pri otevirani prohlizece mozilla se oteviraji vice oken najednou
vkladam log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-02-2020 02
Ran by Absender (administrator) on ABSENDER (Gigabyte Technology Co., Ltd. B250M-DS3H) (08-02-2020 13:37:33)
Running from C:\Users\Absender\Desktop
Loaded Profiles: Absender (Available Profiles: Absender)
Platform: Windows 10 Pro Version 1909 18363.592 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19122.138.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.590_none_5efc551459114cb9\TiWorker.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2018-01-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5011504 2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\MountPoints2: {2c28a709-42c7-11ea-9c9f-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\MountPoints2: {2c28a746-42c7-11ea-9c9f-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.87\Installer\chrmstp.exe [2020-02-07] (Google LLC -> Google LLC)
Startup: C:\Users\Absender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AORUS ENGINE.lnk [2019-06-30]
ShortcutTarget: AORUS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed]
Startup: C:\Users\Absender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2019-06-30]
ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-01-29]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02C52A31-55F3-40D5-ADEC-B8A3B697E6F2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {0720999F-19DC-4958-B147-88B7A1E90E0A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0BD0BCE9-470B-47E8-9D5D-C70086A6D018} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {19A7962B-24EE-44D6-861E-B3B81EA3CA41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.)
Task: {21BA0C68-0F15-4C5A-B659-26EC3E62BF93} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C4AB95F-CDE2-42A9-AE2D-6C08EFD68B08} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [903520 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {41F39046-AA20-4F38-A89A-0E39B0BA51BD} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4A1E3264-A35C-44CA-B463-2364256FE663} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
Task: {50B4392A-6100-4044-8D71-79995D58B91B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {568C6093-B520-41CC-8E0F-65CA50C27378} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.)
Task: {86811E2C-7543-41D6-BB62-EC97B92D6E9D} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [32554928 2019-06-17] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
Task: {995754F9-41AD-4DCF-8B1E-72BA32171351} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F673F79-6505-44BA-B3EA-B6B9D830FCF0} - System32\Tasks\{00D66030-8078-43C7-BDDB-44E353E591DA} => "c:\windows\system32\launchwinapp.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {B2E39FFE-AE0A-494E-A419-2EF3AFE5B6DB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7DCADD7-7F19-4635-9D8D-4205AFBFC4CA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BC3D8F17-2610-4A41-80D2-775003C34AD2} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {CBF5D950-1501-4EF6-A462-059EAB61E84A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-27] (Adobe Inc. -> Adobe)
Task: {D38E6644-0C22-4C83-A011-3BA5EBD2F9B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-27] (Adobe Inc. -> Adobe)
Task: {DD5B24C8-8FDF-47E7-A079-96B52EC48F7E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E09FCC65-D5BA-4148-A025-7191A468453C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F4AF3F82-410F-41FD-96AB-28D88EF2FD16} - System32\Tasks\TweakBit\PCRepairKit\Start PCRepairKit show scan results notification => C:\Program Files (x86)\TweakBit\PCRepairKit\PCRepairKit.exe <==== ATTENTION
Task: {F71A732D-00E3-4644-8C52-285F75D3AD5E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD21D496-4C9C-45BA-A873-DD28D83C2EF0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Avast Driver Updater Scan.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => No File
Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{93409150-3000-4183-bc56-7d5bdab14ecf}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Edge:
======
DownloadDir: C:\Users\Absender\Downloads
FireFox:
========
FF DefaultProfile: j1ksk7ov.default
FF ProfilePath: C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default [2020-02-08]
FF Homepage: Mozilla\Firefox\Profiles\j1ksk7ov.default -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\j1ksk7ov.default -> hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://web.whatsapp.com; hxxps://www-www-bolf-cz.pushpushgo.com; hxxps://amigurumi.today; hxxps://www.tipli.cz
FF Extension: (ETP Search Volume Study) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-06-27]
FF Extension: (SafeGuard) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\extension@safeguard.ws.xpi [2019-07-29]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\sp@avast.com.xpi [2020-01-18]
FF Extension: (Avast Online Security) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\wrc@avast.com.xpi [2020-01-23]
FF Extension: (Stylish - Custom themes for any website) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2019-04-06]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-10-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-27] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-27] (Adobe Inc. -> )
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default [2020-01-27]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-07]
CHR Extension: (Dokumenty) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-07]
CHR Extension: (Disk Google) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-07]
CHR Extension: (YouTube) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-11-19]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-23]
CHR Extension: (Tabulky) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-06]
CHR Extension: (Avast Online Security) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-23]
CHR Extension: (Gmail) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-23]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-12-27] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [870760 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
S4 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [783208 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [290392 2019-04-18] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [47560 2018-11-19] (FinalWire Kft. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-01] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-04-15] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2018-04-15] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv; C:\Windows\gdrv.sys [26792 2018-03-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 gdrv2; C:\WINDOWS\gdrv2.sys [32008 2019-06-30] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 GLCKIO2; C:\Program Files (x86)\GIGABYTE\RGBFusion\GLCKIO2.sys [19392 2018-03-08] (ASUSTeK Computer Inc. -> )
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [941624 2018-01-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-04-18] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9e532b5f619dc909\nvlddmkm.sys [23276960 2020-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1167768 2019-11-20] (Realtek Semiconductor Corp. -> Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 GPCIDrv; \??\C:\Users\Absender\AppData\Local\Temp\7zSDA33.tmp\N2080_FW_Upgrade_Tool_V003\GPCIDrv64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-08 13:37 - 2020-02-08 13:38 - 000028861 _____ C:\Users\Absender\Desktop\FRST.txt
2020-02-08 13:35 - 2020-02-08 13:35 - 002279424 _____ (Farbar) C:\Users\Absender\Desktop\FRST64.exe
2020-02-05 23:33 - 2020-02-05 23:33 - 000001060 _____ C:\Users\Public\Desktop\HiSuite.lnk
2020-02-05 23:33 - 2020-02-05 23:33 - 000001060 _____ C:\ProgramData\Desktop\HiSuite.lnk
2020-02-05 23:33 - 2020-02-05 23:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2020-02-05 23:33 - 2020-02-05 23:33 - 000000000 ____D C:\Program Files (x86)\HiSuite
2020-02-03 23:23 - 2020-02-03 23:23 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-02-03 23:22 - 2020-01-31 00:04 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-02-03 23:22 - 2020-01-31 00:04 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-02-03 23:22 - 2020-01-31 00:04 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-02-03 23:22 - 2020-01-31 00:04 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-02-03 23:22 - 2020-01-31 00:04 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 000450576 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 000353160 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-02-03 23:22 - 2020-01-31 00:03 - 011843504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-02-03 23:22 - 2020-01-31 00:03 - 010167544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 017462616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 005384584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 004718792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 002075904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001727320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444219.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001569160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001490688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444219.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001485688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001370360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001145776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001064384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000825720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000815120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000685912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000677584 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000660176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000557304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000545112 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-02-03 23:22 - 2020-01-31 00:01 - 040511408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-02-03 23:22 - 2020-01-31 00:01 - 035380120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-02-03 23:22 - 2020-01-31 00:01 - 015031808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-30 19:33 - 2020-02-03 23:17 - 000011175 _____ C:\Users\Absender\Desktop\KES 2020 leden.xlsx
2020-01-29 19:29 - 2020-01-29 19:29 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2020-01-29 19:29 - 2020-01-29 19:29 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2020-01-29 19:29 - 2020-01-29 19:29 - 000001028 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2020-01-29 19:21 - 2020-01-29 19:29 - 000000000 ____D C:\Users\Absender\AppData\Local\TeamViewer
2020-01-27 17:24 - 2020-01-27 17:24 - 001207336 _____ (Adobe Inc) C:\Users\Absender\Downloads\flashplayer32_a_install.exe
2020-01-16 13:46 - 2020-01-30 23:58 - 004230752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 15:49 - 2020-01-15 15:50 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 15:49 - 2020-01-15 15:50 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-08 13:38 - 2019-11-04 18:13 - 000000000 ____D C:\FRST
2020-02-08 13:35 - 2018-03-14 00:21 - 000000000 ____D C:\Users\Absender\AppData\LocalLow\Mozilla
2020-02-08 13:31 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-08 13:28 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-08 13:28 - 2018-04-07 21:10 - 000000000 ____D C:\Users\Absender\AppData\Roaming\TeamViewer
2020-02-08 13:28 - 2018-04-07 21:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-02-08 13:28 - 2018-03-14 00:14 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-08 13:16 - 2019-06-10 20:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-08 13:15 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-02-08 12:45 - 2019-06-10 20:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-08 12:22 - 2019-11-06 17:45 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-08 12:22 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-07 11:27 - 2018-11-21 17:25 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-07 11:27 - 2018-11-21 17:25 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-07 11:27 - 2018-11-21 17:25 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-02-05 23:34 - 2018-04-17 16:09 - 000000000 ____D C:\Users\Absender\AppData\Local\Hisuite
2020-02-05 23:22 - 2018-06-21 23:48 - 000000000 ____D C:\Users\Absender\AppData\Local\AVAST Software
2020-02-05 23:20 - 2019-11-05 14:21 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-05 23:20 - 2019-11-05 14:21 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-01 21:01 - 2019-06-10 20:49 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-01 21:01 - 2019-06-10 20:49 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-01 21:01 - 2019-06-10 20:49 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-01 21:01 - 2019-06-10 20:49 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-01 21:01 - 2019-06-10 20:49 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-01 21:01 - 2019-06-10 20:49 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-01 21:01 - 2019-06-10 20:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-30 23:58 - 2019-05-28 14:39 - 004963008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-01-30 02:40 - 2019-05-28 14:39 - 000055783 _____ C:\WINDOWS\system32\nvinfo.pb
2020-01-30 00:56 - 2018-03-14 00:14 - 005577224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 002655864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 000670840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 000454512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 000131176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 000083976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-01-29 23:41 - 2018-03-14 00:32 - 000000000 ____D C:\Users\Absender\AppData\Local\CrashDumps
2020-01-29 19:39 - 2018-03-14 00:28 - 000000000 ____D C:\ProgramData\AVAST Software
2020-01-27 17:36 - 2018-11-06 02:14 - 000000000 ____D C:\Users\Absender\AppData\Local\D3DSCache
2020-01-27 17:35 - 2019-06-10 20:49 - 000004648 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-27 17:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-27 17:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-27 17:35 - 2018-03-14 00:28 - 000000000 ____D C:\Users\Absender\AppData\Local\Adobe
2020-01-27 17:29 - 2018-03-25 01:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-27 17:29 - 2018-03-14 00:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-27 17:22 - 2019-06-10 20:49 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-27 17:22 - 2019-06-10 20:49 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-27 17:22 - 2019-06-10 20:49 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-27 17:22 - 2019-06-10 20:49 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-27 08:11 - 2018-03-14 00:14 - 008887562 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-01-23 14:28 - 2018-03-14 00:14 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2020-01-21 18:24 - 2018-03-25 01:09 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-16 13:43 - 2018-03-14 00:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-16 13:43 - 2018-03-14 00:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-01-16 13:43 - 2018-03-14 00:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-01-15 16:11 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-15 16:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-15 16:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-15 16:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 16:06 - 2018-03-14 00:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 16:03 - 2019-11-07 00:05 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-15 16:03 - 2018-03-14 00:35 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-13 13:52 - 2019-11-07 00:48 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-13 13:47 - 2019-10-21 22:56 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-01-13 13:47 - 2019-10-21 22:56 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-01-11 00:52 - 2019-11-07 00:47 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
==================== Files in the root of some directories ========
2019-10-23 20:59 - 2019-10-23 20:59 - 000000000 _____ () C:\Users\Absender\AppData\Local\oobelibMkey.log
2018-04-29 22:11 - 2018-04-29 22:11 - 000000017 _____ () C:\Users\Absender\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
moc prosim o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
absenderP8
- Návštěvník
- Příspěvky: 23
- Registrován: 05 srp 2018 14:28
-
absenderP8
- Návštěvník
- Příspěvky: 23
- Registrován: 05 srp 2018 14:28
Re: moc prosim o kontrolu logu
a zde je addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Absender (08-02-2020 13:38:50)
Running from C:\Users\Absender\Desktop
Windows 10 Pro Version 1909 18363.592 (X64) (2019-06-10 19:50:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
absen (S-1-5-21-3472687519-3125997382-303759886-1003 - Limited - Disabled)
Absender (S-1-5-21-3472687519-3125997382-303759886-1001 - Administrator - Enabled) => C:\Users\Absender
Administrator (S-1-5-21-3472687519-3125997382-303759886-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3472687519-3125997382-303759886-503 - Limited - Disabled)
Guest (S-1-5-21-3472687519-3125997382-303759886-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3472687519-3125997382-303759886-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.6.6.0 - GIGABYTE Technology Co.,Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.6 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (12/24/2011 2.0000.0.0) (HKLM\...\D0E6296D177F42BB31C0200E49412003DB6C4633) (Version: 12/24/2011 2.0000.0.0 - MediaTek Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.87 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.0.1.100 - Huawei Technologies Co.,Ltd)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1916.12.0.1263 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.1.1018 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{5f313643-63c9-4660-8dae-eb4a80196cb4}) (Version: 10.1.2.19 - Intel(R) Corporation) Hidden
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-ES) (HKLM-x32\...\{F49AF755-A5C3-4252-A190-5772B2669C3B}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-MX) (HKLM-x32\...\{E8F3B154-03CE-4120-8B9D-9E83ED5F3AD7}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-FR) (HKLM-x32\...\{4CC174AA-25BC-46FF-B1E2-13B24AFB6142}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (it-IT) (HKLM-x32\...\{969D900A-3481-4A77-B888-D24160D4D727}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (ja-JP) (HKLM-x32\...\{EDA8693D-9E82-4FD1-98C8-0DC4F9141E0F}) (Version: 11.0.7400.336 - Microsoft Corporation)
Master PDF Editor 3.6 (HKLM\...\Master PDF Editor 3_is1) (Version: 3.6.30 - Code Industry Ltd.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pl-PL) (HKLM-x32\...\{BEFB9378-5E88-4266-8EB1-C92869449885}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (ru-RU) (HKLM-x32\...\{9419B7EA-6A4B-4A57-8E2A-3BDD4676118F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-CN) (HKLM-x32\...\{BAD2A75A-1708-47BA-A498-20890D2C78A7}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.1 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 442.19 - NVIDIA Corporation) Hidden
PDFCreator 0.8.0 (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: - Frank Heindörfer, Philip Chinery)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8586 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.34.603.2019 - Realtek)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.18.0919.1 - GIGABYTE)
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
SilentSetup (HKLM-x32\...\{BA073B32-292B-424A-97E1-70C25CD1075F}) (Version: 1.0.0 - Default Company Name) Hidden
Skype verze 8.36 (HKLM-x32\...\Skype_is1) (Version: 8.36 - Skype Technologies S.A.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\WhatsApp) (Version: 0.2.9998 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.4.7.0_x86__kgqvnymyfvs32 [2020-01-10] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.156.300.0_x86__kgqvnymyfvs32 [2020-01-28] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.7.0.4_x86__h6adky7gbf63m [2020-01-21] (Gameloft.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-29] (Dolby Laboratories)
Magic Jigsaw Puzzles -> C:\Program Files\WindowsApps\XIMADINC.MagicPuzzles_3.15.1.0_x64__np8fj6akx2czy [2020-01-21] (ZiMAD) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.5.2.1_x86__h6adky7gbf63m [2020-01-15] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.12130.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-11-21] (Realtek Semiconductor Corp)
XLS Edit -> C:\Program Files\WindowsApps\BallardAppCraftery.XLSEdit_1.1.9.0_x64__epyrqhfctk40t [2019-01-21] (Ballard App Craftery)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-12-02 23:29 - 2019-12-02 23:29 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2019-05-14 22:20 - 2016-03-21 22:15 - 000027648 _____ (Copyright (c) Code Industry Ltd ) [File not signed] C:\WINDOWS\System32\mpelocalmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WmsSelfHealing => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\hvsifltr => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WmsSelfHealing => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-11-07 00:42 - 000001121 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 genuine.adobe.com
127.0.0.1 prod.adobegenuine.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Intel\iCLS Client;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\System32\OpenSSH;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYSTEMROOT%\System32\OpenSSH;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Absender\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Avast Cleanup Premium.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{70870376-E117-481B-8278-49537B05415E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4D30B7CA-6E92-47A3-B480-6D007B9FB5A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C0ECD061-0587-4B4B-86EC-DEE84548D373}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E1C63ED7-9A18-4F8A-9534-297750564D01}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{552502A4-47CA-4824-8F70-5D7BF666B78D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{02EF4604-C955-4BA4-B7E3-AEF9C82C3120}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ED0DDEB5-CFE8-4D12-BF06-E31BC7664A23}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B82B78D2-1AB8-45B7-993D-165C2EDB99A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7B18B8FF-718B-4952-B3E4-F38D7F8343C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9C5992E-9865-4BB6-9821-10FD81391A3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9AC50341-70B8-4AA9-8680-991E24CA39DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7AA9EBFF-B50D-4ACB-8359-39ED78209E86}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{079962AD-09CA-4F72-A951-314B88DD42CF}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{ACBBE68A-CC6D-42A9-811F-2E42388F1B81}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [UDP Query User{F92C433B-D9C0-4DB8-AC9B-36CF0311B3B9}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5B767942-CCE2-4EB4-98A4-FBB5036D2BC2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{ACC094A7-905C-4FD7-AEF4-FC0862225BCD}C:\users\absender\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\absender\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{89180C4A-775D-473C-8290-EECB568E3C80}C:\users\absender\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\absender\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{8A602333-8264-4522-BA89-E155FF154A87}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22042089-5DA4-4CD2-91C9-0096C9DA2CE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AEF4E788-FC49-45A9-BECC-47792E3A4D45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{EC1CB7FD-AA10-4021-84AC-7EEEF9242EAD}C:\program files (x86)\gigabyte\aorus engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus engine\aorus.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
FirewallRules: [UDP Query User{0A455292-771F-4D44-9FFD-51685652FA3B}C:\program files (x86)\gigabyte\aorus engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus engine\aorus.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
FirewallRules: [{8C82857D-1BE4-4F13-BE68-5C05710BE1B1}] => (Allow) C:\Program Files (x86)\Alawarhry.cz\Darkness and Flame The Dark Side Collectors Edition\DarknessAndFlame_TheDarkSide_CE.exe (Alawar Entertainment Inc -> )
FirewallRules: [{B78A830E-1A61-400F-AB31-2E8D62FE25AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{847D2A55-9C34-422E-8754-718F17A1C604}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{922E2B86-87EC-4980-894F-6625909500ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DE09E2C5-09A0-497E-94D3-73472D5DA2F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DAD89831-E918-4144-9F88-10A66F11E2E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1689EC8A-A2DB-4392-89C6-56C99E1BF8A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{097007CC-968A-4898-B94F-F4414EFE7F91}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B44AF02F-1469-4500-B22E-59170EA2BE3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3A796E63-EA2C-4A8F-B40B-262EE66016EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA96FF1C-B13E-4F5F-B97C-C25B16C182D7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F5E1AC4-DFA2-40F8-BAF0-EA39B561F949}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC57B6C2-85DE-40CD-84F0-9FBD7433080C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1957A699-783F-43D9-8872-DB990C9E5BEC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94F53D90-50A9-4990-A369-825B7895B466}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C5E36A76-58A6-4359-BB27-7BF5B1B45AB2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{609563E6-966D-4AB3-AE73-F616E6444F4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0A65018-D53E-4554-8E6E-96DF83333C28}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9DEB87DA-B175-4C8E-A648-03DF2F407388}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{701BF211-0ED5-4C1D-B470-9F7CECA60D49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FD77C0A7-B859-401F-BD55-68CA391807D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7BC5FA52-6042-4FF0-8679-54E59DAD6A9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3056797-1684-44DF-B336-B1208B97028F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{580F148D-3454-435D-890C-35505684A94E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{943B0452-C8BA-4DC3-955A-A4C715DDFAFA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E4F2FFDE-A5DC-4DCA-8F94-13A698DD92D6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E622F74D-F91D-417F-803B-9714AC923ADB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [WMS-Dashboard] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsDashboard.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-UDP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-TCP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [WMS-Manager] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsManager.exe No File
FirewallRules: [WMS-Service] => (Allow) %ProgramFiles%\Windows MultiPoint Server\Wmssvc.exe No File
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
FirewallRules: [HNS Container Networking - DNS (UDP-In) - 879AA28C-BC5D-4082-82F6-B488CD887C81 - 0] => (Allow) LPort=53
FirewallRules: [{31C898BE-DCBC-44C2-858B-186EAA3684FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A53E14B-41D3-4951-8683-2A5ACF2C819B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BBECD3B-BF62-4D77-ABB3-966DEAF878E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8CD818AA-60FC-4715-B858-32FF8D786756}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD065AC4-5B68-4E77-8FD0-52C6580CBCEA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BA914AAA-89A8-4FA0-A416-6B15A933BB4B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7D3BB7C3-D929-4C8B-A7FB-E14FC0B8F6A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E09806E8-077D-4399-9671-88289557D02D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C9C2A603-C275-4DF6-B582-B37CB5F82C06}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
20-01-2020 20:17:50 Naplánovaný kontrolní bod
30-01-2020 20:12:51 Naplánovaný kontrolní bod
08-02-2020 12:46:34 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/08/2020 01:34:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4224,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/08/2020 01:25:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5684,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/08/2020 01:15:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (02/08/2020 01:15:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/08/2020 01:15:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (02/08/2020 01:15:31 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/08/2020 12:43:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4376,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/08/2020 12:28:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4572,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (02/08/2020 01:31:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 01:31:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Error: (02/08/2020 01:31:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 01:31:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Error: (02/08/2020 01:31:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 01:31:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Error: (02/08/2020 01:18:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 01:18:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Windows Defender:
===================================
Date: 2019-11-03 23:00:11.816
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {16B84A65-D35A-43FF-8C43-3B63771BD8E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 20:58:49.519
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FF42EB60-0071-4CF5-84D3-55BFC0F84D6A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 20:07:04.741
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EFC3459B-7C14-41E4-BBB7-78AC401CD11E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 19:57:05.676
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {097A5B46-B9B4-4148-8274-A065E76037BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 17:55:31.972
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9194991A-5743-49EB-889A-BB997A7E2315}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-06 23:43:30.692
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1484.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Date: 2019-11-06 23:33:27.343
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2019-11-05 22:55:52.331
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80508023
Popis chyby: Program nenašel na tomto zařízení malware ani jiný potenciálně nevyžádaný software.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2019-11-04 18:07:54.428
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1375.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-02-08 13:35:49.287
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-02-08 13:18:34.499
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-02-08 13:18:34.489
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-02-08 13:18:34.474
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-02-08 13:17:59.643
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 13:17:59.631
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 13:17:59.619
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 13:17:59.606
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F9 04/10/2018
Motherboard: Gigabyte Technology Co., Ltd. B250M-DS3H-CF
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 22%
Total physical RAM: 16344.08 MB
Available physical RAM: 12717.79 MB
Total Virtual: 16344.08 MB
Available Virtual: 11583.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:399.4 GB) (Free:328.74 GB) NTFS
Drive e: (Data) (Fixed) (Total:531.51 GB) (Free:224.27 GB) NTFS
Drive f: (Nový svazek) (Fixed) (Total:237.54 GB) (Free:63.57 GB) NTFS
\\?\Volume{1fc77f4c-c2e6-44e2-96e4-ddaef3a8a3d8}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
\\?\Volume{c1674b6f-1bea-4690-8c66-bf4ff46b4112}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 80B49758)
Partition: GPT.
==================== End of Addition.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Absender (08-02-2020 13:38:50)
Running from C:\Users\Absender\Desktop
Windows 10 Pro Version 1909 18363.592 (X64) (2019-06-10 19:50:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
absen (S-1-5-21-3472687519-3125997382-303759886-1003 - Limited - Disabled)
Absender (S-1-5-21-3472687519-3125997382-303759886-1001 - Administrator - Enabled) => C:\Users\Absender
Administrator (S-1-5-21-3472687519-3125997382-303759886-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3472687519-3125997382-303759886-503 - Limited - Disabled)
Guest (S-1-5-21-3472687519-3125997382-303759886-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3472687519-3125997382-303759886-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.6.6.0 - GIGABYTE Technology Co.,Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.6 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (12/24/2011 2.0000.0.0) (HKLM\...\D0E6296D177F42BB31C0200E49412003DB6C4633) (Version: 12/24/2011 2.0000.0.0 - MediaTek Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.87 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.0.1.100 - Huawei Technologies Co.,Ltd)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1916.12.0.1263 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.1.1018 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{5f313643-63c9-4660-8dae-eb4a80196cb4}) (Version: 10.1.2.19 - Intel(R) Corporation) Hidden
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-ES) (HKLM-x32\...\{F49AF755-A5C3-4252-A190-5772B2669C3B}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-MX) (HKLM-x32\...\{E8F3B154-03CE-4120-8B9D-9E83ED5F3AD7}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-FR) (HKLM-x32\...\{4CC174AA-25BC-46FF-B1E2-13B24AFB6142}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (it-IT) (HKLM-x32\...\{969D900A-3481-4A77-B888-D24160D4D727}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (ja-JP) (HKLM-x32\...\{EDA8693D-9E82-4FD1-98C8-0DC4F9141E0F}) (Version: 11.0.7400.336 - Microsoft Corporation)
Master PDF Editor 3.6 (HKLM\...\Master PDF Editor 3_is1) (Version: 3.6.30 - Code Industry Ltd.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pl-PL) (HKLM-x32\...\{BEFB9378-5E88-4266-8EB1-C92869449885}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (ru-RU) (HKLM-x32\...\{9419B7EA-6A4B-4A57-8E2A-3BDD4676118F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-CN) (HKLM-x32\...\{BAD2A75A-1708-47BA-A498-20890D2C78A7}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.1 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 442.19 - NVIDIA Corporation) Hidden
PDFCreator 0.8.0 (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: - Frank Heindörfer, Philip Chinery)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8586 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.34.603.2019 - Realtek)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.18.0919.1 - GIGABYTE)
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
SilentSetup (HKLM-x32\...\{BA073B32-292B-424A-97E1-70C25CD1075F}) (Version: 1.0.0 - Default Company Name) Hidden
Skype verze 8.36 (HKLM-x32\...\Skype_is1) (Version: 8.36 - Skype Technologies S.A.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\WhatsApp) (Version: 0.2.9998 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.4.7.0_x86__kgqvnymyfvs32 [2020-01-10] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.156.300.0_x86__kgqvnymyfvs32 [2020-01-28] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.7.0.4_x86__h6adky7gbf63m [2020-01-21] (Gameloft.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-29] (Dolby Laboratories)
Magic Jigsaw Puzzles -> C:\Program Files\WindowsApps\XIMADINC.MagicPuzzles_3.15.1.0_x64__np8fj6akx2czy [2020-01-21] (ZiMAD) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.5.2.1_x86__h6adky7gbf63m [2020-01-15] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.12130.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-11-21] (Realtek Semiconductor Corp)
XLS Edit -> C:\Program Files\WindowsApps\BallardAppCraftery.XLSEdit_1.1.9.0_x64__epyrqhfctk40t [2019-01-21] (Ballard App Craftery)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-12-02 23:29 - 2019-12-02 23:29 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2019-05-14 22:20 - 2016-03-21 22:15 - 000027648 _____ (Copyright (c) Code Industry Ltd ) [File not signed] C:\WINDOWS\System32\mpelocalmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WmsSelfHealing => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\hvsifltr => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WmsSelfHealing => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-11-07 00:42 - 000001121 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 genuine.adobe.com
127.0.0.1 prod.adobegenuine.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Intel\iCLS Client;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\System32\OpenSSH;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYSTEMROOT%\System32\OpenSSH;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Absender\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Avast Cleanup Premium.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{70870376-E117-481B-8278-49537B05415E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4D30B7CA-6E92-47A3-B480-6D007B9FB5A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C0ECD061-0587-4B4B-86EC-DEE84548D373}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E1C63ED7-9A18-4F8A-9534-297750564D01}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{552502A4-47CA-4824-8F70-5D7BF666B78D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{02EF4604-C955-4BA4-B7E3-AEF9C82C3120}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ED0DDEB5-CFE8-4D12-BF06-E31BC7664A23}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B82B78D2-1AB8-45B7-993D-165C2EDB99A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7B18B8FF-718B-4952-B3E4-F38D7F8343C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9C5992E-9865-4BB6-9821-10FD81391A3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9AC50341-70B8-4AA9-8680-991E24CA39DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7AA9EBFF-B50D-4ACB-8359-39ED78209E86}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{079962AD-09CA-4F72-A951-314B88DD42CF}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{ACBBE68A-CC6D-42A9-811F-2E42388F1B81}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [UDP Query User{F92C433B-D9C0-4DB8-AC9B-36CF0311B3B9}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5B767942-CCE2-4EB4-98A4-FBB5036D2BC2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{ACC094A7-905C-4FD7-AEF4-FC0862225BCD}C:\users\absender\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\absender\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{89180C4A-775D-473C-8290-EECB568E3C80}C:\users\absender\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\absender\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{8A602333-8264-4522-BA89-E155FF154A87}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22042089-5DA4-4CD2-91C9-0096C9DA2CE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AEF4E788-FC49-45A9-BECC-47792E3A4D45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{EC1CB7FD-AA10-4021-84AC-7EEEF9242EAD}C:\program files (x86)\gigabyte\aorus engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus engine\aorus.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
FirewallRules: [UDP Query User{0A455292-771F-4D44-9FFD-51685652FA3B}C:\program files (x86)\gigabyte\aorus engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus engine\aorus.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
FirewallRules: [{8C82857D-1BE4-4F13-BE68-5C05710BE1B1}] => (Allow) C:\Program Files (x86)\Alawarhry.cz\Darkness and Flame The Dark Side Collectors Edition\DarknessAndFlame_TheDarkSide_CE.exe (Alawar Entertainment Inc -> )
FirewallRules: [{B78A830E-1A61-400F-AB31-2E8D62FE25AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{847D2A55-9C34-422E-8754-718F17A1C604}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{922E2B86-87EC-4980-894F-6625909500ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DE09E2C5-09A0-497E-94D3-73472D5DA2F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DAD89831-E918-4144-9F88-10A66F11E2E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1689EC8A-A2DB-4392-89C6-56C99E1BF8A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{097007CC-968A-4898-B94F-F4414EFE7F91}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B44AF02F-1469-4500-B22E-59170EA2BE3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3A796E63-EA2C-4A8F-B40B-262EE66016EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA96FF1C-B13E-4F5F-B97C-C25B16C182D7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F5E1AC4-DFA2-40F8-BAF0-EA39B561F949}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC57B6C2-85DE-40CD-84F0-9FBD7433080C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1957A699-783F-43D9-8872-DB990C9E5BEC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94F53D90-50A9-4990-A369-825B7895B466}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C5E36A76-58A6-4359-BB27-7BF5B1B45AB2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{609563E6-966D-4AB3-AE73-F616E6444F4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0A65018-D53E-4554-8E6E-96DF83333C28}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9DEB87DA-B175-4C8E-A648-03DF2F407388}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{701BF211-0ED5-4C1D-B470-9F7CECA60D49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FD77C0A7-B859-401F-BD55-68CA391807D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7BC5FA52-6042-4FF0-8679-54E59DAD6A9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3056797-1684-44DF-B336-B1208B97028F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{580F148D-3454-435D-890C-35505684A94E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{943B0452-C8BA-4DC3-955A-A4C715DDFAFA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E4F2FFDE-A5DC-4DCA-8F94-13A698DD92D6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E622F74D-F91D-417F-803B-9714AC923ADB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [WMS-Dashboard] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsDashboard.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-UDP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-TCP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [WMS-Manager] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsManager.exe No File
FirewallRules: [WMS-Service] => (Allow) %ProgramFiles%\Windows MultiPoint Server\Wmssvc.exe No File
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
FirewallRules: [HNS Container Networking - DNS (UDP-In) - 879AA28C-BC5D-4082-82F6-B488CD887C81 - 0] => (Allow) LPort=53
FirewallRules: [{31C898BE-DCBC-44C2-858B-186EAA3684FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A53E14B-41D3-4951-8683-2A5ACF2C819B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BBECD3B-BF62-4D77-ABB3-966DEAF878E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8CD818AA-60FC-4715-B858-32FF8D786756}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD065AC4-5B68-4E77-8FD0-52C6580CBCEA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BA914AAA-89A8-4FA0-A416-6B15A933BB4B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7D3BB7C3-D929-4C8B-A7FB-E14FC0B8F6A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E09806E8-077D-4399-9671-88289557D02D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C9C2A603-C275-4DF6-B582-B37CB5F82C06}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
20-01-2020 20:17:50 Naplánovaný kontrolní bod
30-01-2020 20:12:51 Naplánovaný kontrolní bod
08-02-2020 12:46:34 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/08/2020 01:34:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4224,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/08/2020 01:25:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5684,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/08/2020 01:15:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (02/08/2020 01:15:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/08/2020 01:15:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (02/08/2020 01:15:31 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (02/08/2020 12:43:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4376,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/08/2020 12:28:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4572,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (02/08/2020 01:31:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 01:31:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Error: (02/08/2020 01:31:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 01:31:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Error: (02/08/2020 01:31:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 01:31:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Error: (02/08/2020 01:18:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 01:18:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Windows Defender:
===================================
Date: 2019-11-03 23:00:11.816
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {16B84A65-D35A-43FF-8C43-3B63771BD8E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 20:58:49.519
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FF42EB60-0071-4CF5-84D3-55BFC0F84D6A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 20:07:04.741
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EFC3459B-7C14-41E4-BBB7-78AC401CD11E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 19:57:05.676
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {097A5B46-B9B4-4148-8274-A065E76037BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 17:55:31.972
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9194991A-5743-49EB-889A-BB997A7E2315}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-06 23:43:30.692
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1484.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Date: 2019-11-06 23:33:27.343
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2019-11-05 22:55:52.331
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80508023
Popis chyby: Program nenašel na tomto zařízení malware ani jiný potenciálně nevyžádaný software.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2019-11-04 18:07:54.428
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1375.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-02-08 13:35:49.287
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-02-08 13:18:34.499
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-02-08 13:18:34.489
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-02-08 13:18:34.474
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-02-08 13:17:59.643
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 13:17:59.631
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 13:17:59.619
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 13:17:59.606
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F9 04/10/2018
Motherboard: Gigabyte Technology Co., Ltd. B250M-DS3H-CF
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 22%
Total physical RAM: 16344.08 MB
Available physical RAM: 12717.79 MB
Total Virtual: 16344.08 MB
Available Virtual: 11583.34 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:399.4 GB) (Free:328.74 GB) NTFS
Drive e: (Data) (Fixed) (Total:531.51 GB) (Free:224.27 GB) NTFS
Drive f: (Nový svazek) (Fixed) (Total:237.54 GB) (Free:63.57 GB) NTFS
\\?\Volume{1fc77f4c-c2e6-44e2-96e4-ddaef3a8a3d8}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
\\?\Volume{c1674b6f-1bea-4690-8c66-bf4ff46b4112}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 80B49758)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118269
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: moc prosim o kontrolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
absenderP8
- Návštěvník
- Příspěvky: 23
- Registrován: 05 srp 2018 14:28
Re: moc prosim o kontrolu logu
# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-08-2020
# Duration: 00:00:31
# OS: Windows 10 Pro
# Scanned: 34824
# Detected: 4
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.TweakBit C:\Program Files (x86)\TweakBit
PUP.Optional.TweakBit C:\Windows\System32\Tasks\TweakBit
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc
PUP.Optional.TweakBit HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner_Debug.log - [17685 octets] - [04/11/2019 19:07:06]
AdwCleaner[S00].txt - [1669 octets] - [04/11/2019 19:07:30]
AdwCleaner[C00].txt - [1780 octets] - [04/11/2019 20:12:11]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 02-08-2020
# Duration: 00:00:31
# OS: Windows 10 Pro
# Scanned: 34824
# Detected: 4
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
PUP.Optional.TweakBit C:\Program Files (x86)\TweakBit
PUP.Optional.TweakBit C:\Windows\System32\Tasks\TweakBit
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc
PUP.Optional.TweakBit HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner_Debug.log - [17685 octets] - [04/11/2019 19:07:06]
AdwCleaner[S00].txt - [1669 octets] - [04/11/2019 19:07:30]
AdwCleaner[C00].txt - [1780 octets] - [04/11/2019 20:12:11]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118269
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: moc prosim o kontrolu logu
Nalezené položky dejte smazat, restartujte a dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
absenderP8
- Návštěvník
- Příspěvky: 23
- Registrován: 05 srp 2018 14:28
Re: moc prosim o kontrolu logu
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2018-01-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5011504 2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\MountPoints2: {2c28a709-42c7-11ea-9c9f-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\MountPoints2: {2c28a746-42c7-11ea-9c9f-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.87\Installer\chrmstp.exe [2020-02-07] (Google LLC -> Google LLC)
Startup: C:\Users\Absender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AORUS ENGINE.lnk [2019-06-30]
ShortcutTarget: AORUS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed]
Startup: C:\Users\Absender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2019-06-30]
ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-01-29]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02C52A31-55F3-40D5-ADEC-B8A3B697E6F2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {0720999F-19DC-4958-B147-88B7A1E90E0A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0BD0BCE9-470B-47E8-9D5D-C70086A6D018} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {19A7962B-24EE-44D6-861E-B3B81EA3CA41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.)
Task: {21BA0C68-0F15-4C5A-B659-26EC3E62BF93} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C4AB95F-CDE2-42A9-AE2D-6C08EFD68B08} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [903520 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {41F39046-AA20-4F38-A89A-0E39B0BA51BD} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4A1E3264-A35C-44CA-B463-2364256FE663} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
Task: {50B4392A-6100-4044-8D71-79995D58B91B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {568C6093-B520-41CC-8E0F-65CA50C27378} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.)
Task: {86811E2C-7543-41D6-BB62-EC97B92D6E9D} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [32554928 2019-06-17] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
Task: {995754F9-41AD-4DCF-8B1E-72BA32171351} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F673F79-6505-44BA-B3EA-B6B9D830FCF0} - System32\Tasks\{00D66030-8078-43C7-BDDB-44E353E591DA} => "c:\windows\system32\launchwinapp.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {B2E39FFE-AE0A-494E-A419-2EF3AFE5B6DB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7DCADD7-7F19-4635-9D8D-4205AFBFC4CA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BC3D8F17-2610-4A41-80D2-775003C34AD2} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {CBF5D950-1501-4EF6-A462-059EAB61E84A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-27] (Adobe Inc. -> Adobe)
Task: {D38E6644-0C22-4C83-A011-3BA5EBD2F9B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-27] (Adobe Inc. -> Adobe)
Task: {DD5B24C8-8FDF-47E7-A079-96B52EC48F7E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E09FCC65-D5BA-4148-A025-7191A468453C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F4AF3F82-410F-41FD-96AB-28D88EF2FD16} - \TweakBit\PCRepairKit\Start PCRepairKit show scan results notification -> No File <==== ATTENTION
Task: {F71A732D-00E3-4644-8C52-285F75D3AD5E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD21D496-4C9C-45BA-A873-DD28D83C2EF0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Avast Driver Updater Scan.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{93409150-3000-4183-bc56-7d5bdab14ecf}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Edge:
======
DownloadDir: C:\Users\Absender\Downloads
FireFox:
========
FF DefaultProfile: j1ksk7ov.default
FF ProfilePath: C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default [2020-02-08]
FF Homepage: Mozilla\Firefox\Profiles\j1ksk7ov.default -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\j1ksk7ov.default -> hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://web.whatsapp.com; hxxps://www-www-bolf-cz.pushpushgo.com; hxxps://amigurumi.today; hxxps://www.tipli.cz
FF Extension: (ETP Search Volume Study) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-06-27]
FF Extension: (SafeGuard) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\extension@safeguard.ws.xpi [2019-07-29]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\sp@avast.com.xpi [2020-01-18]
FF Extension: (Avast Online Security) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\wrc@avast.com.xpi [2020-01-23]
FF Extension: (Stylish - Custom themes for any website) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2019-04-06]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-10-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-27] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-27] (Adobe Inc. -> )
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default [2020-01-27]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-07]
CHR Extension: (Dokumenty) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-07]
CHR Extension: (Disk Google) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-07]
CHR Extension: (YouTube) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-11-19]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-23]
CHR Extension: (Tabulky) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-06]
CHR Extension: (Avast Online Security) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-23]
CHR Extension: (Gmail) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-23]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-12-27] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [870760 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
S4 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [783208 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [290392 2019-04-18] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [47560 2018-11-19] (FinalWire Kft. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-01] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-04-15] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2018-04-15] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv; C:\Windows\gdrv.sys [26792 2018-03-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 gdrv2; C:\WINDOWS\gdrv2.sys [32008 2019-06-30] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 GLCKIO2; C:\Program Files (x86)\GIGABYTE\RGBFusion\GLCKIO2.sys [19392 2018-03-08] (ASUSTeK Computer Inc. -> )
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [941624 2018-01-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-04-18] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9e532b5f619dc909\nvlddmkm.sys [23276960 2020-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1167768 2019-11-20] (Realtek Semiconductor Corp. -> Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 GPCIDrv; \??\C:\Users\Absender\AppData\Local\Temp\7zSDA33.tmp\N2080_FW_Upgrade_Tool_V003\GPCIDrv64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-08 20:00 - 2020-02-08 20:00 - 000462696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-08 19:27 - 2020-02-08 19:27 - 008356016 _____ (Malwarebytes) C:\Users\Absender\Desktop\adwcleaner_8.0.2.exe
2020-02-08 13:37 - 2020-02-08 20:04 - 000024973 _____ C:\Users\Absender\Desktop\FRST.txt
2020-02-08 13:35 - 2020-02-08 13:35 - 002279424 _____ (Farbar) C:\Users\Absender\Desktop\FRST64.exe
2020-02-05 23:33 - 2020-02-05 23:33 - 000001060 _____ C:\Users\Public\Desktop\HiSuite.lnk
2020-02-05 23:33 - 2020-02-05 23:33 - 000001060 _____ C:\ProgramData\Desktop\HiSuite.lnk
2020-02-05 23:33 - 2020-02-05 23:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2020-02-05 23:33 - 2020-02-05 23:33 - 000000000 ____D C:\Program Files (x86)\HiSuite
2020-02-03 23:23 - 2020-02-03 23:23 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-02-03 23:22 - 2020-01-31 00:04 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-02-03 23:22 - 2020-01-31 00:04 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-02-03 23:22 - 2020-01-31 00:04 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-02-03 23:22 - 2020-01-31 00:04 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-02-03 23:22 - 2020-01-31 00:04 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 000450576 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 000353160 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-02-03 23:22 - 2020-01-31 00:03 - 011843504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-02-03 23:22 - 2020-01-31 00:03 - 010167544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 017462616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 005384584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 004718792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 002075904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001727320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444219.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001569160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001490688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444219.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001485688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001370360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001145776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001064384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000825720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000815120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000685912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000677584 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000660176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000557304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000545112 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-02-03 23:22 - 2020-01-31 00:01 - 040511408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-02-03 23:22 - 2020-01-31 00:01 - 035380120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-02-03 23:22 - 2020-01-31 00:01 - 015031808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-30 19:33 - 2020-02-03 23:17 - 000011175 _____ C:\Users\Absender\Desktop\KES 2020 leden.xlsx
2020-01-29 19:29 - 2020-01-29 19:29 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2020-01-29 19:29 - 2020-01-29 19:29 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2020-01-29 19:29 - 2020-01-29 19:29 - 000001028 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2020-01-29 19:21 - 2020-01-29 19:29 - 000000000 ____D C:\Users\Absender\AppData\Local\TeamViewer
2020-01-27 17:24 - 2020-01-27 17:24 - 001207336 _____ (Adobe Inc) C:\Users\Absender\Downloads\flashplayer32_a_install.exe
2020-01-16 13:46 - 2020-01-30 23:58 - 004230752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 15:49 - 2020-01-15 15:50 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 15:49 - 2020-01-15 15:50 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-08 20:04 - 2019-11-04 18:13 - 000000000 ____D C:\FRST
2020-02-08 20:03 - 2018-03-14 00:14 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-08 20:01 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-08 20:00 - 2019-06-10 20:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-08 19:59 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-02-08 19:58 - 2018-03-14 00:21 - 000000000 ____D C:\Users\Absender\AppData\LocalLow\Mozilla
2020-02-08 19:25 - 2019-06-10 20:49 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-02-08 15:18 - 2019-11-05 14:21 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-08 15:18 - 2019-11-05 14:21 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-08 15:18 - 2019-06-10 20:49 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 15:18 - 2019-06-10 20:49 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 15:18 - 2019-06-10 20:49 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 15:18 - 2019-06-10 20:49 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 15:18 - 2019-06-10 20:49 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 15:18 - 2019-06-10 20:49 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 15:18 - 2019-06-10 20:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-02-08 13:28 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-08 13:28 - 2018-04-07 21:10 - 000000000 ____D C:\Users\Absender\AppData\Roaming\TeamViewer
2020-02-08 13:28 - 2018-04-07 21:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-02-08 12:45 - 2019-06-10 20:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-08 12:22 - 2019-11-06 17:45 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-08 12:22 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-07 11:27 - 2018-11-21 17:25 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-07 11:27 - 2018-11-21 17:25 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-07 11:27 - 2018-11-21 17:25 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-02-05 23:34 - 2018-04-17 16:09 - 000000000 ____D C:\Users\Absender\AppData\Local\Hisuite
2020-02-05 23:22 - 2018-06-21 23:48 - 000000000 ____D C:\Users\Absender\AppData\Local\AVAST Software
2020-01-30 23:58 - 2019-05-28 14:39 - 004963008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-01-30 02:40 - 2019-05-28 14:39 - 000055783 _____ C:\WINDOWS\system32\nvinfo.pb
2020-01-30 00:56 - 2018-03-14 00:14 - 005577224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 002655864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 000670840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 000454512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 000131176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 000083976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-01-29 23:41 - 2018-03-14 00:32 - 000000000 ____D C:\Users\Absender\AppData\Local\CrashDumps
2020-01-29 19:39 - 2018-03-14 00:28 - 000000000 ____D C:\ProgramData\AVAST Software
2020-01-27 17:36 - 2018-11-06 02:14 - 000000000 ____D C:\Users\Absender\AppData\Local\D3DSCache
2020-01-27 17:35 - 2019-06-10 20:49 - 000004648 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-27 17:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-27 17:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-27 17:35 - 2018-03-14 00:28 - 000000000 ____D C:\Users\Absender\AppData\Local\Adobe
2020-01-27 17:29 - 2018-03-25 01:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-27 17:29 - 2018-03-14 00:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-27 17:22 - 2019-06-10 20:49 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-27 17:22 - 2019-06-10 20:49 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-27 17:22 - 2019-06-10 20:49 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-27 17:22 - 2019-06-10 20:49 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-27 08:11 - 2018-03-14 00:14 - 008887562 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-01-23 14:28 - 2018-03-14 00:14 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2020-01-21 18:24 - 2018-03-25 01:09 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-16 13:43 - 2018-03-14 00:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-16 13:43 - 2018-03-14 00:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-01-16 13:43 - 2018-03-14 00:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-01-15 16:11 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-15 16:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-15 16:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-15 16:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 16:06 - 2018-03-14 00:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 16:03 - 2019-11-07 00:05 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-15 16:03 - 2018-03-14 00:35 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-13 13:52 - 2019-11-07 00:48 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-13 13:47 - 2019-10-21 22:56 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-01-13 13:47 - 2019-10-21 22:56 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-01-11 00:52 - 2019-11-07 00:47 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
==================== Files in the root of some directories ========
2019-10-23 20:59 - 2019-10-23 20:59 - 000000000 _____ () C:\Users\Absender\AppData\Local\oobelibMkey.log
2018-04-29 22:11 - 2018-04-29 22:11 - 000000017 _____ () C:\Users\Absender\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2018-01-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5011504 2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\MountPoints2: {2c28a709-42c7-11ea-9c9f-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\MountPoints2: {2c28a746-42c7-11ea-9c9f-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.87\Installer\chrmstp.exe [2020-02-07] (Google LLC -> Google LLC)
Startup: C:\Users\Absender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AORUS ENGINE.lnk [2019-06-30]
ShortcutTarget: AORUS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed]
Startup: C:\Users\Absender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE AORUS GRAPHICS ENGINE.lnk [2019-06-30]
ShortcutTarget: GIGABYTE AORUS GRAPHICS ENGINE.lnk -> C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\autorun.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-01-29]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02C52A31-55F3-40D5-ADEC-B8A3B697E6F2} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {0720999F-19DC-4958-B147-88B7A1E90E0A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0BD0BCE9-470B-47E8-9D5D-C70086A6D018} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {19A7962B-24EE-44D6-861E-B3B81EA3CA41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.)
Task: {21BA0C68-0F15-4C5A-B659-26EC3E62BF93} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C4AB95F-CDE2-42A9-AE2D-6C08EFD68B08} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [903520 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {41F39046-AA20-4F38-A89A-0E39B0BA51BD} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4A1E3264-A35C-44CA-B463-2364256FE663} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
Task: {50B4392A-6100-4044-8D71-79995D58B91B} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {568C6093-B520-41CC-8E0F-65CA50C27378} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.)
Task: {86811E2C-7543-41D6-BB62-EC97B92D6E9D} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS ENGINE\AORUS.exe [32554928 2019-06-17] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
Task: {995754F9-41AD-4DCF-8B1E-72BA32171351} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F673F79-6505-44BA-B3EA-B6B9D830FCF0} - System32\Tasks\{00D66030-8078-43C7-BDDB-44E353E591DA} => "c:\windows\system32\launchwinapp.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {B2E39FFE-AE0A-494E-A419-2EF3AFE5B6DB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7DCADD7-7F19-4635-9D8D-4205AFBFC4CA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BC3D8F17-2610-4A41-80D2-775003C34AD2} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {CBF5D950-1501-4EF6-A462-059EAB61E84A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe [1458232 2020-01-27] (Adobe Inc. -> Adobe)
Task: {D38E6644-0C22-4C83-A011-3BA5EBD2F9B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-27] (Adobe Inc. -> Adobe)
Task: {DD5B24C8-8FDF-47E7-A079-96B52EC48F7E} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E09FCC65-D5BA-4148-A025-7191A468453C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F4AF3F82-410F-41FD-96AB-28D88EF2FD16} - \TweakBit\PCRepairKit\Start PCRepairKit show scan results notification -> No File <==== ATTENTION
Task: {F71A732D-00E3-4644-8C52-285F75D3AD5E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD21D496-4C9C-45BA-A873-DD28D83C2EF0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Avast Driver Updater Scan.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{93409150-3000-4183-bc56-7d5bdab14ecf}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-02-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Edge:
======
DownloadDir: C:\Users\Absender\Downloads
FireFox:
========
FF DefaultProfile: j1ksk7ov.default
FF ProfilePath: C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default [2020-02-08]
FF Homepage: Mozilla\Firefox\Profiles\j1ksk7ov.default -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\j1ksk7ov.default -> hxxps://www.facebook.com; hxxps://www.youtube.com; hxxps://web.whatsapp.com; hxxps://www-www-bolf-cz.pushpushgo.com; hxxps://amigurumi.today; hxxps://www.tipli.cz
FF Extension: (ETP Search Volume Study) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-06-27]
FF Extension: (SafeGuard) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\extension@safeguard.ws.xpi [2019-07-29]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\sp@avast.com.xpi [2020-01-18]
FF Extension: (Avast Online Security) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\wrc@avast.com.xpi [2020-01-23]
FF Extension: (Stylish - Custom themes for any website) - C:\Users\Absender\AppData\Roaming\Mozilla\Firefox\Profiles\j1ksk7ov.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2019-04-06]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-10-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-27] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-27] (Adobe Inc. -> )
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default [2020-01-27]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Prezentace) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-07]
CHR Extension: (Dokumenty) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-07]
CHR Extension: (Disk Google) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-07]
CHR Extension: (YouTube) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-11-19]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-23]
CHR Extension: (Tabulky) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-08-06]
CHR Extension: (Avast Online Security) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-23]
CHR Extension: (Gmail) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\Absender\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-23]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-12-27] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [870760 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
S4 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [783208 2019-02-13] (Intel(R) Trust Services -> Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [290392 2019-04-18] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [47560 2018-11-19] (FinalWire Kft. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-01] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-01] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-04-15] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2018-04-15] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv; C:\Windows\gdrv.sys [26792 2018-03-14] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 gdrv2; C:\WINDOWS\gdrv2.sys [32008 2019-06-30] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 GLCKIO2; C:\Program Files (x86)\GIGABYTE\RGBFusion\GLCKIO2.sys [19392 2018-03-08] (ASUSTeK Computer Inc. -> )
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [941624 2018-01-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 MEIx64; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_85021432489d6a1c\x64\TeeDriverW8x64.sys [266128 2019-04-18] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9e532b5f619dc909\nvlddmkm.sys [23276960 2020-01-31] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1167768 2019-11-20] (Realtek Semiconductor Corp. -> Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-30] (Microsoft Windows -> Microsoft Corporation)
S3 GPCIDrv; \??\C:\Users\Absender\AppData\Local\Temp\7zSDA33.tmp\N2080_FW_Upgrade_Tool_V003\GPCIDrv64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-08 20:00 - 2020-02-08 20:00 - 000462696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-08 19:27 - 2020-02-08 19:27 - 008356016 _____ (Malwarebytes) C:\Users\Absender\Desktop\adwcleaner_8.0.2.exe
2020-02-08 13:37 - 2020-02-08 20:04 - 000024973 _____ C:\Users\Absender\Desktop\FRST.txt
2020-02-08 13:35 - 2020-02-08 13:35 - 002279424 _____ (Farbar) C:\Users\Absender\Desktop\FRST64.exe
2020-02-05 23:33 - 2020-02-05 23:33 - 000001060 _____ C:\Users\Public\Desktop\HiSuite.lnk
2020-02-05 23:33 - 2020-02-05 23:33 - 000001060 _____ C:\ProgramData\Desktop\HiSuite.lnk
2020-02-05 23:33 - 2020-02-05 23:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2020-02-05 23:33 - 2020-02-05 23:33 - 000000000 ____D C:\Program Files (x86)\HiSuite
2020-02-03 23:23 - 2020-02-03 23:23 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2020-02-03 23:22 - 2020-01-31 00:04 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-02-03 23:22 - 2020-01-31 00:04 - 001729232 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-02-03 23:22 - 2020-01-31 00:04 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-02-03 23:22 - 2020-01-31 00:04 - 001329360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-02-03 23:22 - 2020-01-31 00:04 - 001078992 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 001078992 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 000937680 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 000450576 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2020-02-03 23:22 - 2020-01-31 00:04 - 000353160 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2020-02-03 23:22 - 2020-01-31 00:03 - 011843504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-02-03 23:22 - 2020-01-31 00:03 - 010167544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 017462616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 005384584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 004718792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 002075904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001727320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6444219.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001569160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001490688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6444219.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001485688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001370360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001145776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 001064384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000825720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000815120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000685912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000677584 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000660176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000557304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-02-03 23:22 - 2020-01-31 00:02 - 000545112 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-02-03 23:22 - 2020-01-31 00:01 - 040511408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2020-02-03 23:22 - 2020-01-31 00:01 - 035380120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2020-02-03 23:22 - 2020-01-31 00:01 - 015031808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-01-30 19:33 - 2020-02-03 23:17 - 000011175 _____ C:\Users\Absender\Desktop\KES 2020 leden.xlsx
2020-01-29 19:29 - 2020-01-29 19:29 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2020-01-29 19:29 - 2020-01-29 19:29 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2020-01-29 19:29 - 2020-01-29 19:29 - 000001028 _____ C:\ProgramData\Desktop\TeamViewer.lnk
2020-01-29 19:21 - 2020-01-29 19:29 - 000000000 ____D C:\Users\Absender\AppData\Local\TeamViewer
2020-01-27 17:24 - 2020-01-27 17:24 - 001207336 _____ (Adobe Inc) C:\Users\Absender\Downloads\flashplayer32_a_install.exe
2020-01-16 13:46 - 2020-01-30 23:58 - 004230752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 025900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 022627840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 009928208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 008012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 007754752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 007016448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 006520480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 005913600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 003263488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002870784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002801152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002494464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002473976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001985928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001655880 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001399096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 001330952 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001106944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001098720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 001051664 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 001020032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000678712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000571392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 000542496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000432256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000363840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 000321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV1.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti_ci.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000162696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiadss.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tsusbhub.sys
2020-01-15 16:00 - 2020-01-15 16:00 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000127520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiadss.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiarpc.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-01-15 16:00 - 2020-01-15 16:00 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enterpriseresourcemanager.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LSCSHostPolicy.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\lstelemetry.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiatrace.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiatrace.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-01-15 16:00 - 2020-01-15 16:00 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-01-15 15:49 - 2020-01-15 15:50 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-01-15 15:49 - 2020-01-15 15:50 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-08 20:04 - 2019-11-04 18:13 - 000000000 ____D C:\FRST
2020-02-08 20:03 - 2018-03-14 00:14 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-08 20:01 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-08 20:00 - 2019-06-10 20:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-08 19:59 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-02-08 19:58 - 2018-03-14 00:21 - 000000000 ____D C:\Users\Absender\AppData\LocalLow\Mozilla
2020-02-08 19:25 - 2019-06-10 20:49 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-02-08 15:18 - 2019-11-05 14:21 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-08 15:18 - 2019-11-05 14:21 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-02-08 15:18 - 2019-06-10 20:49 - 000003398 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 15:18 - 2019-06-10 20:49 - 000003196 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 15:18 - 2019-06-10 20:49 - 000003152 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 15:18 - 2019-06-10 20:49 - 000002984 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 15:18 - 2019-06-10 20:49 - 000002914 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 15:18 - 2019-06-10 20:49 - 000002744 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-02-08 15:18 - 2019-06-10 20:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-02-08 13:28 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-02-08 13:28 - 2018-04-07 21:10 - 000000000 ____D C:\Users\Absender\AppData\Roaming\TeamViewer
2020-02-08 13:28 - 2018-04-07 21:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-02-08 12:45 - 2019-06-10 20:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-08 12:22 - 2019-11-06 17:45 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-08 12:22 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-07 11:27 - 2018-11-21 17:25 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-07 11:27 - 2018-11-21 17:25 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-02-07 11:27 - 2018-11-21 17:25 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-02-05 23:34 - 2018-04-17 16:09 - 000000000 ____D C:\Users\Absender\AppData\Local\Hisuite
2020-02-05 23:22 - 2018-06-21 23:48 - 000000000 ____D C:\Users\Absender\AppData\Local\AVAST Software
2020-01-30 23:58 - 2019-05-28 14:39 - 004963008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-01-30 02:40 - 2019-05-28 14:39 - 000055783 _____ C:\WINDOWS\system32\nvinfo.pb
2020-01-30 00:56 - 2018-03-14 00:14 - 005577224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 002655864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 000670840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 000454512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 000131176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-01-30 00:56 - 2018-03-14 00:14 - 000083976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-01-29 23:41 - 2018-03-14 00:32 - 000000000 ____D C:\Users\Absender\AppData\Local\CrashDumps
2020-01-29 19:39 - 2018-03-14 00:28 - 000000000 ____D C:\ProgramData\AVAST Software
2020-01-27 17:36 - 2018-11-06 02:14 - 000000000 ____D C:\Users\Absender\AppData\Local\D3DSCache
2020-01-27 17:35 - 2019-06-10 20:49 - 000004648 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-01-27 17:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-01-27 17:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-01-27 17:35 - 2018-03-14 00:28 - 000000000 ____D C:\Users\Absender\AppData\Local\Adobe
2020-01-27 17:29 - 2018-03-25 01:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-27 17:29 - 2018-03-14 00:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-01-27 17:22 - 2019-06-10 20:49 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-27 17:22 - 2019-06-10 20:49 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-27 17:22 - 2019-06-10 20:49 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-27 17:22 - 2019-06-10 20:49 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-27 08:11 - 2018-03-14 00:14 - 008887562 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-01-23 14:28 - 2018-03-14 00:14 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2020-01-21 18:24 - 2018-03-25 01:09 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-01-16 13:43 - 2018-03-14 00:03 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-16 13:43 - 2018-03-14 00:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-01-16 13:43 - 2018-03-14 00:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-01-15 16:11 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2020-01-15 16:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-01-15 16:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-01-15 16:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-01-15 16:06 - 2018-03-14 00:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 16:03 - 2019-11-07 00:05 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-15 16:03 - 2018-03-14 00:35 - 120202352 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-13 13:52 - 2019-11-07 00:48 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-13 13:47 - 2019-10-21 22:56 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-01-13 13:47 - 2019-10-21 22:56 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-01-11 00:52 - 2019-11-07 00:47 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
==================== Files in the root of some directories ========
2019-10-23 20:59 - 2019-10-23 20:59 - 000000000 _____ () C:\Users\Absender\AppData\Local\oobelibMkey.log
2018-04-29 22:11 - 2018-04-29 22:11 - 000000017 _____ () C:\Users\Absender\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
absenderP8
- Návštěvník
- Příspěvky: 23
- Registrován: 05 srp 2018 14:28
Re: moc prosim o kontrolu logu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Absender (08-02-2020 20:05:07)
Running from C:\Users\Absender\Desktop
Windows 10 Pro Version 1909 18363.592 (X64) (2019-06-10 19:50:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
absen (S-1-5-21-3472687519-3125997382-303759886-1003 - Limited - Disabled)
Absender (S-1-5-21-3472687519-3125997382-303759886-1001 - Administrator - Enabled) => C:\Users\Absender
Administrator (S-1-5-21-3472687519-3125997382-303759886-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3472687519-3125997382-303759886-503 - Limited - Disabled)
Guest (S-1-5-21-3472687519-3125997382-303759886-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3472687519-3125997382-303759886-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.6.6.0 - GIGABYTE Technology Co.,Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.6 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (12/24/2011 2.0000.0.0) (HKLM\...\D0E6296D177F42BB31C0200E49412003DB6C4633) (Version: 12/24/2011 2.0000.0.0 - MediaTek Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.87 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.0.1.100 - Huawei Technologies Co.,Ltd)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1916.12.0.1263 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.1.1018 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{5f313643-63c9-4660-8dae-eb4a80196cb4}) (Version: 10.1.2.19 - Intel(R) Corporation) Hidden
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-ES) (HKLM-x32\...\{F49AF755-A5C3-4252-A190-5772B2669C3B}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-MX) (HKLM-x32\...\{E8F3B154-03CE-4120-8B9D-9E83ED5F3AD7}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-FR) (HKLM-x32\...\{4CC174AA-25BC-46FF-B1E2-13B24AFB6142}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (it-IT) (HKLM-x32\...\{969D900A-3481-4A77-B888-D24160D4D727}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (ja-JP) (HKLM-x32\...\{EDA8693D-9E82-4FD1-98C8-0DC4F9141E0F}) (Version: 11.0.7400.336 - Microsoft Corporation)
Master PDF Editor 3.6 (HKLM\...\Master PDF Editor 3_is1) (Version: 3.6.30 - Code Industry Ltd.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pl-PL) (HKLM-x32\...\{BEFB9378-5E88-4266-8EB1-C92869449885}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (ru-RU) (HKLM-x32\...\{9419B7EA-6A4B-4A57-8E2A-3BDD4676118F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-CN) (HKLM-x32\...\{BAD2A75A-1708-47BA-A498-20890D2C78A7}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.1 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 442.19 - NVIDIA Corporation) Hidden
PDFCreator 0.8.0 (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: - Frank Heindörfer, Philip Chinery)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8586 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.34.603.2019 - Realtek)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.18.0919.1 - GIGABYTE)
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
SilentSetup (HKLM-x32\...\{BA073B32-292B-424A-97E1-70C25CD1075F}) (Version: 1.0.0 - Default Company Name) Hidden
Skype verze 8.36 (HKLM-x32\...\Skype_is1) (Version: 8.36 - Skype Technologies S.A.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\WhatsApp) (Version: 0.2.9998 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.4.7.0_x86__kgqvnymyfvs32 [2020-01-10] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.156.300.0_x86__kgqvnymyfvs32 [2020-01-28] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.7.0.4_x86__h6adky7gbf63m [2020-01-21] (Gameloft.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-29] (Dolby Laboratories)
Magic Jigsaw Puzzles -> C:\Program Files\WindowsApps\XIMADINC.MagicPuzzles_3.15.1.0_x64__np8fj6akx2czy [2020-01-21] (ZiMAD) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.5.2.1_x86__h6adky7gbf63m [2020-01-15] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.12130.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-11-21] (Realtek Semiconductor Corp)
XLS Edit -> C:\Program Files\WindowsApps\BallardAppCraftery.XLSEdit_1.1.9.0_x64__epyrqhfctk40t [2019-01-21] (Ballard App Craftery)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-12-02 23:29 - 2019-12-02 23:29 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2019-05-14 22:20 - 2016-03-21 22:15 - 000027648 _____ (Copyright (c) Code Industry Ltd ) [File not signed] C:\WINDOWS\System32\mpelocalmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WmsSelfHealing => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\hvsifltr => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WmsSelfHealing => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-11-07 00:42 - 000001121 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 genuine.adobe.com
127.0.0.1 prod.adobegenuine.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Intel\iCLS Client;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\System32\OpenSSH;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYSTEMROOT%\System32\OpenSSH;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Absender\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Avast Cleanup Premium.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{70870376-E117-481B-8278-49537B05415E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4D30B7CA-6E92-47A3-B480-6D007B9FB5A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C0ECD061-0587-4B4B-86EC-DEE84548D373}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E1C63ED7-9A18-4F8A-9534-297750564D01}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{552502A4-47CA-4824-8F70-5D7BF666B78D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{02EF4604-C955-4BA4-B7E3-AEF9C82C3120}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ED0DDEB5-CFE8-4D12-BF06-E31BC7664A23}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B82B78D2-1AB8-45B7-993D-165C2EDB99A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7B18B8FF-718B-4952-B3E4-F38D7F8343C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9C5992E-9865-4BB6-9821-10FD81391A3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9AC50341-70B8-4AA9-8680-991E24CA39DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7AA9EBFF-B50D-4ACB-8359-39ED78209E86}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{079962AD-09CA-4F72-A951-314B88DD42CF}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{ACBBE68A-CC6D-42A9-811F-2E42388F1B81}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [UDP Query User{F92C433B-D9C0-4DB8-AC9B-36CF0311B3B9}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5B767942-CCE2-4EB4-98A4-FBB5036D2BC2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{ACC094A7-905C-4FD7-AEF4-FC0862225BCD}C:\users\absender\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\absender\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{89180C4A-775D-473C-8290-EECB568E3C80}C:\users\absender\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\absender\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{8A602333-8264-4522-BA89-E155FF154A87}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22042089-5DA4-4CD2-91C9-0096C9DA2CE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AEF4E788-FC49-45A9-BECC-47792E3A4D45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{EC1CB7FD-AA10-4021-84AC-7EEEF9242EAD}C:\program files (x86)\gigabyte\aorus engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus engine\aorus.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
FirewallRules: [UDP Query User{0A455292-771F-4D44-9FFD-51685652FA3B}C:\program files (x86)\gigabyte\aorus engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus engine\aorus.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
FirewallRules: [{8C82857D-1BE4-4F13-BE68-5C05710BE1B1}] => (Allow) C:\Program Files (x86)\Alawarhry.cz\Darkness and Flame The Dark Side Collectors Edition\DarknessAndFlame_TheDarkSide_CE.exe (Alawar Entertainment Inc -> )
FirewallRules: [{B78A830E-1A61-400F-AB31-2E8D62FE25AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{847D2A55-9C34-422E-8754-718F17A1C604}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{922E2B86-87EC-4980-894F-6625909500ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DE09E2C5-09A0-497E-94D3-73472D5DA2F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DAD89831-E918-4144-9F88-10A66F11E2E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1689EC8A-A2DB-4392-89C6-56C99E1BF8A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{097007CC-968A-4898-B94F-F4414EFE7F91}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B44AF02F-1469-4500-B22E-59170EA2BE3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3A796E63-EA2C-4A8F-B40B-262EE66016EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA96FF1C-B13E-4F5F-B97C-C25B16C182D7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F5E1AC4-DFA2-40F8-BAF0-EA39B561F949}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC57B6C2-85DE-40CD-84F0-9FBD7433080C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1957A699-783F-43D9-8872-DB990C9E5BEC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94F53D90-50A9-4990-A369-825B7895B466}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C5E36A76-58A6-4359-BB27-7BF5B1B45AB2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{609563E6-966D-4AB3-AE73-F616E6444F4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0A65018-D53E-4554-8E6E-96DF83333C28}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9DEB87DA-B175-4C8E-A648-03DF2F407388}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{701BF211-0ED5-4C1D-B470-9F7CECA60D49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FD77C0A7-B859-401F-BD55-68CA391807D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7BC5FA52-6042-4FF0-8679-54E59DAD6A9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3056797-1684-44DF-B336-B1208B97028F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{580F148D-3454-435D-890C-35505684A94E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{943B0452-C8BA-4DC3-955A-A4C715DDFAFA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E4F2FFDE-A5DC-4DCA-8F94-13A698DD92D6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E622F74D-F91D-417F-803B-9714AC923ADB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [WMS-Dashboard] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsDashboard.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-UDP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-TCP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [WMS-Manager] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsManager.exe No File
FirewallRules: [WMS-Service] => (Allow) %ProgramFiles%\Windows MultiPoint Server\Wmssvc.exe No File
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
FirewallRules: [HNS Container Networking - DNS (UDP-In) - 879AA28C-BC5D-4082-82F6-B488CD887C81 - 0] => (Allow) LPort=53
FirewallRules: [{31C898BE-DCBC-44C2-858B-186EAA3684FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A53E14B-41D3-4951-8683-2A5ACF2C819B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BBECD3B-BF62-4D77-ABB3-966DEAF878E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8CD818AA-60FC-4715-B858-32FF8D786756}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD065AC4-5B68-4E77-8FD0-52C6580CBCEA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BA914AAA-89A8-4FA0-A416-6B15A933BB4B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7D3BB7C3-D929-4C8B-A7FB-E14FC0B8F6A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E09806E8-077D-4399-9671-88289557D02D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C9C2A603-C275-4DF6-B582-B37CB5F82C06}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
20-01-2020 20:17:50 Naplánovaný kontrolní bod
30-01-2020 20:12:51 Naplánovaný kontrolní bod
08-02-2020 12:46:34 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/08/2020 08:01:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (7112,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Absender\AppData\Local\Microsoft\Windows\WebCache\V010000A.log došlo k chybě -1811 (0xfffff8ed).
Error: (02/08/2020 08:01:25 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe, identifikátor PID: 2940, identifikátor PID ProfSvc: 1484.
Error: (02/08/2020 08:01:25 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe, identifikátor PID: 3760, identifikátor PID ProfSvc: 1484.
Error: (02/08/2020 01:45:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1912,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/08/2020 01:34:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4224,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/08/2020 01:25:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5684,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/08/2020 01:15:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (02/08/2020 01:15:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (02/08/2020 08:02:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 08:02:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Error: (02/08/2020 08:02:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 08:02:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Error: (02/08/2020 08:02:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 08:02:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Error: (02/08/2020 08:00:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla ukončena s následující chybou:
Byl proveden pokus o odkaz na neexistující token.
Error: (02/08/2020 08:00:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
===================================
Date: 2019-11-03 23:00:11.816
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {16B84A65-D35A-43FF-8C43-3B63771BD8E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 20:58:49.519
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FF42EB60-0071-4CF5-84D3-55BFC0F84D6A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 20:07:04.741
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EFC3459B-7C14-41E4-BBB7-78AC401CD11E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 19:57:05.676
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {097A5B46-B9B4-4148-8274-A065E76037BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 17:55:31.972
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9194991A-5743-49EB-889A-BB997A7E2315}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-06 23:43:30.692
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1484.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Date: 2019-11-06 23:33:27.343
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2019-11-05 22:55:52.331
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80508023
Popis chyby: Program nenašel na tomto zařízení malware ani jiný potenciálně nevyžádaný software.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2019-11-04 18:07:54.428
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1375.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-02-08 20:03:24.580
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-02-08 20:03:02.788
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 20:03:02.776
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 20:03:02.764
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 20:03:02.751
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 20:03:02.738
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 20:03:02.726
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 20:03:02.714
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F9 04/10/2018
Motherboard: Gigabyte Technology Co., Ltd. B250M-DS3H-CF
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 19%
Total physical RAM: 16344.08 MB
Available physical RAM: 13203.34 MB
Total Virtual: 16344.08 MB
Available Virtual: 11888.32 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:399.4 GB) (Free:328.62 GB) NTFS
Drive e: (Data) (Fixed) (Total:531.51 GB) (Free:224.27 GB) NTFS
Drive f: (Nový svazek) (Fixed) (Total:237.54 GB) (Free:63.57 GB) NTFS
\\?\Volume{1fc77f4c-c2e6-44e2-96e4-ddaef3a8a3d8}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
\\?\Volume{c1674b6f-1bea-4690-8c66-bf4ff46b4112}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 80B49758)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Absender (08-02-2020 20:05:07)
Running from C:\Users\Absender\Desktop
Windows 10 Pro Version 1909 18363.592 (X64) (2019-06-10 19:50:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
absen (S-1-5-21-3472687519-3125997382-303759886-1003 - Limited - Disabled)
Absender (S-1-5-21-3472687519-3125997382-303759886-1001 - Administrator - Enabled) => C:\Users\Absender
Administrator (S-1-5-21-3472687519-3125997382-303759886-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3472687519-3125997382-303759886-503 - Limited - Disabled)
Guest (S-1-5-21-3472687519-3125997382-303759886-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3472687519-3125997382-303759886-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.321 - Adobe)
AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AORUS ENGINE (HKLM-x32\...\AORUS ENGINE_is1) (Version: 1.6.6.0 - GIGABYTE Technology Co.,Inc.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.6 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (01/05/2012 2.0000.0.1) (HKLM\...\49D9ABA9270C5BDFD7AE1BEB607D36B26BB90235) (Version: 01/05/2012 2.0000.0.1 - MediaTek Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (usbser) Ports (12/24/2011 2.0000.0.0) (HKLM\...\D0E6296D177F42BB31C0200E49412003DB6C4633) (Version: 12/24/2011 2.0000.0.0 - MediaTek Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.87 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.0.1.100 - Huawei Technologies Co.,Ltd)
ImagXpress (HKLM-x32\...\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}) (Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1916.12.0.1263 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.1.1018 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{c6de84fd-ece7-4c2a-9f06-8cabe7ab79a0}) (Version: 1.52.230.1 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{5f313643-63c9-4660-8dae-eb4a80196cb4}) (Version: 10.1.2.19 - Intel(R) Corporation) Hidden
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-AU) (HKLM-x32\...\{48CEC0A3-AE10-4EE3-AC62-76D3D58792E5}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-CA) (HKLM-x32\...\{9C5505DA-F9C1-46CB-9F8F-AC38F8EA518A}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-GB) (HKLM-x32\...\{A0186231-0A8B-455A-8A25-B64AABCC11A6}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-IE) (HKLM-x32\...\{998D5259-3BED-4710-98FF-D63387B5429E}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-NZ) (HKLM-x32\...\{07FC9CAD-FCEC-4186-BB83-EF7CCC9372BA}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (en-US) (HKLM-x32\...\{8AAA44BB-487E-4D01-AF76-484ACB90DBFE}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-ES) (HKLM-x32\...\{F49AF755-A5C3-4252-A190-5772B2669C3B}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (es-MX) (HKLM-x32\...\{E8F3B154-03CE-4120-8B9D-9E83ED5F3AD7}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-CA) (HKLM-x32\...\{7D179500-CA0C-4456-B624-C15876B15F39}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (fr-FR) (HKLM-x32\...\{4CC174AA-25BC-46FF-B1E2-13B24AFB6142}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (it-IT) (HKLM-x32\...\{969D900A-3481-4A77-B888-D24160D4D727}) (Version: 11.0.7400.336 - Microsoft Corporation)
Kinect for Windows Speech Recognition Language Pack (ja-JP) (HKLM-x32\...\{EDA8693D-9E82-4FD1-98C8-0DC4F9141E0F}) (Version: 11.0.7400.336 - Microsoft Corporation)
Master PDF Editor 3.6 (HKLM\...\Master PDF Editor 3_is1) (Version: 3.6.30 - Code Industry Ltd.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (en-IN) (HKLM-x32\...\{3B06AC90-DE68-44A9-95EB-0A3C1AF1514F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pl-PL) (HKLM-x32\...\{BEFB9378-5E88-4266-8EB1-C92869449885}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (pt-BR) (HKLM-x32\...\{F6B5EB21-0ABF-487C-B9A9-D9DB259C4403}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (ru-RU) (HKLM-x32\...\{9419B7EA-6A4B-4A57-8E2A-3BDD4676118F}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Recognition Language - TELE (zh-CN) (HKLM-x32\...\{BAD2A75A-1708-47BA-A498-20890D2C78A7}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.1 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 442.19 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 442.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 442.19 - NVIDIA Corporation) Hidden
PDFCreator 0.8.0 (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: - Frank Heindörfer, Philip Chinery)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.31.828.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8586 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.34.603.2019 - Realtek)
RGB Fusion (HKLM-x32\...\{FFA8F1FA-3C2C-4A94-AC0B-0DF47272C25F}) (Version: 3.18.0919.1 - GIGABYTE)
RivaTuner Statistics Server 7.1.0 (HKLM-x32\...\RTSS) (Version: 7.1.0 - Unwinder)
SilentSetup (HKLM-x32\...\{BA073B32-292B-424A-97E1-70C25CD1075F}) (Version: 1.0.0 - Default Company Name) Hidden
Skype verze 8.36 (HKLM-x32\...\Skype_is1) (Version: 8.36 - Skype Technologies S.A.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WhatsApp (HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\WhatsApp) (Version: 0.2.9998 - WhatsApp)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.4.7.0_x86__kgqvnymyfvs32 [2020-01-10] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.156.300.0_x86__kgqvnymyfvs32 [2020-01-28] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.7.0.4_x86__h6adky7gbf63m [2020-01-21] (Gameloft.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-29] (Dolby Laboratories)
Magic Jigsaw Puzzles -> C:\Program Files\WindowsApps\XIMADINC.MagicPuzzles_3.15.1.0_x64__np8fj6akx2czy [2020-01-21] (ZiMAD) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.5.2.1_x86__h6adky7gbf63m [2020-01-15] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.12130.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x64__8wekyb3d8bbwe [2020-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-11] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-11-21] (Realtek Semiconductor Corp)
XLS Edit -> C:\Program Files\WindowsApps\BallardAppCraftery.XLSEdit_1.1.9.0_x64__epyrqhfctk40t [2019-01-21] (Ballard App Craftery)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-01-30] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-09-29] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2019-12-02 23:29 - 2019-12-02 23:29 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2019-05-14 22:20 - 2016-03-21 22:15 - 000027648 _____ (Copyright (c) Code Industry Ltd ) [File not signed] C:\WINDOWS\System32\mpelocalmon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WmsSelfHealing => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\hvsifltr => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WmsSelfHealing => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 14:46 - 2019-11-07 00:42 - 000001121 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 genuine.adobe.com
127.0.0.1 prod.adobegenuine.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Intel\iCLS Client;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\System32\OpenSSH;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYSTEMROOT%\System32\OpenSSH;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Absender\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "Avast Cleanup Premium.lnk"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{70870376-E117-481B-8278-49537B05415E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4D30B7CA-6E92-47A3-B480-6D007B9FB5A7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C0ECD061-0587-4B4B-86EC-DEE84548D373}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E1C63ED7-9A18-4F8A-9534-297750564D01}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{552502A4-47CA-4824-8F70-5D7BF666B78D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{02EF4604-C955-4BA4-B7E3-AEF9C82C3120}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ED0DDEB5-CFE8-4D12-BF06-E31BC7664A23}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B82B78D2-1AB8-45B7-993D-165C2EDB99A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7B18B8FF-718B-4952-B3E4-F38D7F8343C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9C5992E-9865-4BB6-9821-10FD81391A3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9AC50341-70B8-4AA9-8680-991E24CA39DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7AA9EBFF-B50D-4ACB-8359-39ED78209E86}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.100.237.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{079962AD-09CA-4F72-A951-314B88DD42CF}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{ACBBE68A-CC6D-42A9-811F-2E42388F1B81}] => (Allow) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [UDP Query User{F92C433B-D9C0-4DB8-AC9B-36CF0311B3B9}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{5B767942-CCE2-4EB4-98A4-FBB5036D2BC2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{ACC094A7-905C-4FD7-AEF4-FC0862225BCD}C:\users\absender\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\absender\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{89180C4A-775D-473C-8290-EECB568E3C80}C:\users\absender\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\absender\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{8A602333-8264-4522-BA89-E155FF154A87}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22042089-5DA4-4CD2-91C9-0096C9DA2CE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AEF4E788-FC49-45A9-BECC-47792E3A4D45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{EC1CB7FD-AA10-4021-84AC-7EEEF9242EAD}C:\program files (x86)\gigabyte\aorus engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus engine\aorus.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
FirewallRules: [UDP Query User{0A455292-771F-4D44-9FFD-51685652FA3B}C:\program files (x86)\gigabyte\aorus engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus engine\aorus.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGABYTE Technology Co.,Ltd.)
FirewallRules: [{8C82857D-1BE4-4F13-BE68-5C05710BE1B1}] => (Allow) C:\Program Files (x86)\Alawarhry.cz\Darkness and Flame The Dark Side Collectors Edition\DarknessAndFlame_TheDarkSide_CE.exe (Alawar Entertainment Inc -> )
FirewallRules: [{B78A830E-1A61-400F-AB31-2E8D62FE25AC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{847D2A55-9C34-422E-8754-718F17A1C604}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{922E2B86-87EC-4980-894F-6625909500ED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DE09E2C5-09A0-497E-94D3-73472D5DA2F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DAD89831-E918-4144-9F88-10A66F11E2E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1689EC8A-A2DB-4392-89C6-56C99E1BF8A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{097007CC-968A-4898-B94F-F4414EFE7F91}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B44AF02F-1469-4500-B22E-59170EA2BE3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3A796E63-EA2C-4A8F-B40B-262EE66016EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA96FF1C-B13E-4F5F-B97C-C25B16C182D7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F5E1AC4-DFA2-40F8-BAF0-EA39B561F949}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC57B6C2-85DE-40CD-84F0-9FBD7433080C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1957A699-783F-43D9-8872-DB990C9E5BEC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94F53D90-50A9-4990-A369-825B7895B466}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C5E36A76-58A6-4359-BB27-7BF5B1B45AB2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{609563E6-966D-4AB3-AE73-F616E6444F4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F0A65018-D53E-4554-8E6E-96DF83333C28}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9DEB87DA-B175-4C8E-A648-03DF2F407388}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{701BF211-0ED5-4C1D-B470-9F7CECA60D49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FD77C0A7-B859-401F-BD55-68CA391807D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7BC5FA52-6042-4FF0-8679-54E59DAD6A9C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E3056797-1684-44DF-B336-B1208B97028F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{580F148D-3454-435D-890C-35505684A94E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{943B0452-C8BA-4DC3-955A-A4C715DDFAFA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.94.262.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E4F2FFDE-A5DC-4DCA-8F94-13A698DD92D6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E622F74D-F91D-417F-803B-9714AC923ADB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [WMS-Dashboard] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsDashboard.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-UDP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-TCP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [WMS-Manager] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsManager.exe No File
FirewallRules: [WMS-Service] => (Allow) %ProgramFiles%\Windows MultiPoint Server\Wmssvc.exe No File
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
FirewallRules: [HNS Container Networking - DNS (UDP-In) - 879AA28C-BC5D-4082-82F6-B488CD887C81 - 0] => (Allow) LPort=53
FirewallRules: [{31C898BE-DCBC-44C2-858B-186EAA3684FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A53E14B-41D3-4951-8683-2A5ACF2C819B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1BBECD3B-BF62-4D77-ABB3-966DEAF878E6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8CD818AA-60FC-4715-B858-32FF8D786756}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DD065AC4-5B68-4E77-8FD0-52C6580CBCEA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BA914AAA-89A8-4FA0-A416-6B15A933BB4B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7D3BB7C3-D929-4C8B-A7FB-E14FC0B8F6A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E09806E8-077D-4399-9671-88289557D02D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C9C2A603-C275-4DF6-B582-B37CB5F82C06}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
20-01-2020 20:17:50 Naplánovaný kontrolní bod
30-01-2020 20:12:51 Naplánovaný kontrolní bod
08-02-2020 12:46:34 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/08/2020 08:01:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (7112,R,98) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Absender\AppData\Local\Microsoft\Windows\WebCache\V010000A.log došlo k chybě -1811 (0xfffff8ed).
Error: (02/08/2020 08:01:25 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe, identifikátor PID: 2940, identifikátor PID ProfSvc: 1484.
Error: (02/08/2020 08:01:25 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe, identifikátor PID: 3760, identifikátor PID ProfSvc: 1484.
Error: (02/08/2020 01:45:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1912,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/08/2020 01:34:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4224,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/08/2020 01:25:31 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5684,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (02/08/2020 01:15:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (02/08/2020 01:15:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (02/08/2020 08:02:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 08:02:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Error: (02/08/2020 08:02:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 08:02:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Error: (02/08/2020 08:02:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/08/2020 08:02:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).
Error: (02/08/2020 08:00:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla ukončena s následující chybou:
Byl proveden pokus o odkaz na neexistující token.
Error: (02/08/2020 08:00:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Windows Defender:
===================================
Date: 2019-11-03 23:00:11.816
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {16B84A65-D35A-43FF-8C43-3B63771BD8E0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 20:58:49.519
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FF42EB60-0071-4CF5-84D3-55BFC0F84D6A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 20:07:04.741
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EFC3459B-7C14-41E4-BBB7-78AC401CD11E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 19:57:05.676
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {097A5B46-B9B4-4148-8274-A065E76037BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-03 17:55:31.972
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9194991A-5743-49EB-889A-BB997A7E2315}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-11-06 23:43:30.692
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1484.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Date: 2019-11-06 23:33:27.343
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2019-11-05 22:55:52.331
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80508023
Popis chyby: Program nenašel na tomto zařízení malware ani jiný potenciálně nevyžádaný software.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2019-11-04 18:07:54.428
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.1375.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-02-08 20:03:24.580
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2020-02-08 20:03:02.788
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 20:03:02.776
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 20:03:02.764
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 20:03:02.751
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 20:03:02.738
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 20:03:02.726
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-08 20:03:02.714
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F9 04/10/2018
Motherboard: Gigabyte Technology Co., Ltd. B250M-DS3H-CF
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 19%
Total physical RAM: 16344.08 MB
Available physical RAM: 13203.34 MB
Total Virtual: 16344.08 MB
Available Virtual: 11888.32 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:399.4 GB) (Free:328.62 GB) NTFS
Drive e: (Data) (Fixed) (Total:531.51 GB) (Free:224.27 GB) NTFS
Drive f: (Nový svazek) (Fixed) (Total:237.54 GB) (Free:63.57 GB) NTFS
\\?\Volume{1fc77f4c-c2e6-44e2-96e4-ddaef3a8a3d8}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
\\?\Volume{c1674b6f-1bea-4690-8c66-bf4ff46b4112}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 80B49758)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118269
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: moc prosim o kontrolu logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
FirewallRules: [WMS-Dashboard] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsDashboard.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-UDP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-TCP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [WMS-Manager] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsManager.exe No File
FirewallRules: [WMS-Service] => (Allow) %ProgramFiles%\Windows MultiPoint Server\Wmssvc.exe No File
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\MountPoints2: {2c28a709-42c7-11ea-9c9f-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\MountPoints2: {2c28a746-42c7-11ea-9c9f-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {19A7962B-24EE-44D6-861E-B3B81EA3CA41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.)
Task: {568C6093-B520-41CC-8E0F-65CA50C27378} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.)
Task: {F4AF3F82-410F-41FD-96AB-28D88EF2FD16} - \TweakBit\PCRepairKit\Start PCRepairKit show scan results notification -> No File <==== ATTENTION
S3 GPCIDrv; \??\C:\Users\Absender\AppData\Local\Temp\7zSDA33.tmp\N2080_FW_Upgrade_Tool_V003\GPCIDrv64.sys [X] <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
Hosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
absenderP8
- Návštěvník
- Příspěvky: 23
- Registrován: 05 srp 2018 14:28
Re: moc prosim o kontrolu logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-02-2020 02
Ran by Absender (08-02-2020 21:18:03) Run:2
Running from C:\Users\Absender\Desktop
Loaded Profiles: Absender (Available Profiles: Absender)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
FirewallRules: [WMS-Dashboard] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsDashboard.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-UDP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-TCP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [WMS-Manager] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsManager.exe No File
FirewallRules: [WMS-Service] => (Allow) %ProgramFiles%\Windows MultiPoint Server\Wmssvc.exe No File
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\MountPoints2: {2c28a709-42c7-11ea-9c9f-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\MountPoints2: {2c28a746-42c7-11ea-9c9f-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {19A7962B-24EE-44D6-861E-B3B81EA3CA41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.)
Task: {568C6093-B520-41CC-8E0F-65CA50C27378} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.)
Task: {F4AF3F82-410F-41FD-96AB-28D88EF2FD16} - \TweakBit\PCRepairKit\Start PCRepairKit show scan results notification -> No File <==== ATTENTION
S3 GPCIDrv; \??\C:\Users\Absender\AppData\Local\Temp\7zSDA33.tmp\N2080_FW_Upgrade_Tool_V003\GPCIDrv64.sys [X] <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMS-Dashboard" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\Microsoft-Windows-NFS-ClientCore-NfsClnt-UDP-Out" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\Microsoft-Windows-NFS-ClientCore-NfsClnt-TCP-Out" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMS-Manager" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMS-Service" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\VIRT-MIGL-In-TCP-NoScope" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\VIRT-REMOTEDESKTOP-In-TCP-NoScope" => removed successfully
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c28a709-42c7-11ea-9c9f-e0d55e1a247e} => removed successfully
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c28a746-42c7-11ea-9c9f-e0d55e1a247e} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{19A7962B-24EE-44D6-861E-B3B81EA3CA41}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19A7962B-24EE-44D6-861E-B3B81EA3CA41}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{568C6093-B520-41CC-8E0F-65CA50C27378}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{568C6093-B520-41CC-8E0F-65CA50C27378}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4AF3F82-410F-41FD-96AB-28D88EF2FD16}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4AF3F82-410F-41FD-96AB-28D88EF2FD16}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit show scan results notification" => not found
HKLM\System\CurrentControlSet\Services\GPCIDrv => removed successfully
GPCIDrv => service removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10640650 B
Java, Flash, Steam htmlcache => 1690 B
Windows/system/drivers => 4552879 B
Edge => 3903386 B
Chrome => 5644834 B
Firefox => 759318183 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 60244 B
NetworkService => 60244 B
Absender => 30087823 B
Mamka => 30087823 B
RecycleBin => 5438691 B
EmptyTemp: => 820.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:18:22 ====
Ran by Absender (08-02-2020 21:18:03) Run:2
Running from C:\Users\Absender\Desktop
Loaded Profiles: Absender (Available Profiles: Absender)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
FirewallRules: [WMS-Dashboard] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsDashboard.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-UDP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [Microsoft-Windows-NFS-ClientCore-NfsClnt-TCP-Out] => (Allow) %systemroot%\system32\nfsclnt.exe No File
FirewallRules: [WMS-Manager] => (Allow) %ProgramFiles%\Windows MultiPoint Server\WmsManager.exe No File
FirewallRules: [WMS-Service] => (Allow) %ProgramFiles%\Windows MultiPoint Server\Wmssvc.exe No File
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe No File
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\MountPoints2: {2c28a709-42c7-11ea-9c9f-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\...\MountPoints2: {2c28a746-42c7-11ea-9c9f-e0d55e1a247e} - "G:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {19A7962B-24EE-44D6-861E-B3B81EA3CA41} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.)
Task: {568C6093-B520-41CC-8E0F-65CA50C27378} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-11-21] (Google Inc -> Google Inc.)
Task: {F4AF3F82-410F-41FD-96AB-28D88EF2FD16} - \TweakBit\PCRepairKit\Start PCRepairKit show scan results notification -> No File <==== ATTENTION
S3 GPCIDrv; \??\C:\Users\Absender\AppData\Local\Temp\7zSDA33.tmp\N2080_FW_Upgrade_Tool_V003\GPCIDrv64.sys [X] <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
EmptyTemp:
Hosts:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMS-Dashboard" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\Microsoft-Windows-NFS-ClientCore-NfsClnt-UDP-Out" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\Microsoft-Windows-NFS-ClientCore-NfsClnt-TCP-Out" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMS-Manager" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\WMS-Service" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\VIRT-MIGL-In-TCP-NoScope" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\VIRT-REMOTEDESKTOP-In-TCP-NoScope" => removed successfully
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c28a709-42c7-11ea-9c9f-e0d55e1a247e} => removed successfully
HKU\S-1-5-21-3472687519-3125997382-303759886-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c28a746-42c7-11ea-9c9f-e0d55e1a247e} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{19A7962B-24EE-44D6-861E-B3B81EA3CA41}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19A7962B-24EE-44D6-861E-B3B81EA3CA41}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{568C6093-B520-41CC-8E0F-65CA50C27378}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{568C6093-B520-41CC-8E0F-65CA50C27378}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4AF3F82-410F-41FD-96AB-28D88EF2FD16}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4AF3F82-410F-41FD-96AB-28D88EF2FD16}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\PCRepairKit\Start PCRepairKit show scan results notification" => not found
HKLM\System\CurrentControlSet\Services\GPCIDrv => removed successfully
GPCIDrv => service removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10640650 B
Java, Flash, Steam htmlcache => 1690 B
Windows/system/drivers => 4552879 B
Edge => 3903386 B
Chrome => 5644834 B
Firefox => 759318183 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 60244 B
NetworkService => 60244 B
Absender => 30087823 B
Mamka => 30087823 B
RecycleBin => 5438691 B
EmptyTemp: => 820.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:18:22 ====
-
Rudy
- Site Admin
- Příspěvky: 118269
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: moc prosim o kontrolu logu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
absenderP8
- Návštěvník
- Příspěvky: 23
- Registrován: 05 srp 2018 14:28
Re: moc prosim o kontrolu logu
dekuji, prazna okna nevyskakuji
tak uz zbyva jen docisteni
moc diky za vas cas
tak uz zbyva jen docisteni
moc diky za vas cas
-
Rudy
- Site Admin
- Příspěvky: 118269
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: moc prosim o kontrolu logu
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?