Prosím o preventivní kontrolu logu

[barasera]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by info (administrator) on DESKTOP-M3CBPNG (TOSHIBA SATELLITE C855-22L) (12-12-2019 13:29:32)
Running from C:\Users\info\Desktop
Loaded Profiles: info (Available Profiles: info)
Platform: Windows 10 Home Version 1809 17763.914 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung Electronics CO., LTD. -> Samsung)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-19] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BC9C6E-3EF5-496B-886A-FD2FADA0A8B0} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-385703609-2784001884-2048287062-1002 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {0B580374-7EAF-4204-9280-D7577C7F5350} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_pepper.exe [1453112 2019-11-13] (Adobe Inc. -> Adobe)
Task: {260FEC63-4BD6-4448-B99E-6EBCB6656F53} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_Plugin.exe [1457720 2019-11-13] (Adobe Inc. -> Adobe)
Task: {2F3555DB-8CCB-45EB-81D6-1C4DED28F234} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-20] (Google Inc -> Google Inc.)
Task: {33512E4A-10F2-40AF-8785-B0F429E5D291} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [30244056 2019-04-10] (Avast Software s.r.o. -> AVAST Software)
Task: {9B00738F-9F04-44F7-B959-9BAB7803076C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {E4C34C2D-A97D-45D7-98E2-91DC1C3C8A99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-20] (Google Inc -> Google Inc.)
Task: {F593FB82-4E41-42C6-A86C-E38D690A5CB4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {F9FA9176-24B4-4184-90DE-0F02EED95ACB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-11-13] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3d0824cc-f859-4d86-9d06-9b61f38f819b}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4e550ffb-2413-410e-9915-0bfd84d632a0}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10270__171128__ya[browser]
SearchScopes: HKU\S-1-5-21-385703609-2784001884-2048287062-1002 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__171128__yaie&p={searchTerms}

Edge:
======
Edge Notifications: HKU\S-1-5-21-385703609-2784001884-2048287062-1002 -> hxxps://novaplus.nova.cz

FireFox:
========
FF DefaultProfile: piktqqoe.default-1557397132782
FF ProfilePath: C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\piktqqoe.default-1557397132782 [2019-12-12]
FF Notifications: Mozilla\Firefox\Profiles\piktqqoe.default-1557397132782 -> hxxps://email.forpsi.com; hxxps://www.slevomat.cz
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\piktqqoe.default-1557397132782\Extensions\sp@avast.com.xpi [2019-11-25]
FF Extension: (Avast Online Security) - C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\piktqqoe.default-1557397132782\Extensions\wrc@avast.com.xpi [2019-10-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_293.dll [2019-11-13] (Adobe Inc. -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\dsengine.js [2017-12-20] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\dsengine.cfg [2017-12-20] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR Notifications: Default -> hxxps://email.forpsi.com; hxxps://www.facebook.com
CHR Profile: C:\Users\info\AppData\Local\Google\Chrome\User Data\Default [2019-12-01]
CHR Extension: (Prezentace) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-20]
CHR Extension: (Dokumenty) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-20]
CHR Extension: (Disk Google) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-24]
CHR Extension: (YouTube) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-24]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-11-30]
CHR Extension: (Facebook Pixel Helper) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2019-09-30]
CHR Extension: (Tabulky) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-16]
CHR Extension: (Avast Online Security) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-16]
CHR Extension: (Selenium IDE) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\mooikfkahbdckldjjndioackbalphokd [2019-11-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Gmail) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-09]
CHR Extension: (Chrome Media Router) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-29]
CHR Profile: C:\Users\info\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-06]
CHR Profile: C:\Users\info\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [713816 2018-09-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-05-13] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-05-13] (Microsoft Corporation -> Microsoft Corporation)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (Microsoft Windows Hardware Compatibility Publisher -> http://www.winchiphead.com)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [758312 2018-09-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(http://www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-05-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344544 2019-05-13] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-05-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-12 13:00 - 2019-12-12 13:07 - 000049852 _____ C:\Users\info\Desktop\Addition.txt
2019-12-12 12:56 - 2019-12-12 13:31 - 000018696 _____ C:\Users\info\Desktop\FRST.txt
2019-12-12 12:55 - 2019-12-12 13:30 - 000000000 ____D C:\FRST
2019-12-12 12:51 - 2019-12-12 12:51 - 002263552 _____ (Farbar) C:\Users\info\Desktop\FRST64.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 009668408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 007645384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 006541712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 006444032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 003638272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-11 21:08 - 2019-12-11 21:08 - 003576832 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-11 21:08 - 2019-12-11 21:08 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-11 21:08 - 2019-12-11 21:08 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001677808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001668960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001666440 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 001465264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001201128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000678672 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000505632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000408736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-12-11 21:07 - 2019-12-11 21:07 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-11 21:07 - 2019-12-11 21:07 - 001258296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-11 21:07 - 2019-12-11 21:07 - 001049400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-11 21:07 - 2019-12-11 21:07 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-10 10:18 - 2019-12-10 10:18 - 001899917 _____ C:\Users\info\Downloads\kniha_virycz-2.pdf
2019-12-05 09:26 - 2019-12-05 09:26 - 000073303 _____ C:\Users\info\Downloads\[Be Lenka] Objednávka 619110567 bola odoslaná.zip
2019-12-05 09:25 - 2019-12-05 09:25 - 000084535 _____ C:\Users\info\Downloads\invoice_619120045.pdf
2019-12-04 15:14 - 2019-12-04 15:14 - 000450476 _____ C:\Users\info\Downloads\pyladies-materials-master.zip
2019-12-04 10:37 - 2019-12-04 17:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-02 12:29 - 2019-12-02 12:29 - 001388011 _____ C:\Users\info\Downloads\Veřejná vyhláška - linka BUS 153.pdf
2019-11-30 15:29 - 2019-11-30 15:29 - 000036513 _____ C:\Users\info\Documents\OrangeHRM.html
2019-11-30 15:29 - 2019-11-30 15:29 - 000000000 ____D C:\Users\info\Documents\OrangeHRM_files
2019-11-30 12:25 - 2019-11-30 12:25 - 000000000 ____D C:\Users\info\Downloads\chromedriver_win32
2019-11-30 12:24 - 2019-11-30 12:24 - 004845138 _____ C:\Users\info\Downloads\chromedriver_win32.zip
2019-11-30 09:41 - 2019-11-30 09:41 - 000000000 ____D C:\Users\info\PycharmProjects
2019-11-30 09:38 - 2019-11-30 09:41 - 000000000 ____D C:\Users\info\AppData\Roaming\JetBrains
2019-11-30 09:36 - 2019-11-30 09:36 - 000000000 ____D C:\Users\info\.PyCharmCE2019.2
2019-11-29 20:27 - 2019-11-29 20:28 - 000000000 ____D C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JetBrains
2019-11-29 20:25 - 2019-11-29 20:25 - 000001244 _____ C:\Users\info\Desktop\JetBrains PyCharm Community Edition 2019.2.5 x64.lnk
2019-11-29 20:25 - 2019-11-29 20:25 - 000000000 ____D C:\Users\info\AppData\Local\JetBrains
2019-11-29 15:07 - 2019-11-29 15:09 - 271226600 _____ C:\Users\info\Downloads\pycharm-community-2019.2.5.exe
2019-11-26 18:43 - 2019-11-26 18:43 - 000282115 _____ C:\Users\info\Downloads\classes(2).pdf
2019-11-23 21:27 - 2019-11-23 21:27 - 000047998 _____ C:\Users\info\Documents\Pyladies Courseware_slov.html
2019-11-23 21:27 - 2019-11-23 21:27 - 000041812 _____ C:\Users\info\Documents\Pyladies Courseware-vyjimky.html
2019-11-23 21:27 - 2019-11-23 21:27 - 000036219 _____ C:\Users\info\Documents\Pyladies Courseware_tridy.html
2019-11-23 21:27 - 2019-11-23 21:27 - 000000000 ____D C:\Users\info\Documents\Pyladies Courseware-vyjimky_soubory
2019-11-23 21:27 - 2019-11-23 21:27 - 000000000 ____D C:\Users\info\Documents\Pyladies Courseware_tridy_soubory
2019-11-23 21:27 - 2019-11-23 21:27 - 000000000 ____D C:\Users\info\Documents\Pyladies Courseware_slov_soubory
2019-11-23 16:44 - 2019-11-23 16:45 - 091561944 _____ (GitHub, Inc.) C:\Users\info\Downloads\GitHubDesktopSetup.exe
2019-11-22 23:09 - 2019-11-22 23:09 - 000282115 _____ C:\Users\info\Downloads\classes.pdf
2019-11-21 14:10 - 2019-11-21 14:10 - 000082853 _____ C:\Users\info\Downloads\order_2019001969.pdf
2019-11-21 14:09 - 2019-11-21 14:09 - 000084179 _____ C:\Users\info\Downloads\invoice_2019001969.pdf
2019-11-19 14:52 - 2019-11-19 14:52 - 000053011 _____ C:\Users\info\Downloads\Logistics_304804687.pdf
2019-11-19 14:52 - 2019-11-19 14:52 - 000042748 _____ C:\Users\info\Downloads\3567201.pdf
2019-11-13 22:37 - 2019-11-13 22:50 - 004986936 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2019-11-13 16:13 - 2019-11-13 16:13 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-11-13 16:13 - 2019-11-13 16:13 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-11-13 16:13 - 2019-11-13 16:13 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 019014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 012258816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 001291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 001267240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-11-13 16:12 - 2019-11-13 16:12 - 001024712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 000687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 000642560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 000547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-11-13 16:12 - 2019-11-13 16:12 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-11-13 16:12 - 2019-11-13 16:12 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-11-13 16:12 - 2019-11-13 16:12 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\udhisapi.dll
2019-11-13 16:11 - 2019-11-13 16:12 - 012960256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 023455232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 007872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 006934016 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 006318328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 005770240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 005608336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 004873216 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 003872336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 003656792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 002918200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-11-13 16:11 - 2019-11-13 16:11 - 002871824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 002698752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 002628112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-11-13 16:11 - 2019-11-13 16:11 - 002348544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 001966096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-11-13 16:11 - 2019-11-13 16:11 - 001918792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 001486472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 001346216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-11-13 16:11 - 2019-11-13 16:11 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 001183504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000811536 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000808272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000773208 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000747536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000661264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 000638480 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000588816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-11-13 16:11 - 2019-11-13 16:11 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000542320 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-11-13 16:11 - 2019-11-13 16:11 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-11-13 16:11 - 2019-11-13 16:11 - 000473832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000465416 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000435512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-11-13 16:11 - 2019-11-13 16:11 - 000427832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2019-11-13 16:11 - 2019-11-13 16:11 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-11-13 16:11 - 2019-11-13 16:11 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000262152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-11-13 16:11 - 2019-11-13 16:11 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-11-13 16:11 - 2019-11-13 16:11 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prntvpt.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000112168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2019-11-13 16:11 - 2019-11-13 16:11 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 000086744 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usp10.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usp10.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 000047616 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\compact.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compact.exe
2019-11-13 16:11 - 2019-11-13 16:11 - 000038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000023768 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2019-11-13 16:11 - 2019-11-13 16:11 - 000020144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 022137120 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 007656072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 005575168 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 005573232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 004413936 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-11-13 16:10 - 2019-11-13 16:10 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 004049920 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-11-13 16:10 - 2019-11-13 16:10 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 002848768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-11-13 16:10 - 2019-11-13 16:10 - 002050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 001262592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-11-13 16:10 - 2019-11-13 16:10 - 001050112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-11-13 16:10 - 2019-11-13 16:10 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000862008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-11-13 16:10 - 2019-11-13 16:10 - 000834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-11-13 16:10 - 2019-11-13 16:10 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-11-13 16:10 - 2019-11-13 16:10 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-11-13 16:10 - 2019-11-13 16:10 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-11-13 16:10 - 2019-11-13 16:10 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-11-13 16:10 - 2019-11-13 16:10 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000160272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2019-11-13 16:10 - 2019-11-13 16:10 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-11-13 16:10 - 2019-11-13 16:10 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2019-11-13 16:10 - 2019-11-13 16:10 - 000120352 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-11-13 16:10 - 2019-11-13 16:10 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000086840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-11-13 16:10 - 2019-11-13 16:10 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-11-13 16:10 - 2019-11-13 16:10 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 007700696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 002109960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 001933408 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 001668784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 001538560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2019-11-13 16:09 - 2019-11-13 16:09 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 001294792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 001054224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-11-13 16:09 - 2019-11-13 16:09 - 000888560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000856424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000775768 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-11-13 16:09 - 2019-11-13 16:09 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-11-13 16:09 - 2019-11-13 16:09 - 000536320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000514600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000509968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-11-13 16:09 - 2019-11-13 16:09 - 000462352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000450632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000445752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-11-13 16:09 - 2019-11-13 16:09 - 000415760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000389408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000385848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000213304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-11-13 16:09 - 2019-11-13 16:09 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-11-13 16:09 - 2019-11-13 16:09 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000141736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinHvPlatform.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000087080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-11-13 16:09 - 2019-11-13 16:09 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-11-13 16:09 - 2019-11-13 16:09 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-11-13 16:09 - 2019-11-13 16:09 - 000061480 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000036368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-11-13 16:09 - 2019-11-13 16:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-11-13 16:09 - 2019-11-13 16:09 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-11-13 16:08 - 2019-11-13 16:08 - 000667664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-11-13 16:08 - 2019-11-13 16:08 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-11-13 16:08 - 2019-11-13 16:08 - 000198968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-11-12 18:04 - 2019-11-12 18:04 - 014642214 _____ C:\Users\info\Downloads\pyladies-7-master(1).zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-12 13:29 - 2019-05-13 08:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-12 13:29 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-12 12:39 - 2018-06-25 09:12 - 000000000 ____D C:\Users\info\AppData\Local\AVAST Software
2019-12-12 12:37 - 2019-05-24 15:29 - 000000512 _____ C:\WINDOWS\Tasks\Avast Driver Updater Startup.job
2019-12-12 12:37 - 2017-09-24 15:32 - 000000000 ____D C:\Users\info\AppData\LocalLow\Mozilla
2019-12-12 12:36 - 2019-05-13 08:22 - 000000000 ____D C:\Users\info
2019-12-12 12:33 - 2019-05-13 08:35 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-12 12:33 - 2018-09-15 18:32 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-12 12:33 - 2018-09-15 18:32 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-12 12:33 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-12-12 12:27 - 2019-05-13 08:13 - 000351496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-12 12:26 - 2019-05-13 08:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-12 12:25 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-12 12:24 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 12:24 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-11 21:17 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-11 19:56 - 2019-05-13 08:50 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-12-11 19:56 - 2019-05-13 08:50 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-11 19:56 - 2019-05-13 08:50 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-11 19:56 - 2019-05-13 08:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2019-12-11 16:05 - 2017-09-19 07:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-11 16:00 - 2017-09-19 07:00 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-11 15:56 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-11 15:56 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-11 15:49 - 2019-05-13 08:50 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-12-04 19:56 - 2019-05-16 09:42 - 000000000 ____D C:\Users\info\AppData\Roaming\Code
2019-12-04 18:04 - 2019-05-18 12:58 - 000000000 ____D C:\Users\info\.pylint.d
2019-12-04 17:53 - 2017-09-24 15:30 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-04 17:53 - 2017-09-24 15:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-04 14:35 - 2019-09-23 10:52 - 000000000 ___RD C:\Users\info\Documents\pyladies
2019-11-29 14:52 - 2019-10-18 20:49 - 000000000 ____D C:\Users\info\Documents\NYMBURK
2019-11-26 17:32 - 2017-12-25 00:41 - 000000000 ____D C:\Users\info\AppData\Local\Packages
2019-11-26 15:28 - 2017-12-04 15:34 - 000000000 ____D C:\Users\info\Documents\MIMIBAZAR
2019-11-26 11:13 - 2019-05-16 09:42 - 000000000 ____D C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2019-11-22 15:00 - 2017-09-24 15:33 - 000000000 _____ C:\end
2019-11-22 14:17 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-11-19 09:11 - 2018-03-20 22:02 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-19 09:11 - 2018-03-20 22:02 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-17 21:01 - 2019-10-19 09:50 - 000000000 ____D C:\Users\info\Documents\git
2019-11-15 08:27 - 2018-07-06 22:06 - 000000000 ____D C:\Users\info\AppData\Local\CrashDumps
2019-11-14 07:43 - 2017-12-25 08:45 - 000000000 ___RD C:\Users\info\3D Objects
2019-11-14 07:43 - 2017-09-18 22:57 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-11-14 00:17 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-11-14 00:17 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-11-14 00:17 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-11-14 00:17 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-11-14 00:17 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-11-14 00:17 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-11-13 22:50 - 2019-05-13 08:50 - 000004666 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-11-13 22:50 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-11-13 22:50 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-11-13 22:37 - 2019-05-13 08:50 - 000004654 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier

==================== Files in the root of some directories ========

2019-11-22 15:00 - 2019-11-22 15:00 - 000370070 _____ () C:\Users\info\AppData\Roaming\logo_empire_desktop.ico
2018-07-06 22:06 - 2018-07-06 22:06 - 000005632 _____ () C:\Users\info\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Conder]

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[barasera]

tohle je log vyčistit
........................................................................................................................

# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-14-2019
# Duration: 00:00:15
# OS: Windows 10 Home
# Cleaned: 20
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\info\AppData\Local\slimware utilities inc
Deleted C:\Users\info\AppData\Roaming\Seznam.cz

***** [ Files ] *****

Deleted C:\END
Deleted C:\Program Files\MOZILLA FIREFOX\DEFAULTS\PREF\DSENGINE.JS
Deleted C:\Program Files\MOZILLA FIREFOX\DSENGINE.CFG

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\csastats
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3039 octets] - [14/12/2019 09:51:37]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########



....................................................................................................................

tohle je log pro scanovat

.....................................................................................................................


# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-14-2019
# Duration: 00:01:11
# OS: Windows 10 Home
# Scanned: 35225
# Detected: 20


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy C:\Users\Public\Documents\Downloaded Installers
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\info\AppData\Roaming\Seznam.cz
PUP.Optional.SlimCleanerPlus C:\Users\info\AppData\Local\slimware utilities inc
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion
PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

PUP.Optional.Legacy C:\END
PUP.Optional.WinBing C:\Program Files\MOZILLA FIREFOX\DEFAULTS\PREF\DSENGINE.JS
PUP.Optional.WinBing C:\Program Files\MOZILLA FIREFOX\DSENGINE.CFG

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.DriverUpdate HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[Conder]

Poprosim o obidva nove logy z FRST.

[barasera]

Ahoj, omlouvám se za prodlevu. Byla jsem mimo síť.

Přikládám po sobě logy a děkuji.
¨Bára

addition
........................................................................................................................................................
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by info (19-12-2019 12:35:25)
Running from C:\Users\info\Desktop
Windows 10 Home Version 1809 17763.914 (X64) (2019-05-13 07:51:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-385703609-2784001884-2048287062-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-385703609-2784001884-2048287062-503 - Limited - Disabled)
Guest (S-1-5-21-385703609-2784001884-2048287062-501 - Limited - Disabled)
info (S-1-5-21-385703609-2784001884-2048287062-1002 - Administrator - Enabled) => C:\Users\info
WDAGUtilityAccount (S-1-5-21-385703609-2784001884-2048287062-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.293 - Adobe)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Anti-Twin (Installation 29.11.2018) (HKLM-x32\...\Anti-Twin 2018-11-29 21.03.56) (Version: - Joerg Rosenthal, Germany)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.6 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
Git version 2.23.0.windows.1 (HKLM\...\Git_is1) (Version: 2.23.0.windows.1 - The Git Development Community)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.47.5309 - GOM & Company)
GOM Remote (HKLM-x32\...\GOM Remote) (Version: 2.1.1.9 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
JetBrains PyCharm Community Edition 2019.2.5 (HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\PyCharm Community Edition 2019.2.5) (Version: 192.7142.56 - JetBrains s.r.o.)
LibreOffice 5.4.3.2 (HKLM\...\{5FFD3D4F-8AA0-4C6F-8B3C-AB0D8CD297C9}) (Version: 5.4.3.2 - The Document Foundation)
Microsoft Power BI Desktop (x64) (HKLM\...\{B9DF5033-C293-4139-A765-DDEB0064D02F}) (Version: 2.52.4921.682 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.40.2 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Nero 9 Essentials (HKLM-x32\...\{db9f61fb-d773-47a5-8100-fa75becdb119}) (Version: - Nero AG)
Python 3.7.0 (Anaconda3 5.3.0 64-bit) (HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\Python 3.7.0 (Anaconda3 5.3.0 64-bit)) (Version: 5.3.0 - Anaconda, Inc.)
Python 3.7.1 (64-bit) (HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\{8a84877c-26dd-4b77-8117-80eaec80127c}) (Version: 3.7.1150.0 - Python Software Foundation)
Python 3.7.1 Add to Path (64-bit) (HKLM\...\{6846E653-89AC-47BC-8E11-FB9991EC90AA}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Core Interpreter (64-bit) (HKLM\...\{3CDB402E-5970-4DCB-8EE8-D50517AB55AE}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Development Libraries (64-bit) (HKLM\...\{61D00EE1-616D-4782-A8C5-EDD436BE9766}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Documentation (64-bit) (HKLM\...\{C66332A3-9916-4CA0-89B3-88E4F0789207}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Executables (64-bit) (HKLM\...\{C3B089F9-4BA6-45A6-91A2-C5938F8702F8}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 pip Bootstrap (64-bit) (HKLM\...\{ED677B31-8BF6-49FA-9B99-A63CD45D316A}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Standard Library (64-bit) (HKLM\...\{7627B8B4-82DD-4BD2-B33B-465E41693F0D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Tcl/Tk Support (64-bit) (HKLM\...\{00FB4D96-77D4-4043-950E-8FA816BCAD7D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Test Suite (64-bit) (HKLM\...\{A1CFED46-5F31-4813-A494-681BBB2B6E23}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Utility Scripts (64-bit) (HKLM\...\{96DEF82E-CD26-4AB5-A7FB-81E1B6D1DE91}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C3A1C6B1-9096-47A7-AB5C-09114002A996}) (Version: 3.7.6501.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Xerox Phaser 3020 XPS (Windows 8) (HKLM-x32\...\Xerox Phaser 3020 XPS (Windows 8)) (Version: 3.03.13.02:11 - Xerox Corporation)
Xilisoft Download YouTube Video (HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\Xilisoft Download YouTube Video) (Version: 5.6.7.20170216 - Xilisoft)

Packages:
=========
Any Player -> C:\Program Files\WindowsApps\15191PeakPlayer.50533F9B98293_3.1.1.0_x64__y5c4dfz5b21fm [2019-11-26] (Any DVD & Office App)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Avast Antivirus Download Center -> C:\Program Files\WindowsApps\51CA791E.AvastAntivirusDownloadCenter_1.20.6.0_x64__s1d0xtrs8dx04 [2019-12-09] (AVAST Software)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-14] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0 [2019-12-06] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\info\Anaconda3\Scripts\activate.bat C:\Users\info\Anaconda3

==================== Loaded Modules (Whitelisted) =============

2019-10-09 14:01 - 2019-10-09 14:01 - 000032256 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\A4.Foundation\27b7109aa9707ed6fa9b5e10f8257974\A4.Foundation.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\d6323dd96bd4d125c7d34a2c1a7997bd\AEM.Actions.CCAA.Shared.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\0dc6353bc0a338b869e21c5568c7c828\AEM.Plugin.EEU.Shared.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\e30a79740b716471d8f232b3152d82ca\AEM.Plugin.Hotkeys.Shared.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\cf53052cd44a659e68e11ac67532754c\AEM.Plugin.DPPE.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\71ec0190218020bbe58afd017ef425a4\AEM.Plugin.WinMessages.Shared.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\1ed1721043fa977239bdd86f73bd876d\AEM.Plugin.REG.Shared.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\11ef7a7d893577a5c983878836c4220b\AEM.Plugin.GD.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\794876d53d0310dd03a1945ba2584762\AEM.Server.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\909a15d417a93c9bda67b0060b4d2068\AEM.Server.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000056320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Foundation\05ee47ba98052281fd871a400bc6a783\APM.Foundation.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000122368 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\a7e02c2bb6b8bc74c554a3200c8fcc32\ATICCCom.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000199168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\ed13f3426af939e1d17ab1fd255c76f2\CCC.Implementation.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000167936 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.30dea481#\b619cc12463ef87cec5a44521aa16813\CLI.Aspect.MultiVPU4.Graphics.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000124928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\3c517527b2d405eaa065e94566f6610e\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\608d5d94e002be5dfa658ae2ed2748f4\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\089933d8603a02f5989150669e0ce959\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000104448 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\51deb40eee9ba3846d85e7cb0995b439\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000206336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\260c2f33832888f8b58c69379ff84aed\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000130048 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\e83eef1953d5fde3847159954e3a32b8\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\2ff931c618ff39d5e1536824a640bda5\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000073216 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\dd3123a4074c6e1a2fefa8c670df113c\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000259584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\e2e064fb3fd68b8aef3526bdee062e43\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000355840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\9db597a06ac60bd1e34f054260b91e41\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000727552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\0ad2dde1cb33a777ea110df1ac08d91e\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\591d30129f07656857298e7c489d3209\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000056320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\691deba16a7b4410ec187ad3175f0451\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000146944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.abe74207#\095ab2a3c3f9d41464d10ccfdb41d5fe\CLI.Aspect.MultiVPU2.Graphics.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000451584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\f75ff6c8521855cec845c7d7f0064085\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\02c8d164a1e4b465c20f5636cb9de7af\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000018944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c5cb3396#\419856db11e67b208f61a36dc7fddf33\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000337408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\af787d5005b2e71dab5e50013e5da5c8\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\b938f9caf01b1ea3b2dd975c54cb66ce\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000236032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\dfe31d8c97cb5f2895433bf01688d61b\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000046592 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\16bb0e2f26e648e1c4933cf62385c9fc\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000050176 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\17b2c311dd086c1114a933ec042ac949\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\a9fb5d1d33d418b72100590b92a587ce\CLI.Caste.A4.Runtime.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\6187fceb2cd044016ed0d846dab3da85\CLI.Caste.A4.Shared.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\b647780c60396daa8936547f735beddd\CLI.Caste.Fuel.Shared.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000304640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\6285e9ea80b4b0fa3bc0e030fa2b6fda\CLI.Caste.Fuel.Runtime.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000038400 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\c134a9434188ed5859af77a7a4890038\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\8ff5802794d0cdc5a60f070961850572\CLI.Caste.HydraVision.Runtime.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\9d5ce44a517f02aa97cc2a6aad736e1c\CLI.Caste.HydraVision.Shared.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\881fb4af11817905d6c9638e7a08e756\CLI.Caste.Platform.Shared.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000043520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\01f4185a1b26fcbddb342112e6b5016a\CLI.Caste.Platform.Runtime.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\8069a6fc617878a1736b98a171ed0298\CLI.Component.Runtime.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\946d6fa8f83016e6f9c2a276155d78d5\CLI.Component.Runtime.Shared.Private.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\c35134dcb54fb74c81d4b96b2f87b39a\CLI.Component.Runtime.Extension.EEU.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000086016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\175eb1d70b1505f53e703cb0667a6ef4\CLI.Component.Dashboard.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\a046508c23e9ae2b79d975aee7ffa427\CLI.Foundation.Private.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\feb940d268e9b5006dd5ba00260ab1df\CLI.Foundation.XManifest.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000090624 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\38039fed67bd36935e6ec974a4a75432\CLI.Foundation.CoreAudioAPI.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\877c06914f8b80b7b1cfcf6a1d7705ad\DEM.Foundation.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000117248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\3a97a5dd1566c4e44311dbe0f4fa650d\DEM.Graphics.I0601.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000015872 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\5e6e3ad604059c139ae62f349195660c\DEM.Graphics.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\a318a9f0614092ee6b94b185e6918006\Fuel.Foundation.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000146432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\bcf1bf2f2d0172d5c9d6a31e7e4b834c\LOG.Foundation.Private.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\6957f50a766f12288aab019a7090137a\LOG.Foundation.Implementation.Private.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\dcc53f6d274b8e464d54291e63b4ea32\MOM.Foundation.ni.dll
2019-10-09 14:06 - 2019-10-09 14:06 - 000391680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\0215d8329e3ed0e9374967e74739fe26\MOM.Implementation.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\82a4f93ec85a3261260cd0f294ca3ad6\NEWAEM.Foundation.ni.dll
2015-11-04 15:40 - 2015-11-04 15:40 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000890368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\3a2a6d10822b67f2c742aa67479f8ef9\ADL.Foundation.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000250368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Server\a689b3505ed73b57b46e07665eca7198\APM.Server.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000290816 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\1ec3356c15d3ded932d3e622c780ab1b\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2019-12-15 15:18 - 2019-12-15 15:18 - 000349696 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b3da5a8f#\4473f579b41995902a7d95d97a1b3234\CLI.Aspect.PowerXpress.Graphics.Shared.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000228352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\2c44be999465d9f693fdb4fcedf64492\CLI.Component.Runtime.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\80042b754f691ff39904f0e433ee9898\DEM.Graphics.I0706.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000083456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\5ec7181b355fa277940025d2b37f3f73\DEM.Graphics.I0709.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\09a29c0423bba727e975a25d67c9ac9c\DEM.Graphics.I0712.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000018944 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\743ad54381b5d2fc4dd2d298ed244f24\DEM.Graphics.I0804.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000011264 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\44cda6b466d2f4abe10687736f47cd0f\DEM.Graphics.I0805.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000011776 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\c663aa09703795cf9d8e2034d3822143\DEM.Graphics.I0812.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\62e607c390be9ba70c32917ef49a5e28\DEM.Graphics.I0906.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000014848 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\fcc796fbe7026acc5350173b83fb523e\DEM.Graphics.I0912.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\272eee328c11f0ef48d13fb1b9187fb1\DEM.Graphics.I1010.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 001144320 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\055f12ee067d000a1be935421b091889\Localization.Foundation.Private.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 003187712 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\236da7d720839b29ce0243475f87a72a\CLI.Caste.Graphics.Runtime.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000332800 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\bfa2a1e06bf89c8f9005c29001e5f3d7\Microsoft.WindowsAPICodePack.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-18 18:28 - 2019-01-04 10:17 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-10-11 11:40 - 2017-10-11 11:40 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-385703609-2784001884-2048287062-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\info\Pictures\PF2015ludvici.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\StartupApproved\Run: => "KiesAirMessage"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{EC717147-1EAA-4BF0-927E-6DE1EADAD39E}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe No File
FirewallRules: [TCP Query User{BF74C556-6C9E-46DF-B11D-AE24A5BB5E0A}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe No File
FirewallRules: [{19F764C6-5756-484F-8296-E53D73AA822B}] => (Allow) C:\Program Files\Microsoft Power BI Desktop\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F424A0E4-2A5C-4FD7-BB7C-F5E7F7B88887}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EF6256BF-8D74-492A-8D0F-F6DF8151991C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{44DAD6C7-CFCC-4EA5-9987-19CD56A0B3E5}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{9D9801AA-A353-4DB6-99A1-264E251D9A55}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D18662F0-D780-45CC-BFBD-1887B33E0E7C}C:\program files (x86)\gretech\gomremote2\gomremote2.exe] => (Block) C:\program files (x86)\gretech\gomremote2\gomremote2.exe (GRETECH -> GOM & Company)
FirewallRules: [UDP Query User{90EFEF2A-0471-4898-8D35-358730245564}C:\program files (x86)\gretech\gomremote2\gomremote2.exe] => (Block) C:\program files (x86)\gretech\gomremote2\gomremote2.exe (GRETECH -> GOM & Company)
FirewallRules: [{D62B9A81-8377-498A-BFFF-C43D83441EB9}] => (Allow) C:\Program Files (x86)\GRETECH\GOMRemote2\GomRemote2.exe (GRETECH -> GOM & Company)
FirewallRules: [{A3AA1663-BF9D-411E-8E5C-7E47B0CEE95A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{DC2B8F2B-42FB-47A0-9B14-70A5A31F1D51}C:\users\info\appdata\local\jetbrains\pycharm community edition 2019.2.5\bin\pycharm64.exe] => (Allow) C:\users\info\appdata\local\jetbrains\pycharm community edition 2019.2.5\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{5B3C60C4-7E5E-4544-93C4-57A3C8D8DAD0}C:\users\info\appdata\local\jetbrains\pycharm community edition 2019.2.5\bin\pycharm64.exe] => (Allow) C:\users\info\appdata\local\jetbrains\pycharm community edition 2019.2.5\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [TCP Query User{7C431E90-8C7B-4249-B147-208B4B8EF561}C:\users\info\pycharmprojects\manual-test\venv\scripts\python.exe] => (Allow) C:\users\info\pycharmprojects\manual-test\venv\scripts\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [UDP Query User{288A4B1A-8C7A-400D-9741-47F8F5333307}C:\users\info\pycharmprojects\manual-test\venv\scripts\python.exe] => (Allow) C:\users\info\pycharmprojects\manual-test\venv\scripts\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [{7E539324-AD45-4A21-B088-3529F89119D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{770B89DB-0FE9-4B19-9003-42661E0BDDD8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8513F82B-A35B-4D5C-B0BF-9C363BFD4FDE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1EE8D1F8-4502-4A7D-9BE7-F4C359C4A294}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D1390E37-E23D-41B7-94E8-8959D9E94532}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A3A00B1C-A7C5-49A7-80A0-38B17363ABE2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{70FD0A6A-AD41-49C3-9650-D88BEFA3F924}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ACF9A4C7-0408-49B1-AA73-CCE470657327}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

29-11-2019 13:56:16 Naplánovaný kontrolní bod
10-12-2019 10:31:00 Naplánovaný kontrolní bod
18-12-2019 16:07:43 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/07/2019 11:26:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Video.UI.exe verze 10.19101.1071.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1944

Čas spuštění: 01d5ace864c27918

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe

ID hlášení: f2fb88cc-c7a7-4447-a0a9-533110a1f783

Úplný název balíčku s chybou: Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: Microsoft.ZuneVideo

Typ zablokování: Navigation

Error: (12/07/2019 11:25:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.17763.831 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 31ac

Čas spuštění: 01d5ab39ac6c7062

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: b5c2d678-1a92-43d5-a06a-bb2a0739b5da

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/04/2019 06:17:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2019.19071.17920.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 355c

Čas spuštění: 01d5aac63888acba

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: 0f1213fe-0177-4c8e-b32b-edb6ed9cbf33

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (11/29/2019 08:23:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 70.0.1.7242 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3374

Čas spuštění: 01d5a4606cbe5ac3

Čas ukončení: 50

Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe

ID hlášení: 5fb6db21-453e-4ee9-89c9-5d0353f4c9e7

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (11/22/2019 02:58:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.17763.831 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: f9c

Čas spuštění: 01d59f7523156964

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 89904eab-1269-4ede-ab69-9085491cc6ff

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (11/15/2019 08:26:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LockApp.exe, verze: 10.0.17763.1, časové razítko: 0x5b9c5715
Název chybujícího modulu: LockApp.exe, verze: 10.0.17763.1, časové razítko: 0x5b9c5715
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000e94d
ID chybujícího procesu: 0xe48
Čas spuštění chybující aplikace: 0x01d59ac12ba3c269
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Cesta k chybujícímu modulu: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
ID zprávy: ecbbd990-a7fe-456e-83b2-0feccd5cd34f
Úplný název chybujícího balíčku: Microsoft.LockApp_10.0.17763.1_neutral__cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: WindowsDefaultLockScreen

Error: (11/14/2019 07:42:42 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 3188, identifikátor PID ProfSvc: 1568.

Error: (11/14/2019 07:42:42 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVAST Software\Avast\AvastSvc.exe, identifikátor PID: 2828, identifikátor PID ProfSvc: 1568.


System errors:
=============
Error: (12/18/2019 03:45:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-M3CBPNG)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-M3CBPNG\info (SID: S-1-5-21-385703609-2784001884-2048287062-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/14/2019 09:59:48 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (12/14/2019 09:55:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba RtkAudioService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (12/14/2019 09:54:17 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba aswbIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.

Error: (12/14/2019 09:54:03 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby SecurityHealthService s argumenty Není k dispozici za účelem spuštění serveru:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}

Error: (12/14/2019 09:52:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Nero BackItUp Scheduler 4.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (12/14/2019 09:52:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/14/2019 09:52:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2019-06-09 08:44:31.872
Description:
Program Antivirová ochrana v programu Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.16000.6
Předchozí verze modulu: 1.1.15900.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-12-18 16:46:40.934
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-10 10:24:30.027
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-06 09:32:22.484
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-05 09:32:18.156
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-26 18:46:04.146
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-21 14:12:12.630
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-19 14:53:12.697
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-11 12:41:55.326
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. 6.20 10/24/2012
Motherboard: Intel PLCSF8
Processor: Intel(R) Celeron(R) CPU 1000M @ 1.80GHz
Percentage of memory in use: 59%
Total physical RAM: 4047.22 MB
Available physical RAM: 1644.61 MB
Total Virtual: 6607.22 MB
Available Virtual: 3633.48 MB

==================== Drives ================================

Drive c: (TI30983100B) (Fixed) (Total:453.56 GB) (Free:45.18 GB) NTFS

\\?\Volume{0d9abfb1-fe8e-11e1-bbb8-9f9c8df06e63}\ (System) (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS
\\?\Volume{3455ab47-e342-4333-b3f5-1f80058e82ae}\ () (Fixed) (Total:1 GB) (Free:0.46 GB) NTFS
\\?\Volume{d2d0f7d7-351b-4a29-9672-2f9c2ac97a95}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{a20211a9-32f2-428b-bd3a-2595a8dc59a3}\ () (Fixed) (Total:0.34 GB) (Free:0.3 GB) NTFS
\\?\Volume{44b404fc-b960-4912-8965-87697378f84a}\ (Recovery) (Fixed) (Total:9.6 GB) (Free:0.6 GB) NTFS
\\?\Volume{0d9abfb9-fe8e-11e1-bbb8-9f9c8df06e63}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================



..........................................................................................................................................................................

frst
..........................................................................................................................................................................

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by info (administrator) on DESKTOP-M3CBPNG (TOSHIBA SATELLITE C855-22L) (19-12-2019 12:31:16)
Running from C:\Users\info\Desktop
Loaded Profiles: info (Available Profiles: info)
Platform: Windows 10 Home Version 1809 17763.914 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung Electronics CO., LTD. -> Samsung)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-19] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BC9C6E-3EF5-496B-886A-FD2FADA0A8B0} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-385703609-2784001884-2048287062-1002 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {0B580374-7EAF-4204-9280-D7577C7F5350} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_pepper.exe [1453112 2019-11-13] (Adobe Inc. -> Adobe)
Task: {260FEC63-4BD6-4448-B99E-6EBCB6656F53} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-12] (Adobe Inc. -> Adobe)
Task: {2F3555DB-8CCB-45EB-81D6-1C4DED28F234} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-20] (Google Inc -> Google Inc.)
Task: {33512E4A-10F2-40AF-8785-B0F429E5D291} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [30244056 2019-04-10] (Avast Software s.r.o. -> AVAST Software)
Task: {9B00738F-9F04-44F7-B959-9BAB7803076C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {E4C34C2D-A97D-45D7-98E2-91DC1C3C8A99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-20] (Google Inc -> Google Inc.)
Task: {F593FB82-4E41-42C6-A86C-E38D690A5CB4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {F9FA9176-24B4-4184-90DE-0F02EED95ACB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-12] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{3d0824cc-f859-4d86-9d06-9b61f38f819b}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4e550ffb-2413-410e-9915-0bfd84d632a0}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10270__171128__ya[browser]
SearchScopes: HKU\S-1-5-21-385703609-2784001884-2048287062-1002 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__171128__yaie&p={searchTerms}

Edge:
======
Edge Notifications: HKU\S-1-5-21-385703609-2784001884-2048287062-1002 -> hxxps://novaplus.nova.cz

FireFox:
========
FF DefaultProfile: piktqqoe.default-1557397132782
FF ProfilePath: C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\piktqqoe.default-1557397132782 [2019-12-19]
FF Notifications: Mozilla\Firefox\Profiles\piktqqoe.default-1557397132782 -> hxxps://email.forpsi.com; hxxps://www.slevomat.cz
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\piktqqoe.default-1557397132782\Extensions\sp@avast.com.xpi [2019-11-25]
FF Extension: (Avast Online Security) - C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\piktqqoe.default-1557397132782\Extensions\wrc@avast.com.xpi [2019-10-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-12] (Adobe Inc. -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR Notifications: Default -> hxxps://email.forpsi.com; hxxps://www.facebook.com
CHR Profile: C:\Users\info\AppData\Local\Google\Chrome\User Data\Default [2019-12-18]
CHR Extension: (Prezentace) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-20]
CHR Extension: (Dokumenty) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-20]
CHR Extension: (Disk Google) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-24]
CHR Extension: (YouTube) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-24]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-11-30]
CHR Extension: (Facebook Pixel Helper) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2019-09-30]
CHR Extension: (Tabulky) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-16]
CHR Extension: (Avast Online Security) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-16]
CHR Extension: (Selenium IDE) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\mooikfkahbdckldjjndioackbalphokd [2019-11-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Gmail) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-09]
CHR Extension: (Chrome Media Router) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-29]
CHR Profile: C:\Users\info\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-06]
CHR Profile: C:\Users\info\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [713816 2018-09-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-05-13] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-05-13] (Microsoft Corporation -> Microsoft Corporation)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [758312 2018-09-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2019-12-15] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-05-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344544 2019-05-13] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-05-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-18 20:10 - 2019-12-18 20:18 - 000000000 ____D C:\Users\info\Documents\telefon-zaloha
2019-12-14 09:49 - 2019-12-14 09:52 - 000000000 ____D C:\AdwCleaner
2019-12-14 09:46 - 2019-12-14 09:46 - 008218800 _____ (Malwarebytes) C:\Users\info\Desktop\adwcleaner_8.0.0.exe
2019-12-12 13:44 - 2019-12-12 13:44 - 000012277 _____ C:\Users\info\Desktop\Addition.zip
2019-12-12 13:00 - 2019-12-12 13:37 - 000049853 _____ C:\Users\info\Desktop\Addition.txt
2019-12-12 12:56 - 2019-12-19 12:34 - 000018075 _____ C:\Users\info\Desktop\FRST.txt
2019-12-12 12:55 - 2019-12-19 12:33 - 000000000 ____D C:\FRST
2019-12-12 12:51 - 2019-12-12 12:51 - 002263552 _____ (Farbar) C:\Users\info\Desktop\FRST64.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 009668408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 007645384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 006541712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 006444032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 003638272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-11 21:08 - 2019-12-11 21:08 - 003576832 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-11 21:08 - 2019-12-11 21:08 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-11 21:08 - 2019-12-11 21:08 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001677808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001668960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001666440 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 001465264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001201128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000678672 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000505632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000408736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-12-11 21:07 - 2019-12-11 21:07 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-11 21:07 - 2019-12-11 21:07 - 001258296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-11 21:07 - 2019-12-11 21:07 - 001049400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-11 21:07 - 2019-12-11 21:07 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-10 10:18 - 2019-12-10 10:18 - 001899917 _____ C:\Users\info\Downloads\kniha_virycz-2.pdf
2019-12-05 09:26 - 2019-12-05 09:26 - 000073303 _____ C:\Users\info\Downloads\[Be Lenka] Objednávka 619110567 bola odoslaná.zip
2019-12-05 09:25 - 2019-12-05 09:25 - 000084535 _____ C:\Users\info\Downloads\invoice_619120045.pdf
2019-12-04 15:14 - 2019-12-04 15:14 - 000450476 _____ C:\Users\info\Downloads\pyladies-materials-master.zip
2019-12-04 10:37 - 2019-12-14 09:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-02 12:29 - 2019-12-02 12:29 - 001388011 _____ C:\Users\info\Downloads\Veřejná vyhláška - linka BUS 153.pdf
2019-11-30 15:29 - 2019-11-30 15:29 - 000036513 _____ C:\Users\info\Documents\OrangeHRM.html
2019-11-30 15:29 - 2019-11-30 15:29 - 000000000 ____D C:\Users\info\Documents\OrangeHRM_files
2019-11-30 12:25 - 2019-11-30 12:25 - 000000000 ____D C:\Users\info\Downloads\chromedriver_win32
2019-11-30 12:24 - 2019-11-30 12:24 - 004845138 _____ C:\Users\info\Downloads\chromedriver_win32.zip
2019-11-30 09:41 - 2019-11-30 09:41 - 000000000 ____D C:\Users\info\PycharmProjects
2019-11-30 09:38 - 2019-11-30 09:41 - 000000000 ____D C:\Users\info\AppData\Roaming\JetBrains
2019-11-30 09:36 - 2019-11-30 09:36 - 000000000 ____D C:\Users\info\.PyCharmCE2019.2
2019-11-29 20:27 - 2019-11-29 20:28 - 000000000 ____D C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JetBrains
2019-11-29 20:25 - 2019-11-29 20:25 - 000001244 _____ C:\Users\info\Desktop\JetBrains PyCharm Community Edition 2019.2.5 x64.lnk
2019-11-29 20:25 - 2019-11-29 20:25 - 000000000 ____D C:\Users\info\AppData\Local\JetBrains
2019-11-29 15:07 - 2019-11-29 15:09 - 271226600 _____ C:\Users\info\Downloads\pycharm-community-2019.2.5.exe
2019-11-26 18:43 - 2019-11-26 18:43 - 000282115 _____ C:\Users\info\Downloads\classes(2).pdf
2019-11-23 21:27 - 2019-11-23 21:27 - 000047998 _____ C:\Users\info\Documents\Pyladies Courseware_slov.html
2019-11-23 21:27 - 2019-11-23 21:27 - 000041812 _____ C:\Users\info\Documents\Pyladies Courseware-vyjimky.html
2019-11-23 21:27 - 2019-11-23 21:27 - 000036219 _____ C:\Users\info\Documents\Pyladies Courseware_tridy.html
2019-11-23 21:27 - 2019-11-23 21:27 - 000000000 ____D C:\Users\info\Documents\Pyladies Courseware-vyjimky_soubory
2019-11-23 21:27 - 2019-11-23 21:27 - 000000000 ____D C:\Users\info\Documents\Pyladies Courseware_tridy_soubory
2019-11-23 21:27 - 2019-11-23 21:27 - 000000000 ____D C:\Users\info\Documents\Pyladies Courseware_slov_soubory
2019-11-23 16:44 - 2019-11-23 16:45 - 091561944 _____ (GitHub, Inc.) C:\Users\info\Downloads\GitHubDesktopSetup.exe
2019-11-22 23:09 - 2019-11-22 23:09 - 000282115 _____ C:\Users\info\Downloads\classes.pdf
2019-11-21 14:10 - 2019-11-21 14:10 - 000082853 _____ C:\Users\info\Downloads\order_2019001969.pdf
2019-11-21 14:09 - 2019-11-21 14:09 - 000084179 _____ C:\Users\info\Downloads\invoice_2019001969.pdf
2019-11-19 14:52 - 2019-11-19 14:52 - 000053011 _____ C:\Users\info\Downloads\Logistics_304804687.pdf
2019-11-19 14:52 - 2019-11-19 14:52 - 000042748 _____ C:\Users\info\Downloads\3567201.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-19 12:32 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-19 12:30 - 2019-05-13 08:50 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-12-19 12:30 - 2019-05-13 08:50 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-19 12:30 - 2019-05-13 08:50 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-19 12:30 - 2019-05-13 08:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2019-12-19 12:30 - 2019-05-13 08:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-19 12:30 - 2017-09-24 15:32 - 000000000 ____D C:\Users\info\AppData\LocalLow\Mozilla
2019-12-19 12:21 - 2019-05-13 08:50 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-12-19 12:20 - 2019-05-13 08:35 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-19 12:20 - 2018-09-15 18:32 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-19 12:20 - 2018-09-15 18:32 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-19 12:20 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-12-15 12:37 - 2018-06-25 09:12 - 000000000 ____D C:\Users\info\AppData\Local\AVAST Software
2019-12-15 12:35 - 2019-05-24 15:29 - 000000512 _____ C:\WINDOWS\Tasks\Avast Driver Updater Startup.job
2019-12-15 12:35 - 2018-11-26 22:36 - 000025608 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2019-12-14 10:06 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-14 10:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-14 09:55 - 2019-05-13 08:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-14 09:54 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-14 09:53 - 2019-05-13 08:22 - 000000000 ____D C:\Users\info
2019-12-14 09:52 - 2017-11-28 07:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-12-12 22:52 - 2019-10-18 20:49 - 000000000 ____D C:\Users\info\Documents\NYMBURK
2019-12-12 22:50 - 2019-05-13 08:50 - 000004654 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-12-12 22:50 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-12 22:50 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-12 12:27 - 2019-05-13 08:13 - 000351496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-12 12:24 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 12:24 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-11 21:17 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-11 16:05 - 2017-09-19 07:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-11 16:00 - 2017-09-19 07:00 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-04 19:56 - 2019-05-16 09:42 - 000000000 ____D C:\Users\info\AppData\Roaming\Code
2019-12-04 18:04 - 2019-05-18 12:58 - 000000000 ____D C:\Users\info\.pylint.d
2019-12-04 17:53 - 2017-09-24 15:30 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-04 17:53 - 2017-09-24 15:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-04 14:35 - 2019-09-23 10:52 - 000000000 ___RD C:\Users\info\Documents\pyladies
2019-11-26 17:32 - 2017-12-25 00:41 - 000000000 ____D C:\Users\info\AppData\Local\Packages
2019-11-26 15:28 - 2017-12-04 15:34 - 000000000 ____D C:\Users\info\Documents\MIMIBAZAR
2019-11-26 11:13 - 2019-05-16 09:42 - 000000000 ____D C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2019-11-22 14:17 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-11-19 09:11 - 2018-03-20 22:02 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-19 09:11 - 2018-03-20 22:02 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories ========

2019-11-22 15:00 - 2019-11-22 15:00 - 000370070 _____ () C:\Users\info\AppData\Roaming\logo_empire_desktop.ico
2018-07-06 22:06 - 2018-07-06 22:06 - 000005632 _____ () C:\Users\info\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Conder]

Tentokrat sa ja ospravedlnujem za zdrzanie. Poprosim este raz o obidva nove logy (kedze uz uplynul skoro tyzden).

[barasera]

Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by info (administrator) on DESKTOP-M3CBPNG (TOSHIBA SATELLITE C855-22L) (29-12-2019 14:31:12)
Running from C:\Users\info\Desktop
Loaded Profiles: info (Available Profiles: info)
Platform: Windows 10 Home Version 1809 17763.914 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\upfc.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-11-06] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564528 2013-11-06] (Samsung Electronics CO., LTD. -> Samsung)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-19] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BC9C6E-3EF5-496B-886A-FD2FADA0A8B0} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-385703609-2784001884-2048287062-1002 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {0B580374-7EAF-4204-9280-D7577C7F5350} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_293_pepper.exe [1453112 2019-11-13] (Adobe Inc. -> Adobe)
Task: {260FEC63-4BD6-4448-B99E-6EBCB6656F53} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_Plugin.exe [1457720 2019-12-12] (Adobe Inc. -> Adobe)
Task: {2F3555DB-8CCB-45EB-81D6-1C4DED28F234} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-20] (Google Inc -> Google Inc.)
Task: {33512E4A-10F2-40AF-8785-B0F429E5D291} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe [30244056 2019-04-10] (Avast Software s.r.o. -> AVAST Software)
Task: {9B00738F-9F04-44F7-B959-9BAB7803076C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {E4C34C2D-A97D-45D7-98E2-91DC1C3C8A99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-20] (Google Inc -> Google Inc.)
Task: {F593FB82-4E41-42C6-A86C-E38D690A5CB4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {F9FA9176-24B4-4184-90DE-0F02EED95ACB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-12] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{3d0824cc-f859-4d86-9d06-9b61f38f819b}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4e550ffb-2413-410e-9915-0bfd84d632a0}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10270__171128__ya[browser]
SearchScopes: HKU\S-1-5-21-385703609-2784001884-2048287062-1002 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__171128__yaie&p={searchTerms}

Edge:
======
Edge Notifications: HKU\S-1-5-21-385703609-2784001884-2048287062-1002 -> hxxps://novaplus.nova.cz

FireFox:
========
FF DefaultProfile: piktqqoe.default-1557397132782
FF ProfilePath: C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\piktqqoe.default-1557397132782 [2019-12-19]
FF Notifications: Mozilla\Firefox\Profiles\piktqqoe.default-1557397132782 -> hxxps://email.forpsi.com; hxxps://www.slevomat.cz
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\piktqqoe.default-1557397132782\Extensions\sp@avast.com.xpi [2019-11-25]
FF Extension: (Avast Online Security) - C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\piktqqoe.default-1557397132782\Extensions\wrc@avast.com.xpi [2019-10-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_303.dll [2019-12-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_303.dll [2019-12-12] (Adobe Inc. -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR Notifications: Default -> hxxps://email.forpsi.com; hxxps://www.facebook.com
CHR Profile: C:\Users\info\AppData\Local\Google\Chrome\User Data\Default [2019-12-18]
CHR Extension: (Prezentace) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-20]
CHR Extension: (Dokumenty) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-20]
CHR Extension: (Disk Google) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-24]
CHR Extension: (YouTube) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-24]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-11-30]
CHR Extension: (Facebook Pixel Helper) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2019-09-30]
CHR Extension: (Tabulky) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-16]
CHR Extension: (Avast Online Security) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-16]
CHR Extension: (Selenium IDE) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\mooikfkahbdckldjjndioackbalphokd [2019-11-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Gmail) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-09]
CHR Extension: (Chrome Media Router) - C:\Users\info\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-29]
CHR Profile: C:\Users\info\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-06]
CHR Profile: C:\Users\info\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-26]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-04] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [713816 2018-09-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-05-13] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-05-13] (Microsoft Corporation -> Microsoft Corporation)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [59904 2015-02-06] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [758312 2018-09-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2019-12-20] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-05-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344544 2019-05-13] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-05-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-18 20:10 - 2019-12-18 20:18 - 000000000 ____D C:\Users\info\Documents\telefon-zaloha
2019-12-14 09:49 - 2019-12-14 09:52 - 000000000 ____D C:\AdwCleaner
2019-12-14 09:46 - 2019-12-14 09:46 - 008218800 _____ (Malwarebytes) C:\Users\info\Desktop\adwcleaner_8.0.0.exe
2019-12-12 13:44 - 2019-12-12 13:44 - 000012277 _____ C:\Users\info\Desktop\Addition.zip
2019-12-12 13:00 - 2019-12-19 12:41 - 000050462 _____ C:\Users\info\Desktop\Addition.txt
2019-12-12 12:56 - 2019-12-29 14:34 - 000018412 _____ C:\Users\info\Desktop\FRST.txt
2019-12-12 12:55 - 2019-12-29 14:33 - 000000000 ____D C:\FRST
2019-12-12 12:51 - 2019-12-12 12:51 - 002263552 _____ (Farbar) C:\Users\info\Desktop\FRST64.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 009668408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 007645384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 006541712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 006444032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 003638272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-11 21:08 - 2019-12-11 21:08 - 003576832 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-11 21:08 - 2019-12-11 21:08 - 002699768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-11 21:08 - 2019-12-11 21:08 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001677808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001668960 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001666440 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 001465264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 001201128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000678672 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000603792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000505632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-11 21:08 - 2019-12-11 21:08 - 000408736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-12-11 21:08 - 2019-12-11 21:08 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-12-11 21:07 - 2019-12-11 21:07 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-11 21:07 - 2019-12-11 21:07 - 001258296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-11 21:07 - 2019-12-11 21:07 - 001049400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-11 21:07 - 2019-12-11 21:07 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-10 10:18 - 2019-12-10 10:18 - 001899917 _____ C:\Users\info\Downloads\kniha_virycz-2.pdf
2019-12-05 09:26 - 2019-12-05 09:26 - 000073303 _____ C:\Users\info\Downloads\[Be Lenka] Objednávka 619110567 bola odoslaná.zip
2019-12-05 09:25 - 2019-12-05 09:25 - 000084535 _____ C:\Users\info\Downloads\invoice_619120045.pdf
2019-12-04 15:14 - 2019-12-04 15:14 - 000450476 _____ C:\Users\info\Downloads\pyladies-materials-master.zip
2019-12-04 10:37 - 2019-12-14 09:52 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-02 12:29 - 2019-12-02 12:29 - 001388011 _____ C:\Users\info\Downloads\Veřejná vyhláška - linka BUS 153.pdf
2019-11-30 15:29 - 2019-11-30 15:29 - 000036513 _____ C:\Users\info\Documents\OrangeHRM.html
2019-11-30 15:29 - 2019-11-30 15:29 - 000000000 ____D C:\Users\info\Documents\OrangeHRM_files
2019-11-30 12:25 - 2019-11-30 12:25 - 000000000 ____D C:\Users\info\Downloads\chromedriver_win32
2019-11-30 12:24 - 2019-11-30 12:24 - 004845138 _____ C:\Users\info\Downloads\chromedriver_win32.zip
2019-11-30 09:41 - 2019-11-30 09:41 - 000000000 ____D C:\Users\info\PycharmProjects
2019-11-30 09:38 - 2019-11-30 09:41 - 000000000 ____D C:\Users\info\AppData\Roaming\JetBrains
2019-11-30 09:36 - 2019-11-30 09:36 - 000000000 ____D C:\Users\info\.PyCharmCE2019.2
2019-11-29 20:27 - 2019-11-29 20:28 - 000000000 ____D C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JetBrains
2019-11-29 20:25 - 2019-11-29 20:25 - 000001244 _____ C:\Users\info\Desktop\JetBrains PyCharm Community Edition 2019.2.5 x64.lnk
2019-11-29 20:25 - 2019-11-29 20:25 - 000000000 ____D C:\Users\info\AppData\Local\JetBrains
2019-11-29 15:07 - 2019-11-29 15:09 - 271226600 _____ C:\Users\info\Downloads\pycharm-community-2019.2.5.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-29 14:33 - 2019-05-13 08:35 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-29 14:33 - 2018-09-15 18:32 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-29 14:33 - 2018-09-15 18:32 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-29 14:33 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-12-29 14:32 - 2019-05-13 08:50 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-12-29 14:29 - 2019-05-13 08:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-28 13:35 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-28 00:05 - 2019-05-13 08:50 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2019-12-28 00:05 - 2019-05-13 08:50 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-28 00:05 - 2019-05-13 08:50 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-27 12:05 - 2019-05-13 08:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2019-12-20 18:11 - 2018-06-25 09:12 - 000000000 ____D C:\Users\info\AppData\Local\AVAST Software
2019-12-20 18:10 - 2019-05-24 15:29 - 000000512 _____ C:\WINDOWS\Tasks\Avast Driver Updater Startup.job
2019-12-20 18:10 - 2018-11-26 22:36 - 000025608 _____ (SlimWare Utilities, Inc.) C:\WINDOWS\system32\Drivers\SWDUMon.sys
2019-12-19 12:30 - 2017-09-24 15:32 - 000000000 ____D C:\Users\info\AppData\LocalLow\Mozilla
2019-12-14 10:06 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-14 10:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-14 09:55 - 2019-05-13 08:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-14 09:54 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-12-14 09:53 - 2019-05-13 08:22 - 000000000 ____D C:\Users\info
2019-12-14 09:52 - 2017-11-28 07:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-12-12 22:52 - 2019-10-18 20:49 - 000000000 ____D C:\Users\info\Documents\NYMBURK
2019-12-12 22:50 - 2019-05-13 08:50 - 000004654 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-12-12 22:50 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-12 22:50 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-12 12:27 - 2019-05-13 08:13 - 000351496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-12 12:24 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 12:24 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-11 21:17 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-11 16:05 - 2017-09-19 07:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-11 16:00 - 2017-09-19 07:00 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-04 19:56 - 2019-05-16 09:42 - 000000000 ____D C:\Users\info\AppData\Roaming\Code
2019-12-04 18:04 - 2019-05-18 12:58 - 000000000 ____D C:\Users\info\.pylint.d
2019-12-04 17:53 - 2017-09-24 15:30 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-04 17:53 - 2017-09-24 15:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-04 14:35 - 2019-09-23 10:52 - 000000000 ___RD C:\Users\info\Documents\pyladies

==================== Files in the root of some directories ========

2019-11-22 15:00 - 2019-11-22 15:00 - 000370070 _____ () C:\Users\info\AppData\Roaming\logo_empire_desktop.ico
2018-07-06 22:06 - 2018-07-06 22:06 - 000005632 _____ () C:\Users\info\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by info (29-12-2019 14:35:37)
Running from C:\Users\info\Desktop
Windows 10 Home Version 1809 17763.914 (X64) (2019-05-13 07:51:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-385703609-2784001884-2048287062-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-385703609-2784001884-2048287062-503 - Limited - Disabled)
Guest (S-1-5-21-385703609-2784001884-2048287062-501 - Limited - Disabled)
info (S-1-5-21-385703609-2784001884-2048287062-1002 - Administrator - Enabled) => C:\Users\info
WDAGUtilityAccount (S-1-5-21-385703609-2784001884-2048287062-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Out of date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Out of date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.293 - Adobe)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Anti-Twin (Installation 29.11.2018) (HKLM-x32\...\Anti-Twin 2018-11-29 21.03.56) (Version: - Joerg Rosenthal, Germany)
Avast Driver Updater (HKLM-x32\...\{630C3D8E-2BEE-465F-9E59-BB069ED10761}) (Version: 2.5.6 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.6 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
Git version 2.23.0.windows.1 (HKLM\...\Git_is1) (Version: 2.23.0.windows.1 - The Git Development Community)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.47.5309 - GOM & Company)
GOM Remote (HKLM-x32\...\GOM Remote) (Version: 2.1.1.9 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
IrfanView 4.52 (64-bit) (HKLM\...\IrfanView64) (Version: 4.52 - Irfan Skiljan)
JetBrains PyCharm Community Edition 2019.2.5 (HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\PyCharm Community Edition 2019.2.5) (Version: 192.7142.56 - JetBrains s.r.o.)
LibreOffice 5.4.3.2 (HKLM\...\{5FFD3D4F-8AA0-4C6F-8B3C-AB0D8CD297C9}) (Version: 5.4.3.2 - The Document Foundation)
Microsoft Power BI Desktop (x64) (HKLM\...\{B9DF5033-C293-4139-A765-DDEB0064D02F}) (Version: 2.52.4921.682 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.40.2 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Nero 9 Essentials (HKLM-x32\...\{db9f61fb-d773-47a5-8100-fa75becdb119}) (Version: - Nero AG)
Python 3.7.0 (Anaconda3 5.3.0 64-bit) (HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\Python 3.7.0 (Anaconda3 5.3.0 64-bit)) (Version: 5.3.0 - Anaconda, Inc.)
Python 3.7.1 (64-bit) (HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\{8a84877c-26dd-4b77-8117-80eaec80127c}) (Version: 3.7.1150.0 - Python Software Foundation)
Python 3.7.1 Add to Path (64-bit) (HKLM\...\{6846E653-89AC-47BC-8E11-FB9991EC90AA}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Core Interpreter (64-bit) (HKLM\...\{3CDB402E-5970-4DCB-8EE8-D50517AB55AE}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Development Libraries (64-bit) (HKLM\...\{61D00EE1-616D-4782-A8C5-EDD436BE9766}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Documentation (64-bit) (HKLM\...\{C66332A3-9916-4CA0-89B3-88E4F0789207}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Executables (64-bit) (HKLM\...\{C3B089F9-4BA6-45A6-91A2-C5938F8702F8}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 pip Bootstrap (64-bit) (HKLM\...\{ED677B31-8BF6-49FA-9B99-A63CD45D316A}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Standard Library (64-bit) (HKLM\...\{7627B8B4-82DD-4BD2-B33B-465E41693F0D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Tcl/Tk Support (64-bit) (HKLM\...\{00FB4D96-77D4-4043-950E-8FA816BCAD7D}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Test Suite (64-bit) (HKLM\...\{A1CFED46-5F31-4813-A494-681BBB2B6E23}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python 3.7.1 Utility Scripts (64-bit) (HKLM\...\{96DEF82E-CD26-4AB5-A7FB-81E1B6D1DE91}) (Version: 3.7.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C3A1C6B1-9096-47A7-AB5C-09114002A996}) (Version: 3.7.6501.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Xerox Phaser 3020 XPS (Windows 8) (HKLM-x32\...\Xerox Phaser 3020 XPS (Windows 8)) (Version: 3.03.13.02:11 - Xerox Corporation)
Xilisoft Download YouTube Video (HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\Xilisoft Download YouTube Video) (Version: 5.6.7.20170216 - Xilisoft)

Packages:
=========
Any Player -> C:\Program Files\WindowsApps\15191PeakPlayer.50533F9B98293_3.1.1.0_x64__y5c4dfz5b21fm [2019-11-26] (Any DVD & Office App)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Avast Antivirus Download Center -> C:\Program Files\WindowsApps\51CA791E.AvastAntivirusDownloadCenter_1.20.6.0_x64__s1d0xtrs8dx04 [2019-12-09] (AVAST Software)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-14] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0 [2019-12-06] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-07-17] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\info\Anaconda3\Scripts\activate.bat C:\Users\info\Anaconda3

==================== Loaded Modules (Whitelisted) =============

2019-10-09 14:01 - 2019-10-09 14:01 - 000032256 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\A4.Foundation\27b7109aa9707ed6fa9b5e10f8257974\A4.Foundation.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\d6323dd96bd4d125c7d34a2c1a7997bd\AEM.Actions.CCAA.Shared.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\0dc6353bc0a338b869e21c5568c7c828\AEM.Plugin.EEU.Shared.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\e30a79740b716471d8f232b3152d82ca\AEM.Plugin.Hotkeys.Shared.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\cf53052cd44a659e68e11ac67532754c\AEM.Plugin.DPPE.Shared.ni.dll
2019-12-15 15:15 - 2019-12-15 15:15 - 000275968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\5909644faa29bd46cf810ffc1a088e03\AEM.Plugin.Source.Kit.Server.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\71ec0190218020bbe58afd017ef425a4\AEM.Plugin.WinMessages.Shared.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\1ed1721043fa977239bdd86f73bd876d\AEM.Plugin.REG.Shared.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\11ef7a7d893577a5c983878836c4220b\AEM.Plugin.GD.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\794876d53d0310dd03a1945ba2584762\AEM.Server.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\909a15d417a93c9bda67b0060b4d2068\AEM.Server.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000056320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Foundation\05ee47ba98052281fd871a400bc6a783\APM.Foundation.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000122368 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\a7e02c2bb6b8bc74c554a3200c8fcc32\ATICCCom.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000199168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\ed13f3426af939e1d17ab1fd255c76f2\CCC.Implementation.ni.dll
2019-12-15 15:20 - 2019-12-15 15:20 - 000152064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\1f73d51d144c75f53105261f6ee05451\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000124928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\3c517527b2d405eaa065e94566f6610e\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\608d5d94e002be5dfa658ae2ed2748f4\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\089933d8603a02f5989150669e0ce959\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000104448 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\51deb40eee9ba3846d85e7cb0995b439\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000206336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\260c2f33832888f8b58c69379ff84aed\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000130048 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\e83eef1953d5fde3847159954e3a32b8\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2019-12-15 15:20 - 2019-12-15 15:20 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\638dd9eeeb7fcb461c5173910fbd90d9\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\2ff931c618ff39d5e1536824a640bda5\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000073216 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\dd3123a4074c6e1a2fefa8c670df113c\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000259584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\e2e064fb3fd68b8aef3526bdee062e43\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000355840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\9db597a06ac60bd1e34f054260b91e41\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2019-12-15 15:20 - 2019-12-15 15:20 - 000062976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\e5c70ab28f1e5f283441388e5a9d76df\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2019-12-15 15:20 - 2019-12-15 15:20 - 000666112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\847f516b31865c044e6072b431d93f18\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000727552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\0ad2dde1cb33a777ea110df1ac08d91e\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2019-12-15 15:17 - 2019-12-15 15:17 - 000446464 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\8e8c2b9b2890747f387e0d493db12f81\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2019-12-15 15:19 - 2019-12-15 15:19 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\71103ab954750879f3355c50dbc73031\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\591d30129f07656857298e7c489d3209\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000056320 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\691deba16a7b4410ec187ad3175f0451\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2019-12-15 15:20 - 2019-12-15 15:20 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\fc7471c9de8f689cf5427ae46b7637a3\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000451584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\f75ff6c8521855cec845c7d7f0064085\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\02c8d164a1e4b465c20f5636cb9de7af\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2019-12-15 15:19 - 2019-12-15 15:19 - 000066560 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\707e51cb9c33a49fa0dd5e0766b05cff\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000337408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\af787d5005b2e71dab5e50013e5da5c8\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\b938f9caf01b1ea3b2dd975c54cb66ce\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2019-12-15 15:19 - 2019-12-15 15:19 - 000270848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\e25b1d65ba600ac9c9ef58bc52b257bb\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2019-12-15 15:20 - 2019-12-15 15:20 - 003282432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\562a341a5e3720c80659ebefece19a2b\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000236032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\dfe31d8c97cb5f2895433bf01688d61b\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000046592 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\16bb0e2f26e648e1c4933cf62385c9fc\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000050176 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\17b2c311dd086c1114a933ec042ac949\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\a9fb5d1d33d418b72100590b92a587ce\CLI.Caste.A4.Runtime.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\6187fceb2cd044016ed0d846dab3da85\CLI.Caste.A4.Shared.ni.dll
2019-12-15 15:20 - 2019-12-15 15:20 - 000027648 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\fa451fdb02d7dea9cbd33faf671453b9\CLI.Caste.A4.Dashboard.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\b647780c60396daa8936547f735beddd\CLI.Caste.Fuel.Shared.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000304640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\6285e9ea80b4b0fa3bc0e030fa2b6fda\CLI.Caste.Fuel.Runtime.ni.dll
2019-12-15 15:20 - 2019-12-15 15:20 - 000027648 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\ea3dfc7a923debf4b32ebbb60ccaecc7\CLI.Caste.Fuel.Dashboard.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000038400 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\c134a9434188ed5859af77a7a4890038\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2019-12-15 15:17 - 2019-12-15 15:17 - 001537536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\0219f3d7321ca228f6c490ba90dcfe81\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2019-12-15 15:17 - 2019-12-15 15:17 - 000574976 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\72faaf5f0843447388dd4b292c1d8fbc\CLI.Caste.Graphics.Dashboard.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\8ff5802794d0cdc5a60f070961850572\CLI.Caste.HydraVision.Runtime.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\9d5ce44a517f02aa97cc2a6aad736e1c\CLI.Caste.HydraVision.Shared.ni.dll
2019-12-15 15:20 - 2019-12-15 15:20 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\698b415f4afc0db347389bbc060fc966\CLI.Caste.HydraVision.Dashboard.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\881fb4af11817905d6c9638e7a08e756\CLI.Caste.Platform.Shared.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000043520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\01f4185a1b26fcbddb342112e6b5016a\CLI.Caste.Platform.Runtime.ni.dll
2019-12-15 15:20 - 2019-12-15 15:20 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\9712d993c768a6165d4b0ad912d91063\CLI.Caste.Platform.Dashboard.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\8069a6fc617878a1736b98a171ed0298\CLI.Component.Runtime.Shared.ni.dll
2019-12-15 15:21 - 2019-12-15 15:21 - 000884736 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\d0eea5f6ed2136348a65045b8f8096fd\CLI.Component.Systemtray.ni.dll
2019-12-15 15:21 - 2019-12-15 15:21 - 000168960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\320810050f1f25661cef004934e7f379\CLI.Component.Dashboard.ProfileManager2.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\946d6fa8f83016e6f9c2a276155d78d5\CLI.Component.Runtime.Shared.Private.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\c35134dcb54fb74c81d4b96b2f87b39a\CLI.Component.Runtime.Extension.EEU.ni.dll
2019-12-15 15:15 - 2019-12-15 15:15 - 001605632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\474163b5663053e143caa05f5082c80d\CLI.Component.Dashboard.Shared.Private.ni.dll
2019-12-15 15:16 - 2019-12-15 15:16 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\c85cdffaf9ca2b2d4d630f5e2e41ca7b\CLI.Component.Client.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000086016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\175eb1d70b1505f53e703cb0667a6ef4\CLI.Component.Dashboard.Shared.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\a046508c23e9ae2b79d975aee7ffa427\CLI.Foundation.Private.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\feb940d268e9b5006dd5ba00260ab1df\CLI.Foundation.XManifest.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000090624 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\38039fed67bd36935e6ec974a4a75432\CLI.Foundation.CoreAudioAPI.ni.dll
2019-12-15 15:16 - 2019-12-15 15:16 - 001052672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\66b159e3aeedbaf0d3c9c88307664a9c\CLI.Foundation.Client.ni.dll
2019-12-15 15:15 - 2019-12-15 15:15 - 000295424 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\a043e7b5331d3b930d19dfb585852ae3\CLI.Foundation.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\877c06914f8b80b7b1cfcf6a1d7705ad\DEM.Foundation.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000117248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\3a97a5dd1566c4e44311dbe0f4fa650d\DEM.Graphics.I0601.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000015872 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\5e6e3ad604059c139ae62f349195660c\DEM.Graphics.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\a318a9f0614092ee6b94b185e6918006\Fuel.Foundation.ni.dll
2019-12-15 15:21 - 2019-12-15 15:21 - 000289792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\9abb77f3a2be5090e30362f25e6713df\LOG.Foundation.Implementation.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000146432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\bcf1bf2f2d0172d5c9d6a31e7e4b834c\LOG.Foundation.Private.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\6957f50a766f12288aab019a7090137a\LOG.Foundation.Implementation.Private.ni.dll
2019-12-15 15:14 - 2019-12-15 15:14 - 000132096 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\c61bca8f58091e5da48c1cb2bf375ebb\LOG.Foundation.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\dcc53f6d274b8e464d54291e63b4ea32\MOM.Foundation.ni.dll
2019-10-09 14:06 - 2019-10-09 14:06 - 000391680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\0215d8329e3ed0e9374967e74739fe26\MOM.Implementation.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\82a4f93ec85a3261260cd0f294ca3ad6\NEWAEM.Foundation.ni.dll
2019-10-09 14:01 - 2019-10-09 14:01 - 000890368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\3a2a6d10822b67f2c742aa67479f8ef9\ADL.Foundation.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000250368 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Server\a689b3505ed73b57b46e07665eca7198\APM.Server.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000290816 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\1ec3356c15d3ded932d3e622c780ab1b\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2019-12-15 15:18 - 2019-12-15 15:18 - 001642496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\944dc5798ba7ad61d3ffb481e6357264\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2019-12-15 15:18 - 2019-12-15 15:18 - 006323200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\c7efd7fb8b020a6a02f5d8bff7f3db9b\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2019-12-15 15:21 - 2019-12-15 15:21 - 007986176 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\c4a785634babdf77c4e77a9a2c455a5d\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2019-12-15 15:21 - 2019-12-15 15:21 - 001131008 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\f51ad6d2115634236c28ddcc766eaffa\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2019-12-15 15:16 - 2019-12-15 15:16 - 000133632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\d31cba338e8af290aebb969059fbc693\CLI.Component.Client.Shared.Private.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000228352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\2c44be999465d9f693fdb4fcedf64492\CLI.Component.Runtime.ni.dll
2019-12-15 15:21 - 2019-12-15 15:21 - 000910336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\95befb17f4d745f8413a019a4e9cdb65\CLI.Component.Dashboard.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\80042b754f691ff39904f0e433ee9898\DEM.Graphics.I0706.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000083456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\5ec7181b355fa277940025d2b37f3f73\DEM.Graphics.I0709.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\09a29c0423bba727e975a25d67c9ac9c\DEM.Graphics.I0712.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000018944 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\743ad54381b5d2fc4dd2d298ed244f24\DEM.Graphics.I0804.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000011264 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\44cda6b466d2f4abe10687736f47cd0f\DEM.Graphics.I0805.ni.dll
2019-10-09 14:05 - 2019-10-09 14:05 - 000011776 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\c663aa09703795cf9d8e2034d3822143\DEM.Graphics.I0812.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\62e607c390be9ba70c32917ef49a5e28\DEM.Graphics.I0906.ni.dll
2019-10-09 14:03 - 2019-10-09 14:03 - 000014848 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\fcc796fbe7026acc5350173b83fb523e\DEM.Graphics.I0912.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\272eee328c11f0ef48d13fb1b9187fb1\DEM.Graphics.I1010.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 001144320 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\055f12ee067d000a1be935421b091889\Localization.Foundation.Private.ni.dll
2019-12-15 16:35 - 2019-12-15 16:35 - 000242688 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\1acdf80881b752cf98e1eaa454e06d79\ResourceManagement.Foundation.Implementation.ni.dll
2019-12-15 15:16 - 2019-12-15 15:16 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\e501f43d741b3bd03db117892e7c9279\ResourceManagement.Foundation.Private.ni.dll
2019-12-15 15:17 - 2019-12-15 15:17 - 000090112 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\39777866ae53831bab515309cbc5e36c\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2019-12-15 15:15 - 2019-12-15 15:15 - 002786304 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\278d044388f4d440e155c70701770422\CLI.Caste.Graphics.Shared.ni.dll
2019-10-09 14:04 - 2019-10-09 14:04 - 003187712 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\236da7d720839b29ce0243475f87a72a\CLI.Caste.Graphics.Runtime.ni.dll
2019-10-09 14:02 - 2019-10-09 14:02 - 000332800 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\bfa2a1e06bf89c8f9005c29001e5f3d7\Microsoft.WindowsAPICodePack.ni.dll
2019-12-15 15:16 - 2019-12-15 15:16 - 002498048 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\a1b9fe2325a43469625676620bfd5f06\Microsoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-18 18:28 - 2019-01-04 10:17 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-10-11 11:40 - 2017-10-11 11:40 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-385703609-2784001884-2048287062-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\info\Pictures\PF2015ludvici.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\StartupApproved\Run: => "KiesPreload"
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\...\StartupApproved\Run: => "KiesAirMessage"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{EC717147-1EAA-4BF0-927E-6DE1EADAD39E}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe No File
FirewallRules: [TCP Query User{BF74C556-6C9E-46DF-B11D-AE24A5BB5E0A}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe No File
FirewallRules: [{19F764C6-5756-484F-8296-E53D73AA822B}] => (Allow) C:\Program Files\Microsoft Power BI Desktop\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F424A0E4-2A5C-4FD7-BB7C-F5E7F7B88887}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EF6256BF-8D74-492A-8D0F-F6DF8151991C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{44DAD6C7-CFCC-4EA5-9987-19CD56A0B3E5}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{9D9801AA-A353-4DB6-99A1-264E251D9A55}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{D18662F0-D780-45CC-BFBD-1887B33E0E7C}C:\program files (x86)\gretech\gomremote2\gomremote2.exe] => (Block) C:\program files (x86)\gretech\gomremote2\gomremote2.exe (GRETECH -> GOM & Company)
FirewallRules: [UDP Query User{90EFEF2A-0471-4898-8D35-358730245564}C:\program files (x86)\gretech\gomremote2\gomremote2.exe] => (Block) C:\program files (x86)\gretech\gomremote2\gomremote2.exe (GRETECH -> GOM & Company)
FirewallRules: [{D62B9A81-8377-498A-BFFF-C43D83441EB9}] => (Allow) C:\Program Files (x86)\GRETECH\GOMRemote2\GomRemote2.exe (GRETECH -> GOM & Company)
FirewallRules: [{A3AA1663-BF9D-411E-8E5C-7E47B0CEE95A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{DC2B8F2B-42FB-47A0-9B14-70A5A31F1D51}C:\users\info\appdata\local\jetbrains\pycharm community edition 2019.2.5\bin\pycharm64.exe] => (Allow) C:\users\info\appdata\local\jetbrains\pycharm community edition 2019.2.5\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [UDP Query User{5B3C60C4-7E5E-4544-93C4-57A3C8D8DAD0}C:\users\info\appdata\local\jetbrains\pycharm community edition 2019.2.5\bin\pycharm64.exe] => (Allow) C:\users\info\appdata\local\jetbrains\pycharm community edition 2019.2.5\bin\pycharm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.)
FirewallRules: [TCP Query User{7C431E90-8C7B-4249-B147-208B4B8EF561}C:\users\info\pycharmprojects\manual-test\venv\scripts\python.exe] => (Allow) C:\users\info\pycharmprojects\manual-test\venv\scripts\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [UDP Query User{288A4B1A-8C7A-400D-9741-47F8F5333307}C:\users\info\pycharmprojects\manual-test\venv\scripts\python.exe] => (Allow) C:\users\info\pycharmprojects\manual-test\venv\scripts\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [{7E539324-AD45-4A21-B088-3529F89119D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{770B89DB-0FE9-4B19-9003-42661E0BDDD8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8513F82B-A35B-4D5C-B0BF-9C363BFD4FDE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1EE8D1F8-4502-4A7D-9BE7-F4C359C4A294}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D1390E37-E23D-41B7-94E8-8959D9E94532}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A3A00B1C-A7C5-49A7-80A0-38B17363ABE2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{70FD0A6A-AD41-49C3-9650-D88BEFA3F924}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ACF9A4C7-0408-49B1-AA73-CCE470657327}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.121.1654.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

10-12-2019 10:31:00 Naplánovaný kontrolní bod
18-12-2019 16:07:43 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/28/2019 01:35:02 PM) (Source: System Restore) (EventID: 8211) (User: )
Description: Naplánovaný bod obnovení nebylo možné vytvořit. Další informace: (0x81000101).

Error: (12/28/2019 01:35:01 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\system32\srtasks.exe ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x81000101).

Error: (12/07/2019 11:26:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Video.UI.exe verze 10.19101.1071.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1944

Čas spuštění: 01d5ace864c27918

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe

ID hlášení: f2fb88cc-c7a7-4447-a0a9-533110a1f783

Úplný název balíčku s chybou: Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: Microsoft.ZuneVideo

Typ zablokování: Navigation

Error: (12/07/2019 11:25:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.17763.831 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 31ac

Čas spuštění: 01d5ab39ac6c7062

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: b5c2d678-1a92-43d5-a06a-bb2a0739b5da

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/04/2019 06:17:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2019.19071.17920.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 355c

Čas spuštění: 01d5aac63888acba

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: 0f1213fe-0177-4c8e-b32b-edb6ed9cbf33

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (11/29/2019 08:23:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 70.0.1.7242 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3374

Čas spuštění: 01d5a4606cbe5ac3

Čas ukončení: 50

Cesta k aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe

ID hlášení: 5fb6db21-453e-4ee9-89c9-5d0353f4c9e7

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (11/22/2019 02:58:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.17763.831 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: f9c

Čas spuštění: 01d59f7523156964

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 89904eab-1269-4ede-ab69-9085491cc6ff

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (11/15/2019 08:26:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LockApp.exe, verze: 10.0.17763.1, časové razítko: 0x5b9c5715
Název chybujícího modulu: LockApp.exe, verze: 10.0.17763.1, časové razítko: 0x5b9c5715
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000e94d
ID chybujícího procesu: 0xe48
Čas spuštění chybující aplikace: 0x01d59ac12ba3c269
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Cesta k chybujícímu modulu: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
ID zprávy: ecbbd990-a7fe-456e-83b2-0feccd5cd34f
Úplný název chybujícího balíčku: Microsoft.LockApp_10.0.17763.1_neutral__cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: WindowsDefaultLockScreen


System errors:
=============
Error: (12/18/2019 03:45:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-M3CBPNG)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-M3CBPNG\info (SID: S-1-5-21-385703609-2784001884-2048287062-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/14/2019 09:59:48 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (12/14/2019 09:55:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba RtkAudioService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (12/14/2019 09:54:17 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba aswbIDSAgent se po přijetí pokynu pro vypnutí neukončila správně.

Error: (12/14/2019 09:54:03 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby SecurityHealthService s argumenty Není k dispozici za účelem spuštění serveru:
{2D15188C-D298-4E10-83B2-64666CCBEBBD}

Error: (12/14/2019 09:52:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Nero BackItUp Scheduler 4.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (12/14/2019 09:52:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/14/2019 09:52:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek Bluetooth Device Manager Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2019-06-09 08:44:31.872
Description:
Program Antivirová ochrana v programu Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.16000.6
Předchozí verze modulu: 1.1.15900.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-12-18 16:46:40.934
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-10 10:24:30.027
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-06 09:32:22.484
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-05 09:32:18.156
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-26 18:46:04.146
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-21 14:12:12.630
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-19 14:53:12.697
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

Date: 2019-11-11 12:41:55.326
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. 6.20 10/24/2012
Motherboard: Intel PLCSF8
Processor: Intel(R) Celeron(R) CPU 1000M @ 1.80GHz
Percentage of memory in use: 55%
Total physical RAM: 4047.22 MB
Available physical RAM: 1805.05 MB
Total Virtual: 6607.22 MB
Available Virtual: 3761.06 MB

==================== Drives ================================

Drive c: (TI30983100B) (Fixed) (Total:453.56 GB) (Free:45.99 GB) NTFS

\\?\Volume{0d9abfb1-fe8e-11e1-bbb8-9f9c8df06e63}\ (System) (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS
\\?\Volume{3455ab47-e342-4333-b3f5-1f80058e82ae}\ () (Fixed) (Total:1 GB) (Free:0.46 GB) NTFS
\\?\Volume{d2d0f7d7-351b-4a29-9672-2f9c2ac97a95}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{a20211a9-32f2-428b-bd3a-2595a8dc59a3}\ () (Fixed) (Total:0.34 GB) (Free:0.3 GB) NTFS
\\?\Volume{44b404fc-b960-4912-8965-87697378f84a}\ (Recovery) (Fixed) (Total:9.6 GB) (Free:0.6 GB) NTFS
\\?\Volume{0d9abfb9-fe8e-11e1-bbb8-9f9c8df06e63}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  HKU\S-1-5-21-385703609-2784001884-2048287062-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10270__171128__ya[browser]
  SearchScopes: HKU\S-1-5-21-385703609-2784001884-2048287062-1002 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__171128__yaie&p={searchTerms}
  S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [X]
  CustomCLSID: HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
  CustomCLSID: HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
  CustomCLSID: HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
  ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[barasera]

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by info (31-12-2019 11:32:17) Run:1
Running from C:\Users\info\Desktop
Loaded Profiles: info (Available Profiles: info)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:


PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10270__171128__ya[browser]
SearchScopes: HKU\S-1-5-21-385703609-2784001884-2048287062-1002 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10270__171128__yaie&p={searchTerms}
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [X]
CustomCLSID: HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\info\AppData\Local\Microsoft\OneDrive\17.3.6998.0830\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File


Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 1756
Average :
Sum : 997729605
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

HKU\S-1-5-21-385703609-2784001884-2048287062-1002\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-385703609-2784001884-2048287062-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} => removed successfully
HKLM\System\CurrentControlSet\Services\RtkAudioService => removed successfully
RtkAudioService => service removed successfully
HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-385703609-2784001884-2048287062-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 573114432 B
Java, Flash, Steam htmlcache => 13273 B
Windows/system/drivers => 0 B
Edge => 5471853 B
Chrome => 422238778 B
Firefox => 1499216133 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 37750 B
NetworkService => 69530 B
info => 18802003 B

RecycleBin => 0 B
EmptyTemp: => 2.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:43:28 ====

[Conder]

Vyzera to OK. Su s PC nejake problemy?

[barasera]

Děkuji moc, pracuje dobře. Testovat jej budu v novém roce.Byl dost zpomalený a při práci se mi několikrát zrestartoval.
Díky za kontrolu a přeji pěkný nový rok.
Bára

[Conder]

Napodobne zelam vsetko dobre do noveho roku

Potom sa kludne ozvi ako to vyzera s PC. Ak sa vsak vyskytuju aj nahodne restarty, tak to nasvedcuje skor HW problemy (napr. prehrievanie).