2019-06-01 18:47 - 000661532 _____ C:\WINDOWS\Minidump\060119-10078-01.dmp
2019-06-01 12:31 - 2019-06-01 12:31 - 001036436 _____ C:\WINDOWS\Minidump\060119-10609-01.dmp
2019-05-24 22:10 - 2019-06-01 10:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-05-20 10:24 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-20 10:24 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-05-20 10:24 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-20 10:24 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-05-20 10:24 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-20 10:24 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-20 10:24 - 2019-05-03 13:28 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-20 10:24 - 2019-05-03 08:33 - 000709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-05-20 10:24 - 2019-05-03 08:32 - 000793640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-05-20 10:24 - 2019-05-03 08:32 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-20 10:24 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-20 10:24 - 2019-05-03 08:31 - 002771256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-20 10:24 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-05-20 10:24 - 2019-05-03 08:31 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-05-20 10:24 - 2019-05-03 08:18 - 002258640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-20 10:24 - 2019-05-03 07:59 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-05-20 10:24 - 2019-05-03 07:59 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-05-20 10:24 - 2019-05-03 07:58 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-20 10:24 - 2019-05-03 07:57 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-05-20 10:24 - 2019-05-03 07:57 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-20 10:24 - 2019-05-03 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-20 10:24 - 2019-05-03 07:57 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-05-20 10:24 - 2019-05-03 07:55 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-20 10:24 - 2019-05-03 07:54 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-05-20 10:24 - 2019-05-03 07:54 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-05-20 10:24 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-20 10:24 - 2019-05-03 07:54 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-05-20 10:24 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-20 10:24 - 2019-04-19 11:44 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-20 10:24 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-20 10:24 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-20 10:24 - 2019-04-19 07:01 - 001982008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-20 10:24 - 2019-04-19 07:01 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-05-20 10:24 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-20 10:24 - 2019-04-19 06:38 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-05-20 10:24 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-20 10:24 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-05-20 10:24 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-05-20 10:24 - 2019-04-19 06:37 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-05-20 10:24 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-05-20 10:24 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-20 10:23 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-20 10:23 - 2019-05-03 13:51 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-20 10:23 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-20 10:23 - 2019-05-03 13:25 - 004055040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-05-20 10:23 - 2019-05-03 08:33 - 005625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-05-20 10:23 - 2019-05-03 08:33 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-20 10:23 - 2019-05-03 08:33 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-20 10:23 - 2019-05-03 08:33 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-05-20 10:23 - 2019-05-03 08:31 - 009084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-20 10:23 - 2019-05-03 08:19 - 006043712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-05-20 10:23 - 2019-05-03 08:18 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-05-20 10:23 - 2019-05-03 08:02 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-05-20 10:23 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-05-20 10:23 - 2019-05-03 07:59 - 007593472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-05-20 10:23 - 2019-05-03 07:59 - 005788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-05-20 10:23 - 2019-05-03 07:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-05-20 10:23 - 2019-05-03 07:58 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-20 10:23 - 2019-05-03 07:58 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-20 10:23 - 2019-05-03 07:57 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-05-20 10:23 - 2019-05-03 07:56 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-05-20 10:23 - 2019-05-03 07:55 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-20 10:23 - 2019-05-03 07:54 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-05-20 10:23 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-20 10:23 - 2019-05-03 07:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-05-20 10:23 - 2019-04-19 12:55 - 001634920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-20 10:23 - 2019-04-19 12:39 - 012754944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-20 10:23 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-20 10:23 - 2019-04-19 11:28 - 011940864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-20 10:23 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-05-20 10:23 - 2019-04-19 07:06 - 002571632 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-20 10:23 - 2019-04-19 07:06 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-05-20 10:23 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-20 10:23 - 2019-04-19 06:36 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-05-20 10:23 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-05-20 10:23 - 2019-04-19 06:34 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-16 17:23 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-16 17:23 - 2019-05-03 13:50 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-05-16 17:23 - 2019-05-03 08:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-16 17:23 - 2019-05-03 08:31 - 007519888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-16 17:23 - 2019-05-03 08:31 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-05-16 17:23 - 2019-05-03 08:31 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-05-16 17:23 - 2019-05-03 08:31 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-05-16 17:23 - 2019-05-03 08:18 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-16 17:23 - 2019-05-03 08:12 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-16 17:23 - 2019-05-03 08:05 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-16 17:23 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-05-16 17:23 - 2019-05-03 08:00 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-16 17:23 - 2019-05-03 07:59 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-05-16 17:23 - 2019-05-03 07:58 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-16 17:23 - 2019-05-03 07:57 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-05-16 17:23 - 2019-05-03 07:56 - 005350912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-05-16 17:23 - 2019-05-03 07:56 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-05-16 17:23 - 2019-05-03 07:54 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-05-16 17:23 - 2019-05-03 07:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-05-16 17:23 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-05-16 17:23 - 2019-04-19 06:42 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-16 17:23 - 2019-04-19 06:39 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-05-16 17:23 - 2019-04-19 06:37 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-16 17:23 - 2019-04-19 06:36 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-16 17:23 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-05-16 17:23 - 2019-04-19 06:34 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-16 17:23 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-05-16 14:23 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-16 14:23 - 2019-05-03 13:51 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-16 14:23 - 2019-05-03 13:50 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-05-16 14:23 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-16 14:23 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-16 14:23 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-16 14:23 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-16 14:23 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-16 14:23 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-16 14:23 - 2019-05-03 13:25 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-05-16 14:23 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-16 14:23 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-16 14:23 - 2019-05-03 08:33 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-16 14:23 - 2019-05-03 08:33 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-16 14:23 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-16 14:23 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-16 14:23 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-16 14:23 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-16 14:23 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-16 14:23 - 2019-05-03 08:31 - 001459328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-16 14:23 - 2019-05-03 08:31 - 001260480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-16 14:23 - 2019-05-03 08:31 - 001141224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-05-16 14:23 - 2019-05-03 08:31 - 000983632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-05-16 14:23 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-16 14:23 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-16 14:23 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-16 14:23 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-16 14:23 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-16 14:23 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-16 14:23 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-16 14:23 - 2019-05-03 08:10 - 022017024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-16 14:23 - 2019-05-03 08:02 - 019401216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-16 14:23 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-16 14:23 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-05-16 14:23 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-16 14:23 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-16 14:23 - 2019-05-03 07:58 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-05-16 14:23 - 2019-05-03 07:58 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-05-16 14:23 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-05-16 14:23 - 2019-05-03 07:57 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-16 14:23 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-16 14:23 - 2019-05-03 07:56 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-16 14:23 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-16 14:23 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-05-16 14:23 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-05-16 14:23 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-05-16 14:23 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-16 14:23 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-16 14:23 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-16 14:23 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-16 14:23 - 2019-05-03 06:38 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-05-16 14:23 - 2019-04-23 09:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-05-16 14:23 - 2019-04-23 08:14 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-05-16 14:23 - 2019-04-19 12:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-05-16 14:23 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-05-16 14:23 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-05-16 14:23 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-05-16 14:23 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-05-16 14:23 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-05-16 14:23 - 2019-04-19 07:06 - 000713264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-05-16 14:23 - 2019-04-19 07:06 - 000274232 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-16 14:23 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-05-16 14:23 - 2019-04-19 07:01 - 000581592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-05-16 14:23 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-05-16 14:23 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-05-16 14:23 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-05-16 14:23 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-05-16 14:23 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-16 14:23 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-05-16 14:23 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-05-16 14:23 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-05-16 14:23 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-16 14:23 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-16 14:23 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-05-16 14:23 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-16 14:23 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-05-16 14:23 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-16 14:23 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-16 14:23 - 2019-04-19 06:38 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-16 14:23 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-16 14:23 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-05-16 14:23 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-16 14:23 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-05-16 14:23 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-16 14:23 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-05-16 14:23 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-05-16 14:23 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-16 14:23 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-05-16 14:23 - 2019-04-19 06:35 - 000607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-05-16 14:23 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-05-16 14:23 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-16 14:23 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-05-16 14:23 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-05-16 14:23 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-05-16 14:23 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-16 14:23 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
2019-05-16 14:23 - 2019-04-09 03:48 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-05-16 14:23 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-16 14:23 - 2019-04-09 03:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-05-16 14:23 - 2019-04-09 03:48 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-05-16 14:23 - 2019-04-09 03:48 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-05-12 20:19 - 2019-05-12 20:20 - 000048995 _____ C:\Users\Jiří Schwarzer\Desktop\Addition.txt
2019-05-12 20:17 - 2019-06-03 18:22 - 000018209 _____ C:\Users\Jiří Schwarzer\Desktop\FRST.txt
2019-05-12 20:11 - 2019-05-12 20:12 - 000000000 ____D C:\AdwCleaner
2019-05-12 20:11 - 2019-05-12 20:11 - 007025360 _____ (Malwarebytes) C:\Users\Jiří Schwarzer\Downloads\adwcleaner_7.3.exe
2019-05-12 12:23 - 2019-05-12 12:24 - 000049008 _____ C:\Users\Jiří Schwarzer\Downloads\Addition.txt
2019-05-12 12:21 - 2019-06-03 18:21 - 000000000 ____D C:\FRST
2019-05-12 12:21 - 2019-05-12 12:24 - 000026115 _____ C:\Users\Jiří Schwarzer\Downloads\FRST.txt
2019-05-12 12:17 - 2019-06-03 17:02 - 002433536 _____ (Farbar) C:\Users\Jiří Schwarzer\Desktop\FRST64.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-03 18:20 - 2018-06-25 07:44 - 001956152 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-03 18:20 - 2018-04-12 17:50 - 000809482 _____ C:\WINDOWS\system32\perfh005.dat
2019-06-03 18:20 - 2018-04-12 17:50 - 000186690 _____ C:\WINDOWS\system32\perfc005.dat
2019-06-03 18:20 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-06-03 18:16 - 2016-11-28 23:15 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\LocalLow\Mozilla
2019-06-03 18:14 - 2018-06-25 08:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-03 18:14 - 2018-06-25 07:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-03 18:14 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-03 17:05 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-06-03 17:04 - 2016-11-11 15:19 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\LocalLow\Temp
2019-06-03 16:56 - 2019-05-02 23:00 - 000000000 ____D C:\WINDOWS\Minidump
2019-06-03 16:43 - 2018-06-25 07:50 - 000000000 ____D C:\Users\Jiří Schwarzer
2019-06-03 16:41 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-06-03 16:41 - 2016-04-06 19:59 - 000000000 ____D C:\ProgramData\Avira
2019-06-03 16:28 - 2016-09-16 11:06 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\Roaming\Skype
2019-06-03 16:25 - 2017-07-30 13:23 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\Local\HTC MediaHub
2019-06-03 14:32 - 2018-06-25 08:04 - 000004216 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{58C851E0-42D5-4145-9A49-76954694F1CE}
2019-06-03 14:21 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-01 10:30 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-01 10:25 - 2018-06-25 08:04 - 000003384 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-587923702-3901416241-2912820861-1001
2019-06-01 10:24 - 2018-06-25 07:50 - 000002427 _____ C:\Users\Jiří Schwarzer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-01 10:24 - 2016-05-24 00:00 - 000000000 ___RD C:\Users\Jiří Schwarzer\OneDrive
2019-06-01 10:23 - 2016-04-08 16:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-05-26 05:52 - 2016-04-08 16:15 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-05-22 23:20 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-22 23:19 - 2017-09-29 10:01 - 000000000 ____D C:\Program Files\rempl
2019-05-22 23:18 - 2018-06-25 07:41 - 000234144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-22 15:44 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-22 15:44 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-22 15:44 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-22 15:44 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-16 14:23 - 2016-04-06 19:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-05-16 14:20 - 2016-04-06 19:10 - 132445408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-05-14 13:11 - 2018-06-25 08:04 - 000004660 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-05-14 13:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-05-14 13:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-05-13 21:43 - 2016-04-08 17:06 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\Roaming\vlc
2019-05-12 12:15 - 2018-08-06 22:45 - 000000000 ____D C:\Users\Jiří Schwarzer\AppData\Local\D3DSCache
2019-05-11 12:41 - 2016-09-30 03:26 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-06 22:13 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-05-04 01:53 - 2018-04-12 01:41 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-04 01:53 - 2018-04-12 01:41 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2019-02-02 18:41 - 2019-02-02 18:41 - 001558480 _____ ( ) C:\Users\Jiří Schwarzer\xlsreader_setup.exe
2016-04-08 17:04 - 2016-05-24 00:02 - 000003584 _____ () C:\Users\Jiří Schwarzer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-06 21:47 - 2016-04-06 21:47 - 000000017 _____ () C:\Users\Jiří Schwarzer\AppData\Local\resmon.resmoncfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-06-2019
Ran by Jiří Schwarzer (03-06-2019 18:22:31)
Running from C:\Users\Jiří Schwarzer\Desktop
Windows 10 Home Version 1803 17134.765 (X64) (2018-06-25 06:04:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-587923702-3901416241-2912820861-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-587923702-3901416241-2912820861-503 - Limited - Disabled)
Guest (S-1-5-21-587923702-3901416241-2912820861-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-587923702-3901416241-2912820861-1002 - Limited - Enabled)
Jiří Schwarzer (S-1-5-21-587923702-3901416241-2912820861-1001 - Administrator - Enabled) => C:\Users\Jiří Schwarzer
WDAGUtilityAccount (S-1-5-21-587923702-3901416241-2912820861-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActKey (HKLM-x32\...\{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.9.1.0 - Oki Data Corporation) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.192 - Adobe)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Any Video Converter 6.2.2 (HKLM-x32\...\Any Video Converter) (Version: 6.2.2 - Anvsoft)
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Avira (HKLM-x32\...\{4771539a-931b-4378-8d4a-721ba62effca}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{C22F76F2-AC9E-44BA-B297-71485F94022F}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM-x32\...\Broadcom 802.11b Network Adapter) (Version: - )
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.77.0 - HTC)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.3.4.400 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.101 - LSI Corporation)
Microsoft OneDrive (HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\OneDriveSetup.exe) (Version: 19.070.0410.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movavi Video Converter 17 (HKLM-x32\...\Movavi Video Converter 17) (Version: 17.2.1 - Movavi)
Mozilla Firefox 67.0 (x64 cs) (HKLM\...\Mozilla Firefox 67.0 (x64 cs)) (Version: 67.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 67.0.0.7075 - Mozilla)
Muppet Babies - Air, Land and Sea (HKLM-x32\...\{52496559-216D-483F-AC79-9F9B089F4274}) (Version: - )
Muppet Babies - Sorting and Thinking (HKLM-x32\...\{D91EBEEC-700D-44A1-A394-6EBD1D93F281}) (Version: - )
OKI ActKey (HKLM-x32\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.9.1.0 - Oki Data Corporation)
OKI MB4x1/ES41x1/MPS42x Scanner (HKLM-x32\...\InstallShield_{59B5BAE2-6CB8-4375-AF76-ECF3D34095FA}) (Version: 1.1.1.0 - Oki Data Corporation)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
ScannerDriver (HKLM\...\{59B5BAE2-6CB8-4375-AF76-ECF3D34095FA}) (Version: 1.1.1.0 - Oki Data Corporation) Hidden
Skype™ 7.39 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
SOTI Pocket Controller for Android (HKLM-x32\...\{27C323C9-C757-44E2-AF70-245586D0F462}) (Version: 2.1.0 - SOTI Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{567756E0-361F-4E88-AF74-8B0E4628E5BC}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XLS Reader (HKLM-x32\...\{30D6D257-BE4B-48F2-8D9E-E787A52A0738}_is1) (Version: 1.0 - )

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.140.300.0_x86__kgqvnymyfvs32 [2019-05-28] (king.com)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-13] (Microsoft Corporation)
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Microsoft Telefon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-09] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-05-25] (Microsoft Corporation)
XLS Viewer Free -> C:\Program Files\WindowsApps\62307pauljohn.XLSViewerFree_1.1.0.1_x86__7sv5v3m8wq0b2 [2019-02-02] (pauljohn)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-587923702-3901416241-2912820861-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AgereModemAudio => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Avira.ServiceHost => 2
MSCONFIG\Services: HTCMonitorService => 2
MSCONFIG\Services: iumsvc => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PassThru Service => 2
MSCONFIG\Services: SkypeUpdate => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Network Configuration"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-587923702-3901416241-2912820861-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1A6D839A-6D3A-45C5-8CB1-62DE4B296CC3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{829A4AE5-E646-4CDA-BF3A-BF9CC2EB84F7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1E7E4445-B55B-4056-B6F6-9BE4D70D416D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2666A9E8-88F3-4EAC-B27A-AFACEB443820}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F544DEEC-CD7D-4C3B-A87C-1AD6491BFADF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1A4A5B3E-204D-48B3-BBF2-D363C1385AB6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{96EB89E9-486B-4572-ABEE-D17A50E7EDBB}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{065D9BF1-0746-49AE-9CB4-513888E99A33}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{6026679A-971B-4F2E-98EE-42039AD514C1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4DE8BAB6-FDC0-4F69-85BE-DC56CA4D5FFB}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{FE160018-40D7-4D68-BB99-8F501D6BDF5F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{45CB2686-6C5F-4D4C-8C2A-DDAA78AF9D9F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A3C5BFD7-736E-485C-9112-97AD1238ABFC}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe (Nero AG -> )
FirewallRules: [TCP Query User{5BC9DEFD-1E04-4D72-87CB-D6AED43743A5}C:\program files (x86)\soti\pocket controller for android\pocketcontroller.exe] => (Allow) C:\program files (x86)\soti\pocket controller for android\pocketcontroller.exe (SOTI Inc.) [File not signed]
FirewallRules: [UDP Query User{F0342DBA-8C3A-4453-B34C-94149B3DAD24}C:\program files (x86)\soti\pocket controller for android\pocketcontroller.exe] => (Allow) C:\program files (x86)\soti\pocket controller for android\pocketcontroller.exe (SOTI Inc.) [File not signed]
FirewallRules: [TCP Query User{FEF336FB-BA5D-4254-AD05-5CC3B0E49D08}C:\users\jiří schwarzer\desktop\my mobile\mymobiler\mymobiler.exe] => (Allow) C:\users\jiří schwarzer\desktop\my mobile\mymobiler\mymobiler.exe (MTUX Corp) [File not signed]
FirewallRules: [UDP Query User{6B5E2C26-FC1C-412F-8254-B0A04E94742B}C:\users\jiří schwarzer\desktop\my mobile\mymobiler\mymobiler.exe] => (Allow) C:\users\jiří schwarzer\desktop\my mobile\mymobiler\mymobiler.exe (MTUX Corp) [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2019 06:14:41 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (06/03/2019 04:56:15 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (06/03/2019 04:41:38 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (06/03/2019 04:25:01 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (06/03/2019 04:24:56 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (06/03/2019 02:41:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MicrosoftEdgeCP.exe verze 11.0.17134.765 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 2348

Čas spuštění: 01d51a098e681393

Čas ukončení: 8

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

ID hlášení: 4d99e822-8d12-4f3b-bde1-3c858c8facbb

Úplný název balíčku s chybou: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe

ID aplikace související s balíčkem s chybou: ContentProcess

Error: (06/03/2019 02:32:38 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.

Error: (06/03/2019 02:21:44 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe.Config na řádku 0.
Neplatná syntaxe XML.


System errors:
=============
Error: (06/03/2019 06:14:28 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (06/03/2019 05:02:50 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (06/03/2019 05:02:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Remediation Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (06/03/2019 05:02:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba iPod Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/03/2019 05:02:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (06/03/2019 05:02:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Adaptér naslouchání Net.Msmq byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (06/03/2019 05:02:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Řízení front zpráv byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (06/03/2019 05:02:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2019-05-03 14:41:43.257
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\AviraSecurityCenterAgent.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Avira\Antivirus\libcurl.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Phoenix Technologies LTD V1.09 11/26/2009
Motherboard: Acer Aspire 5740
Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 54%
Total physical RAM: 3956.5 MB
Available physical RAM: 1786.06 MB
Total Virtual: 7924.5 MB
Available Virtual: 5772.08 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.41 GB) (Free:18.88 GB) NTFS

\\?\Volume{9f49f909-fc18-11e5-89f4-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{dea12e0c-0000-0000-0000-a0a01b000000}\ () (Fixed) (Total:0.8 GB) (Free:0.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: DEA12E0C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=815 MB) - (Type=27)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Notebook se zasekne

#6 Příspěvek od Rudy »

Potřebuji vidět obsah souboru fixlog.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Notebook se zasekne

#7 Příspěvek od Mortiz696 »

Zde ho přikládám v příloze.
Přílohy
Fixlog.rar
(2.32 KiB) Staženo 44 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Notebook se zasekne

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Mortiz696
Návštěvník
Návštěvník
Příspěvky: 76
Registrován: 29 led 2014 19:24

Re: Notebook se zasekne

#9 Příspěvek od Mortiz696 »

Notebook viditelně pracuje rychle, načítání atd. Procesor taktéž málo vytěžován a taktéž se už ventilátory netočili jako zběsilé. Bohužel však integrovaná grafická karta viditelně po několika dnech vypověděla službu navždy a notebook skončil. Toto téma můžete prosím uzavřít a v hardware sekci se na vás obrátím s výběrem nového stroje děkuji.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Notebook se zasekne

#10 Příspěvek od Rudy »

To je mi líto. :(
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno