VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2020-01-17 22:22:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 184 GB (54%) free of 343 GB
Total RAM: 4095 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:22:40, on 17.1.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\EKAG20NT.EXE
C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\NetFilter\AvastAntiTrackPremiumFilter.exe
C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\UPDSHL10.EXE
C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=29530
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2153.120\elevation_service.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopapp) (bookingdesktopapp) - bookingDesktopApp. - C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopappm) (bookingdesktopappm) - bookingDesktopApp. - C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee WebAdvisor - McAfee, Inc. - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files (x86)\Wondershare\dr.fone toolkit for iOS\Library\DriverInstaller\DriverInstall.exe

--
End of file - 11963 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {8ECF6EF5-1B42-4124-83C1-1A9E80C8380B}
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {A66A1E73-0EDC-42D0-B485-CF6F443D6F07}
"C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe" -minimizedBoot
"C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe" /c
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\McAfee\WebAdvisor\UIHost.exe"
WLIDSvcM.exe 1828
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR /uac
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
szndesktop.exe default start
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "10266978851086643291-5813208761493057498-10637786421619951950-917295070-1987504446
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=7260,5380813524163338119,818324062439049992,131072 --no-sandbox --log-file="C:\Users\Martin\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (19.8.2393)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAMAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=5587735775434960385 --mojo-platform-channel-handle=7172 /prefetch:2
"C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\EKAG20NT.EXE" 02004FCC1CF65A4B 0
"C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\NetFilter\AvastAntiTrackPremiumFilter.exe"
"C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\UPDSHL10.EXE" 01004FCC1CF65A4B 0
CefSharp.BrowserSubprocess.exe --type=gpu-process --disable-features=AsyncWheelEvents,SurfaceSynchronization,TouchpadAndWheelScrollLatching --no-sandbox --log-file="C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --use-gl=swiftshader-webgl --log-file="C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\debug.log" --lang=en-US --service-request-channel-token=7E2B95CF505DF1E25ADDCF128C2148BC --mojo-platform-channel-handle=4460 /prefetch:2 --wcf-enabled --host-process-id=1996 --wcf-enabled --host-process-id=1996
CefSharp.BrowserSubprocess.exe --type=renderer --no-sandbox --disable-features=AsyncWheelEvents,SurfaceSynchronization,TouchpadAndWheelScrollLatching --disable-gpu-compositing --service-pipe-token=88FB2DC06F6B84A674BA11AABF6FCA2B --disable-blink-features=RootLayerScrolling --lang=en-US --log-file="C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\debug.log" --enable-system-flash=1 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=88FB2DC06F6B84A674BA11AABF6FCA2B --renderer-client-id=3 --mojo-platform-channel-handle=2540 /prefetch:1 --wcf-enabled --host-process-id=1996
CefSharp.BrowserSubprocess.exe --type=renderer --no-sandbox --disable-features=AsyncWheelEvents,SurfaceSynchronization,TouchpadAndWheelScrollLatching --disable-gpu-compositing --service-pipe-token=FE2B63EB3F398EE6F4F9A457D5DDE332 --disable-blink-features=RootLayerScrolling --lang=en-US --log-file="C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\debug.log" --enable-system-flash=1 --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=FE2B63EB3F398EE6F4F9A457D5DDE332 --renderer-client-id=7 --mojo-platform-channel-handle=1732 /prefetch:1 --wcf-enabled --host-process-id=1996
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4876.0.221833620\1580320115" -parentBuildID 20200107212822 -prefsHandle 1140 -prefMapHandle 1132 -prefsLen 1 -prefMapSize 222155 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4876 "\\.\pipe\gecko-crash-server-pipe.4876" 1220 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4876.3.661711570\1506302296" -childID 1 -isForBrowser -prefsHandle 1776 -prefMapHandle 1772 -prefsLen 152 -prefMapSize 222155 -parentBuildID 20200107212822 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4876 "\\.\pipe\gecko-crash-server-pipe.4876" 1788 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4876.13.1180925366\134096645" -childID 2 -isForBrowser -prefsHandle 3036 -prefMapHandle 3032 -prefsLen 6414 -prefMapSize 222155 -parentBuildID 20200107212822 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4876 "\\.\pipe\gecko-crash-server-pipe.4876" 3048 tab
"C:\Program Files\McAfee\WebAdvisor\BrowserHost.exe" "C:\Program Files\McAfee\WebAdvisor\webadvisor.mcafee.firefox.extension.json" {4ED1F68A-5463-4931-9384-8FFF5ED91D92}
\??\C:\Windows\system32\conhost.exe "123389093-837537036-1522813330-13703281116560488431087966596-955771010-204944489
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4876.20.1583791774\2116518512" -childID 3 -isForBrowser -prefsHandle 3924 -prefMapHandle 3880 -prefsLen 7146 -prefMapSize 222155 -parentBuildID 20200107212822 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4876 "\\.\pipe\gecko-crash-server-pipe.4876" 3936 tab
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\msiexec.exe /V
C:\Windows\System32\svchost.exe -k swprv
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Martin\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

=========Mozilla firefox=========

ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fdxoo136.default-1443874292075-1558802546646

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "www.seznam.cz"

"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"=C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
"{7bb202fa-9247-49c6-898c-ce0d36bc44e3}"=C:\Program Files (x86)\mypopupblocker\ff\my_popup_blocker-1.0.0-fx.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@bookingdesktopapp.com/bookingDesktopApp Update;version=3]
"Description"=bookingDesktopApp Update
"Path"=C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@bookingdesktopapp.com/bookingDesktopApp Update;version=9]
"Description"=bookingDesktopApp Update
"Path"=C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@virtools.com/3DviaPlayer]
"Description"=3Dvia Player For Mozilla Based Broswer
"Path"=C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.154 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-12-14 1356368]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-12-14 1043128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-10-06 268680]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2019-12-09 302904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"cz.seznam.software.autoupdate"=C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe [2018-03-27 1069296]
"cz.seznam.software.szndesktop"=C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2019-12-09 67384]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2019-12-09 110392]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2019-12-09 67896]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2019-12-09 356664]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2019-10-15 24552064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ADSMTray]
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2012-02-20 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-09-29 8123936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk]
C:\Windows\INSTAL~1\{E5CF6~1\NEWSHO~4.EXE [2012-02-20 156952]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-10-09 6937216]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2018-03-27 1069296]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2020-01-17 19:54:15 ----D---- C:\ProgramData\UpdShl
2020-01-17 19:52:20 ----RASHD---- C:\ProgramData\Key-Base
2020-01-17 19:52:20 ----D---- C:\ProgramData\{767E60B0-2359-A392-C612-C053416D4839}
2020-01-17 19:51:48 ----A---- C:\Windows\system32\drivers\netfilter2.sys
2020-01-17 19:50:50 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2020-01-17 19:50:44 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2020-01-06 20:55:39 ----D---- C:\Program Files\iPod
2020-01-06 20:54:45 ----D---- C:\Program Files\iTunes

======List of files/folders modified in the last 1 month======

2020-01-17 22:22:39 ----D---- C:\Windows\system32\drivers\etc
2020-01-17 22:22:39 ----D---- C:\Program Files\Trend Micro
2020-01-17 22:21:27 ----RD---- C:\Program Files (x86)
2020-01-17 22:19:11 ----D---- C:\FRST
2020-01-17 22:18:54 ----SHD---- C:\System Volume Information
2020-01-17 22:18:48 ----SHD---- C:\Windows\Installer
2020-01-17 22:18:48 ----D---- C:\Windows\temp
2020-01-17 22:18:39 ----AD---- C:\Windows
2020-01-17 22:16:25 ----D---- C:\temp
2020-01-17 22:13:04 ----D---- C:\Windows\inf
2020-01-17 20:32:30 ----D---- C:\Users\Martin\AppData\Roaming\Seznam.cz
2020-01-17 20:31:42 ----D---- C:\Windows\System32
2020-01-17 20:31:42 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-01-17 20:24:08 ----D---- C:\ProgramData\NVIDIA
2020-01-17 20:01:41 ----D---- C:\Windows\system32\config
2020-01-17 19:54:15 ----D---- C:\ProgramData
2020-01-17 19:51:48 ----D---- C:\Windows\system32\drivers
2020-01-17 19:51:14 ----D---- C:\Config.Msi
2020-01-17 19:51:02 ----D---- C:\Windows\winsxs
2020-01-17 19:50:54 ----RSD---- C:\Windows\assembly
2020-01-17 19:50:50 ----D---- C:\Program Files
2020-01-17 19:50:33 ----D---- C:\ProgramData\Package Cache
2020-01-17 19:49:54 ----D---- C:\Windows\SysWOW64
2020-01-17 19:49:09 ----D---- C:\Program Files (x86)\AVAST Software
2020-01-17 07:41:04 ----D---- C:\Windows\Prefetch
2020-01-17 07:39:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-01-17 07:39:17 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2012-02-20 35384]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2019-10-06 209552]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2019-10-06 65120]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2019-10-06 83792]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2019-10-06 316528]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2019-10-06 204824]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2019-10-06 274456]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2019-10-06 276952]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2019-10-06 42736]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2019-10-06 110320]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2019-10-06 848432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2019-10-06 460448]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-08-05 283200]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-12-16 40816]
R1 netfilter2;netfilter2; C:\Windows\system32\drivers\netfilter2.sys [2019-09-10 54744]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-10-06 171520]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2019-10-06 236024]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35344]
R3 ElbyCDFL;ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [2007-02-16 40648]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-09-29 2005024]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-09-04 62464]
R3 mod7700;DiBcom DIB7700 based TV tuner device; C:\Windows\System32\Drivers\dvb7700all.sys [2009-05-15 956416]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2009-10-05 6952960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-06-22 868848]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-07-01 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 21160]
S3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 OlyCamComm;OLYMPUS USB Communication Device; C:\Windows\system32\DRIVERS\OlyCamComm.sys [2009-09-09 24208]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2017-10-11 54784]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2019-09-10 88136]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2019-08-26 96056]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-10-06 996880]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-02 864032]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 McAfee WebAdvisor;McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [2019-12-14 913208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-12-26 6259592]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2019-12-09 658232]
S2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-17 359552]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-08 164984]
S2 bookingdesktopapp;bookingDesktopApp Update Service (bookingdesktopapp); C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-12-07 102400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-02 1258856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-14 335872]
S3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-06-08 164984]
S3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service; C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2153.120\elevation_service.exe [2019-11-05 970088]
S3 bookingdesktopappm;bookingDesktopApp Update Service (bookingdesktopappm); C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-12-07 102400]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\elevation_service.exe [2020-01-07 1113072]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-01-11 244936]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-10 836176]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-22 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

-------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-15.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-20-2020
# Duration: 00:00:53
# OS: Windows 7 Home Premium
# Scanned: 34764
# Detected: 37


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.MyPopUpBlocker C:\Program Files (x86)\mypopupblocker
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\Martin\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1410C6BA-AB10-4C79-8A27-8C83EE59EA4B}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B2C149-1B7A-48E7-8376-B64919981270}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{50544664-DB71-4198-8E3A-524708F2CE6}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65EFBFDB-4891-46BD-9940-D3688C75F8B}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7063E15B-123A-4D51-9DAB-A68D7E1E9BE}
PUP.Optional.CrossRider HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F30EFA32-B3FE-4685-A38F-47916BC23930}
PUP.Optional.EoRezo HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
PUP.Optional.MyPopUpBlocker HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{7bb202fa-9247-49c6-898c-ce0d36bc44e3}
PUP.Optional.MyPopUpBlocker HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions|{7bb202fa-9247-49c6-898c-ce0d36bc44e3}
PUP.Optional.MyPopUpBlocker HKLM\Software\Classes\Installer\Features\AB3DC63D3FA77F043973607CC236B422
PUP.Optional.MyPopUpBlocker HKLM\Software\Classes\Installer\Products\AB3DC63D3FA77F043973607CC236B422
PUP.Optional.MyPopUpBlocker HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AB3DC63D3FA77F043973607CC236B422
PUP.Optional.MyPopUpBlocker HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D36CD3BA-7AF3-40F7-9337-06C72C634B22}
PUP.Optional.MyPopUpBlocker HKLM\Software\Wow6432Node\\Mozilla\Firefox\Extensions|{7bb202fa-9247-49c6-898c-ce0d36bc44e3}
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

Preinstalled.ASUSControlDeck Folder C:\Program Files (x86)\ASUS\CONTROLDECK
Preinstalled.ASUSControlDeck Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUSControlDeck
Preinstalled.ASUSControlDeck Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5B65EF64-1DFA-414A-8C94-7BB726158E21}
Preinstalled.ASUSControlDeck Task C:\Windows\System32\Tasks\ASUSCONTROLDECK
Preinstalled.ASUSFancyStart Folder C:\ASUS.DAT
Preinstalled.ASUSFancyStart Folder C:\Program Files (x86)\ASUS\FANCYSTART
Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Preinstalled.ASUSSplendid Folder C:\Program Files (x86)\ASUS\SPLENDID
Preinstalled.ASUSSplendid Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACMON
Preinstalled.ASUSSplendid Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}
Preinstalled.ASUSSplendid Task C:\Windows\System32\Tasks\ACMON
Preinstalled.ASUSVirtualCamera Folder C:\Program Files (x86)\ASUS\VIRTUALCAMERA
Preinstalled.ASUSVirtualCamera Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}


AdwCleaner[S00].txt - [6695 octets] - [04/11/2018 19:45:22]
AdwCleaner[C00].txt - [5975 octets] - [04/11/2018 19:45:56]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

V AdwCleaneri je potrebne este zmazat tieto nalezy. Detekovane predinstalovane mozes ponechat, ak ich potrebujes alebo pouzivas (ak nie, tak mozes tiez zmazat). Nasledne poprosim aj o log z cistenia.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-03-2020
# Duration: 00:00:09
# OS: Windows 7 Home Premium
# Cleaned: 24
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Program Files (x86)\mypopupblocker
Deleted C:\Users\Martin\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1410C6BA-AB10-4C79-8A27-8C83EE59EA4B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B2C149-1B7A-48E7-8376-B64919981270}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{50544664-DB71-4198-8E3A-524708F2CE6}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65EFBFDB-4891-46BD-9940-D3688C75F8B}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7063E15B-123A-4D51-9DAB-A68D7E1E9BE}
Deleted HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F30EFA32-B3FE-4685-A38F-47916BC23930}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\Mozilla\Firefox\Extensions|{7bb202fa-9247-49c6-898c-ce0d36bc44e3}
Deleted HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions|{7bb202fa-9247-49c6-898c-ce0d36bc44e3}
Deleted HKLM\Software\Classes\Installer\Features\AB3DC63D3FA77F043973607CC236B422
Deleted HKLM\Software\Classes\Installer\Products\AB3DC63D3FA77F043973607CC236B422
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AB3DC63D3FA77F043973607CC236B422
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D36CD3BA-7AF3-40F7-9337-06C72C634B22}
Deleted HKLM\Software\Wow6432Node\\Mozilla\Firefox\Extensions|{7bb202fa-9247-49c6-898c-ce0d36bc44e3}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6695 octets] - [04/11/2018 19:45:22]
AdwCleaner[C00].txt - [5975 octets] - [04/11/2018 19:45:56]
AdwCleaner[S01].txt - [5379 octets] - [20/01/2020 21:29:32]
AdwCleaner[S02].txt - [5440 octets] - [03/02/2020 09:54:00]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-02-2020
Ran by Martin (02-03-2020 00:49:35)
Running from C:\Users\Martin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-19 17:43:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-88772817-131360668-2424160999-500 - Administrator - Disabled)
Guest (S-1-5-21-88772817-131360668-2424160999-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-88772817-131360668-2424160999-1002 - Limited - Enabled)
Martin (S-1-5-21-88772817-131360668-2424160999-1000 - Administrator - Enabled) => C:\Users\Martin
UpdatusUser (S-1-5-21-88772817-131360668-2424160999-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)
Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Alcor Micro USB Card Reader (HKLM-x32\...\{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
AliExpress version 1.1.0.5019 (HKLM-x32\...\70652e10-a720-11e6-bfea-d33ec8ab8d4f_is1) (Version: 1.1.0.5019 - )
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.7 - ASUS)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS)
ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.24 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ASUS_N_Series_Screensaver (HKLM-x32\...\ASUS_N_Series_Screensaver) (Version: - )
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0053 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0007 - ASUS)
Audioactive MP3 Decoder (HKLM-x32\...\Audioactive MP3 Decoder) (Version: - )
Avast Pro Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 79.0.3061.79 - Autoři prohlížeče Avast Secure Browser)
AvastAntiTrackPremium (HKLM-x32\...\AvastAntiTrackPremium) (Version: 1.4.0.20122 - Avast)
Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.4 - ASUS)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.1 - Dolphin Development Team)
dr.fone toolkit for iOS (Version 8.5.0) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 8.5.0.54 - Wondershare Technology Co.,Ltd.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Express Gate (HKLM-x32\...\{865CD808-6D31-4269-9D36-693CFE75D26A}) (Version: 1.2.13.16 - DeviceVM, Inc.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farming Simulator 15 (HKLM-x32\...\Farming Simulator 15_is1) (Version: 1.2.0.0 - Релиз от R.G. Steamgames)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.4 - ASUS)
FormatFactory 2.95 (HKLM-x32\...\FormatFactory) (Version: 2.95 - Free Time)
Free MP3 Cutter 1.01 (HKLM-x32\...\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1) (Version: - PolySoft Solutions)
Free Mp3 Wma Converter V 1.81 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: - )
GameLoad 2.0.0 (HKLM-x32\...\{7FEA7AEB-C073-4687-B3E1-5282DFABAB56}_is1) (Version: 2.0.0 - Ant Media, s. r. o.)
Google Earth Pro (HKLM-x32\...\{9D524A1E-F2FC-444D-B12A-7592CEB56EB5}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.122 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{359CA9EA-898C-4F5C-80D9-C111F27B489E}) (Version: 7.17.0.13 - Apple Inc.)
iTunes (HKLM\...\{65D2540A-990F-45BC-AF4C-482488F457E4}) (Version: 12.10.3.1 - Apple Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.7 - PandoraTV)
MainConcept MCE Encoder 64bit (HKLM\...\{FE6B5787-597D-4618-A4AB-261AAED9B5FD}) (Version: 1.5.1.1 - MainConcept GmbH)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.72 - McAfee, LLC.)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 73.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 73.0.1 (x64 cs)) (Version: 73.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
MP3 To WMA Converter 1.00 (HKLM-x32\...\MP3 To WMA Converter_is1) (Version: - )
MPEG2 Codec(libmpeg2/mad) (HKLM-x32\...\MPEG2 Codec(libmpeg2/mad)) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Need for Speed™ III & IV (HKLM-x32\...\{77465409-E6F7-4A95-A8BE-A08200069627}_is1) (Version: 1.0 - Electronic Arts)
NVIDIA Ovladač 3D Vision 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
O2 (HKLM-x32\...\O2CZ) (Version: - O2)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM-x32\...\{797808CA-1563-4EA0-A280-1371AC2F2310}) (Version: 1.3.0 - OLYMPUS IMAGING CORP.)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 54.0.2952.64 (HKLM-x32\...\Opera 54.0.2952.64) (Version: 54.0.2952.64 - Opera Software)
Operation Flashpoint ®: Red River (HKLM-x32\...\{434D083E-7E9A-4D3A-914B-121000008100}) (Version: 1.0.0000.129 - Codemasters) Hidden
Operation Flashpoint ®: Red River (HKLM-x32\...\GFWL_{434D083E-7E9A-4D3A-914B-121000008100}) (Version: 1.0.0000.129 - Codemasters)
Ovládací panel NVIDIA 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 306.97 - NVIDIA Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
PhotoFiltre 7 (HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\PhotoFiltre 7) (Version: - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{DA78A9DC-3599-4D81-A960-B679687A6C14}) (Version: 8.3 - Apple Inc.)
PPSSPP version 1.4.2 (HKLM-x32\...\PPSSPP_is1) (Version: 1.4.2 - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
QuickTime Alternative 3.2.2 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.2 - )
rajče průvodce verze 1.59.45.260 (HKLM-x32\...\rajče.net_is1) (Version: - rajče.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5948 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.2.0 - sunplus)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.1500 - SRS Labs, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stellarium 0.11.2 (HKLM-x32\...\Stellarium_is1) (Version: - )
The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
Trend Micro Internet Security (HKLM\...\{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}) (Version: 17.50 - Trend Micro Inc.)
Trend Micro Internet Security (HKLM\...\{9D2B0322-44AE-460E-9283-4D2D7A9205AE}) (Version: 17.50 - Trend Micro Inc.) Hidden
Unity Web Player (HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.12 - ASUS)
Wolfenstein - Enemy Territory (HKLM-x32\...\Wolfenstein - Enemy Territory) (Version: - )
WorldofWarships (HKLM-x32\...\WorldofWarships) (Version: - )

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] () [File not signed]
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-02] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-02] () [File not signed]
ContextMenuHandlers1: [ADSMEnDecExt] -> {8BB925EB-A385-4F4D-B463-D9CC4A4F98F5} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmendecExt.dll [2009-09-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_101.dll [2012-01-20] (Free Time) [File not signed]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-01-22] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ADSMEnDecExt] -> {8BB925EB-A385-4F4D-B463-D9CC4A4F98F5} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmendecExt.dll [2009-09-30] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FreeTime\FormatFactory\ShellEx64_101.dll [2012-01-20] (Free Time) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Martin\Desktop\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=53sDTJYOcziiQeXQ4m3NyN45isd2zAKCJsxHxyPJpzJSKQeHQ3jnvipJgAAAKJLQA4ie&click_id=91160a85b3bb4d2f8dd5b6861bd2a1497233060c --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WOW\WorldofWarships.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=772&aff_id=1034&aff_sub=100
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks\WorldofTanks.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=174&aff_id=1034
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=53sDTJYOcziiQeXQ4m3NyN45isd2zAKCJsxHxyPJpzJSKQeHQ3jnvipJgAAAKJLQA4ie&click_id=91160a85b3bb4d2f8dd5b6861bd2a1497233060c --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=53sDTJYOcziiQeXQ4m3NyN45isd2zAKCJsxHxyPJpzJSKQeHQ3jnvipJgAAAKJLQA4ie&click_id=91160a85b3bb4d2f8dd5b6861bd2a1497233060c --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofTanks.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=174&aff_id=1034
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WorldofWarships.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://go.playmmogames.com/aff_c?offer_id=772&aff_id=1034&aff_sub=100

==================== Loaded Modules (Whitelisted) =============

2007-06-02 01:52 - 2007-06-02 01:52 - 000159744 _____ () [File not signed] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
2007-06-15 19:28 - 2007-06-15 19:28 - 000104960 _____ () [File not signed] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
2007-06-15 19:28 - 2007-06-15 19:28 - 000147456 _____ () [File not signed] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
2007-06-02 02:08 - 2007-06-02 02:08 - 000143360 _____ () [File not signed] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
2019-09-12 17:22 - 2019-09-12 17:22 - 000810496 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.Core.dll
2019-09-12 17:22 - 2019-09-12 17:22 - 001200640 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.Core.dll
2019-09-12 17:22 - 2019-09-12 17:22 - 085617664 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\libcef.dll
2019-09-12 17:22 - 2019-09-12 17:22 - 000103424 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\swiftshader\libegl.dll
2019-09-12 17:22 - 2019-09-12 17:22 - 002238464 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\swiftshader\libglesv2.dll
2019-12-07 11:13 - 2019-12-07 11:13 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll
2017-04-21 12:24 - 2017-04-21 12:24 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2013-01-17 12:17 - 2013-01-17 12:17 - 001658368 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80.DLL
2013-01-17 12:17 - 2013-01-17 12:17 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL
2012-10-02 17:23 - 2012-10-02 17:23 - 000903584 _____ (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2019-09-12 17:22 - 2019-09-12 17:22 - 001084416 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\x86\SQLite.Interop.dll
2019-09-12 17:22 - 2019-09-12 17:22 - 000180224 _____ (Software Security System) [File not signed] C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekc3220.dll
2019-09-12 17:22 - 2019-09-12 17:22 - 000510976 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2020-01-17 22:22 - 000000039 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-88772817-131360668-2424160999-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 89.187.192.121 - 77.95.42.102
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk => C:\Windows\pss\SRS Premium Sound.lnk.CommonStartup
MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{0583A2D6-D741-4B6E-9228-C297B4D0710A}E:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr841n\easysetupassistant.exe No File
FirewallRules: [UDP Query User{5C9FF138-06D0-4151-B44C-CB16C4C0E45F}E:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr841n\easysetupassistant.exe No File
FirewallRules: [{F9C9A0FA-04A4-4C14-B1C0-9240A3A9AFF7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DA855C0D-CE46-4158-B09C-EC1CA63EF8C1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3205E319-8E8C-46C6-8A07-AD6E84ECF27E}] => (Allow) C:\Users\Martin\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Software Sarl -> Skype Limited)
FirewallRules: [{10E0C847-0E33-4C65-A530-463F6A0B4D0B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{1C143D5F-04CF-4678-AD71-9D7D271F266F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6E1DC11A-07AE-43C8-86E9-559ACB8120A7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{A73FD97D-DA1C-47C5-95CE-8ADC72B6B919}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{93D6640F-DA64-478A-B039-9E3CA9957897}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{71CFD676-E4AB-496E-B737-B525DB2A8CD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe (Valve -> )
FirewallRules: [{56BF8325-0660-4662-8938-E6B2BDCBC94C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FFE1D62B-8922-4520-9DB2-D7CDBC21555A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{A1922374-BE06-44BE-A681-0AB9D17BE8E9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E3A5DB41-245B-442F-816B-F5DDF552BBB1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3CCE1EB8-4B03-48C8-B945-CE20129300EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7C50A7F8-47E5-434E-AB48-4F83CE22868A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9ADDF5A6-9DD1-41B3-A6AD-50706513AA42}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{26607A5C-7E1F-445B-9D25-BE41FD5B9C58}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AD726A20-4A66-45F1-AEF7-28FD59D6BDE5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C7C83769-7936-4A5E-8E9B-F701AAB15E52}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A6EACC62-2A95-4FD7-ADEC-177497CD6DAC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{B3404AD9-0688-4ADF-92AF-814E385FA343}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Block) C:\program files (x86)\wolfenstein - enemy territory\et.exe () [File not signed]
FirewallRules: [UDP Query User{26925DF4-74AC-4069-9821-703420CF7ABA}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Block) C:\program files (x86)\wolfenstein - enemy territory\et.exe () [File not signed]
FirewallRules: [{0D198F17-0552-4BBC-8B63-E82FCDA7799D}] => (Allow) C:\Program Files (x86)\Opera\54.0.2952.51\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{7C45F07F-0ED1-4C52-AB28-715BE9FB3FEB}] => (Allow) c:\program files (x86)\opera\54.0.2952.64\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{ED9C1B7D-67B3-4BCF-88DE-0EE6021C0264}] => (Allow) C:\Program Files (x86)\Remotr\RemotrServer.exe (RemoteMyApp sp. z o.o. -> RemoteMyApp sp. z o.o.)
FirewallRules: [TCP Query User{D0E8D1BF-8407-48E4-8382-888E8F711930}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Block) C:\program files (x86)\wolfenstein - enemy territory\et.exe () [File not signed]
FirewallRules: [UDP Query User{3892D177-B045-4ADC-8C0E-DAB800076528}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Block) C:\program files (x86)\wolfenstein - enemy territory\et.exe () [File not signed]
FirewallRules: [{3139424A-84C1-4D3D-8B58-3D7438BB301C}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AD1DFDE3-74BD-4A9D-8015-2B352A786364}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{BE637484-3F78-4FE6-972D-E5A0310A6463}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/02/2020 12:37:33 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (03/02/2020 12:18:48 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (03/02/2020 12:09:18 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (03/01/2020 11:37:29 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (03/01/2020 11:26:10 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (03/01/2020 11:19:08 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (03/01/2020 11:14:01 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (03/01/2020 11:09:29 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (03/02/2020 12:19:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 6krát.

Error: (03/02/2020 12:09:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 5krát.

Error: (03/01/2020 11:26:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 4krát.

Error: (03/01/2020 11:20:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (03/01/2020 11:10:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (03/01/2020 11:06:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (03/01/2020 11:06:49 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (03/01/2020 11:06:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Rozpoznávací modul sběrnice PnP-X IP závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
Při spouštění služba uvízla ve spouštěcím stavu.


Windows Defender:
===================================
Date: 2015-05-25 05:39:24.205
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{AE795944-3210-4E80-816E-DEDE6CCC0836}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-05-13 05:31:49.969
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{B484E742-4F27-41B7-97E5-C36404C5E63D}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-05-10 02:34:49.497
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070003
Popis chyby:Systém nemůže nalézt uvedenou cestu.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-05-10 02:34:49.497
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

Date: 2015-02-13 16:20:45.871
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Uživatel
Typ podpisu:
Typ aktualizace:
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x8050a003
Popis chyby:Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2015-02-13 16:04:47.019
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Zálohování
Kód chyby:0x80070714
Popis chyby:Zadaný soubor bitové kopie neobsahuje oddíl prostředků.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-02-13 16:01:33.609
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze podpisu:1.191.4816.0
Verze modulu:1.1.11302.0

CodeIntegrity:
===================================

Date: 2015-12-23 23:57:28.968
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:47:30.970
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:47:00.567
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:46:30.184
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:45:56.897
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:45:26.451
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:44:53.099
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-12-23 21:44:22.662
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 207 08/31/2009
Motherboard: ASUSTeK Computer Inc. N61Vg
Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 88%
Total physical RAM: 4095.24 MB
Available physical RAM: 459.37 MB
Total Virtual: 8188.66 MB
Available Virtual: 4402.77 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:334.6 GB) (Free:184.17 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Zaloha) (Fixed) (Total:131.16 GB) (Free:27.45 GB) NTFS


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 232DB247)
Partition 1: (Active) - (Size=334.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=131.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-02-2020
Ran by Martin (administrator) on MARTIN-PC (ASUSTeK Computer Inc. N61Vg) (02-03-2020 00:47:34)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc. -> Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.141.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> Avast Technologies LLC) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\NetFilter\AvastAntiTrackPremiumFilter.exe
(Avast Software s.r.o. -> avast technologies, LLC) C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sciensoft Software Security) [File not signed] C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Updshl10.exe
(Software Security System) [File not signed] C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\Ekag20nt.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\CefSharp.BrowserSubprocess.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\dr.fone toolkit for iOS\Library\DriverInstaller\DriverInstall.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-12-09] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6937216 2009-10-09] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-20] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-01-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-01-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-01-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-01-22] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-88772817-131360668-2424160999-1000\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [67384 2020-01-22] (Apple Inc. -> Apple Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.122\Installer\chrmstp.exe [2020-03-01] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\79.0.3061.79\Installer\chrmstp.exe [2020-02-14] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2009-05-01] (ASUS) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{2AD920F6-D745-4d8b-9526-619171C2CC4D}] -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [2009-04-02] (ASUSTek Computer Inc.) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{455BD3EC-20A5-44c3-8D77-396909825B5E}] -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [2009-04-02] (ASUSTek Computer Inc.) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-07-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{120495C2-9E38-48a2-A08B-C302F7487628}] -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [2009-04-02] (ASUSTek Computer Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-03-04]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C5A61E6-EA31-419F-89F8-4659290547AB} - System32\Tasks\GoogleUpdateTaskMachineUA1d2bf86f48783f1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {49EB761C-0C71-4FF9-9DC0-A47CD640681E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {58E36E4F-5F6B-4DDD-B573-A7C002A941B6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {5946BFB3-A3D3-488B-9F60-9CC612AA3F43} - System32\Tasks\Microsoft\Windows\AvastAntiTrackPremium\AvastAntiTrackPremiumStart => C:\Program Files (x86)\AVAST Software\AvastAntiTrackPremium\AvastAntiTrackPremium.exe [21085552 2019-09-17] (Avast Software s.r.o. -> avast technologies, LLC)
Task: {6B3CC773-3724-468B-86C4-8E257D96B15F} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {6F681E59-CD4F-4C4D-B926-CFF973CE665E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {8B2A6477-BD6D-4BCC-85B2-512146B7DCE2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9069B584-2487-4762-87D6-80D7559D5433} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-03-01] (Avast Software s.r.o. -> Avast Software)
Task: {9517B6A8-9BA1-4F88-B49F-3A28D1315739} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [1449472 2018-08-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {99557A7D-CBDC-4D7A-AE67-6992B98360B4} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-12-07] (bookingDesktopApp.) [File not signed]
Task: {ADCB020C-D73F-4342-A9B6-70B32ABF22E1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1865776 2020-01-08] (AVAST Software s.r.o. -> AVAST Software)
Task: {C0A3BAEA-C749-4DD6-BFB9-D4D17A305A7A} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-12-07] (bookingDesktopApp.) [File not signed]
Task: {D1605E7D-DD66-4E4B-83F4-91E903091484} - System32\Tasks\SafeZone scheduled Autoupdate 1455452441 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {D676B8BC-0939-45EE-8502-03FB2D8E0E7B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
Task: {D961C52A-321D-48FB-9DCA-DAB5C5FE7613} - System32\Tasks\GoogleUpdateTaskMachineCore1d2bf86f2add21b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-01] (Google Inc -> Google Inc.)
Task: {E0253F49-FD56-4FE9-8002-1718830FF6C5} - System32\Tasks\Opera scheduled Autoupdate 1416086142 => c:\program files (x86)\opera\launcher.exe [1311832 2018-07-25] (Opera Software AS -> Opera Software)
Task: {F554F20C-3F7B-408E-9E84-4431E09756DA} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1865776 2020-01-08] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 10 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 89.187.192.121 77.95.42.102 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{1B9CAFE7-B88E-4CA1-888E-611CAD0DB6BB}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{AFB9C3CA-8913-481D-9463-8BAA0A5EE415}: [DhcpNameServer] 89.187.192.121 77.95.42.102 8.8.8.8 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-88772817-131360668-2424160999-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=29530
SearchScopes: HKU\S-1-5-21-88772817-131360668-2424160999-1000 -> {109EFF5F-A572-41C9-8466-2296190C84D9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-88772817-131360668-2424160999-1000 -> {3A8F3DA4-B21C-48BF-89E9-D25E44144545} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_29530
SearchScopes: HKU\S-1-5-21-88772817-131360668-2424160999-1000 -> {3EC0DE54-6A06-49D0-9829-2D1C1EE6A004} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_29530
SearchScopes: HKU\S-1-5-21-88772817-131360668-2424160999-1000 -> {7BC0A801-F84A-4207-91C3-BE07572385C1} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-88772817-131360668-2424160999-1000 -> {899D1A2E-28E7-42D6-AB20-3436C2E33445} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-88772817-131360668-2424160999-1000 -> {B9CE047D-4082-4704-A514-4603B35B389B} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_29530
SearchScopes: HKU\S-1-5-21-88772817-131360668-2424160999-1000 -> {C03DACF9-F4BE-4571-94B4-303E78A2C482} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_29530
SearchScopes: HKU\S-1-5-21-88772817-131360668-2424160999-1000 -> {CDCDAA1A-A079-44BE-A9C0-636906E6B4C8} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-88772817-131360668-2424160999-1000 -> {EADCDAD7-177A-4C9B-BE8A-601E46C9BAA3} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_29530
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-03-01] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-03-01] (McAfee, LLC -> McAfee, Inc.)

FireFox:
========
FF DefaultProfile: fdxoo136.default-1443874292075-1558802546646
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fdxoo136.default-1443874292075-1558802546646 [2020-03-01]
FF user.js: detected! => C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fdxoo136.default-1443874292075-1558802546646\user.js [2019-12-07]
FF Homepage: Mozilla\Firefox\Profiles\fdxoo136.default-1443874292075-1558802546646 -> www.seznam.cz
FF Extension: (Avast Online Security) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fdxoo136.default-1443874292075-1558802546646\Extensions\wrc@avast.com.xpi [2019-10-15]
FF Extension: (Go Green Floral by Lucky9) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fdxoo136.default-1443874292075-1558802546646\Extensions\{49642447-3767-4e97-8639-bc0860461c9d}.xpi [2019-06-09]
FF Extension: (Freight Train - Genesee & Wyoming) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fdxoo136.default-1443874292075-1558802546646\Extensions\{86ff373a-4391-4528-b1b2-9c5ad96ef318}.xpi [2019-06-04]
FF Extension: (Simple Space Stars) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\fdxoo136.default-1443874292075-1558802546646\Extensions\{b721610c-33d1-498d-b94c-73209c43bbc6}.xpi [2019-06-04]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-03-01]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-14] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-02-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-14] (Adobe Systems Incorporated -> )
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-12-07] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-12-07] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-02-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll [2012-04-05] (Dassault Systèmes) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-02-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-88772817-131360668-2424160999-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Martin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
FF Plugin HKU\S-1-5-21-88772817-131360668-2424160999-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Martin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies SF -> Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2020-03-01]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-26]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-12-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-17]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-12]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2019-08-26] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-26] (AVAST Software s.r.o. -> AVAST Software)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-08] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-06-08] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\79.0.3061.79\elevation_service.exe [968552 2020-01-08] (AVAST Software s.r.o. -> AVAST Software)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-12-07] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-12-07] (bookingDesktopApp.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [920656 2020-03-01] (McAfee, LLC -> McAfee, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [473824 2017-05-05] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for iOS\Library\DriverInstaller\DriverInstall.exe [119008 2017-06-28] (Wondershare Technology Co.,Ltd -> Wondershare)
U4 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [44032 2009-08-21] (Microsoft Windows Hardware Compatibility Publisher -> Alcor Micro, Corp.)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] (ASUSTeK Computer Inc. -> )
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [276952 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-10-06] (AVAST Software s.r.o. -> AVAST Software)
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1394688 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-08-05] (DT Soft Ltd -> DT Soft Ltd)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
S3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [140800 2009-07-09] (Microsoft Windows Hardware Compatibility Publisher -> ELAN Microelectronic Corp.)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [243200 2009-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Tech. Co., Ltd.)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [117248 2009-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [62464 2009-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15928 2009-06-18] (ASUSTeK Computer Inc. -> Windows (R) Win 7 DDK provider)
R3 mod7700; C:\Windows\System32\Drivers\dvb7700all.sys [956416 2009-05-15] (Microsoft Windows Hardware Compatibility Publisher -> DiBcom)
R1 netfilter2; C:\Windows\System32\drivers\netfilter2.sys [54744 2019-09-10] (Praetorian Technologies, LLC -> Windows (R) Win 7 DDK provider)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 SiSGbeLH; C:\Windows\System32\DRIVERS\SiSG664.sys [56832 2009-06-10] (Microsoft Windows -> Silicon Integrated Systems Corp.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] (SONIX TECHNOLOGY CO. , LTD -> )
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2013-06-22] (Duplex Secure Ltd -> Duplex Secure Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-02 00:47 - 2020-03-02 00:48 - 000032445 _____ C:\Users\Martin\Desktop\FRST.txt
2020-03-02 00:22 - 2020-03-02 00:35 - 1456973247 _____ C:\Users\Martin\Downloads\Příběh Stephena Hawkinga (2).mkv
2020-03-01 23:34 - 2020-03-01 23:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2020-02-21 16:14 - 2020-02-21 16:14 - 000000000 ____D C:\Users\Martin\Documents\PCSX2
2020-02-03 20:31 - 2020-02-03 20:31 - 000075960 _____ C:\Users\Martin\Downloads\Měsíčkový krém.odt
2020-02-03 09:51 - 2020-02-03 09:51 - 008356016 _____ (Malwarebytes) C:\Users\Martin\Desktop\adwcleaner_8.0.2.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-02 00:48 - 2018-11-05 09:16 - 000000000 ____D C:\FRST
2020-03-02 00:43 - 2019-12-07 11:13 - 000003440 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2020-03-02 00:43 - 2019-12-07 11:13 - 000003312 _____ C:\Windows\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2020-03-02 00:43 - 2018-04-26 17:32 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-03-02 00:43 - 2017-04-27 19:49 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA1d2bf86f48783f1
2020-03-02 00:43 - 2017-04-27 19:49 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore1d2bf86f2add21b
2020-03-02 00:43 - 2015-12-03 17:51 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-03-02 00:43 - 2015-05-17 09:56 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-01 23:46 - 2020-01-17 22:18 - 000000000 ____D C:\Users\Martin\Desktop\FRST-OlderVersion
2020-03-01 23:46 - 2018-11-05 09:15 - 002279424 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2020-03-01 23:34 - 2019-04-07 16:46 - 000000000 ___RD C:\Users\Martin\iCloudDrive
2020-03-01 23:23 - 2019-08-14 21:01 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-01 23:15 - 2009-07-14 05:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-01 23:15 - 2009-07-14 05:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-01 23:12 - 2016-11-16 13:56 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\Mozilla
2020-03-01 23:07 - 2018-06-08 13:32 - 000000000 ____D C:\Users\Martin\AppData\Local\AVAST Software
2020-03-01 23:02 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-01 23:01 - 2019-12-07 10:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-03-01 23:01 - 2013-05-28 17:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-01 23:01 - 2012-02-20 03:21 - 000000000 ____D C:\ProgramData\NVIDIA
2020-02-24 17:42 - 2017-04-22 13:30 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-02-21 16:03 - 2017-07-23 15:50 - 000000000 ____D C:\Program Files (x86)\PCSX2 1.2.1
2020-02-21 15:02 - 2015-10-31 18:32 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-02-18 20:37 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2020-02-14 13:43 - 2019-04-22 09:03 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-02-14 13:43 - 2019-04-22 09:03 - 000003150 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-02-14 13:43 - 2018-06-08 13:33 - 000002431 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-02-14 13:43 - 2018-06-08 13:33 - 000002388 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-02-14 13:43 - 2018-06-08 13:33 - 000002388 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2020-02-03 09:30 - 2016-08-24 22:10 - 000000000 ____D C:\Users\Martin\Desktop\Školka
2020-02-01 21:36 - 2012-02-20 22:59 - 000000000 ____D C:\ProgramData\AVAST Software

==================== Files in the root of some directories ========

2008-05-22 17:35 - 2008-05-22 17:35 - 000051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 19:31 - 2009-04-08 19:31 - 000106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 06:45 - 2008-08-12 06:45 - 000155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2013-08-05 13:53 - 2013-08-05 13:53 - 000081582 _____ () C:\Users\Martin\AppData\Roaming\zulagames.ico
2012-02-21 16:06 - 2014-04-21 11:45 - 000009216 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-26 21:21 - 2013-11-03 01:22 - 000007598 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2017-04-22 15:01
==================== End of FRST.txt ========================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Program Files\ATKGFNEX\GFNEXSrv.exe
  File: C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
  
  CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
  CHR DefaultSearchKeyword: Default -> mcafee
  CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
  CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
  U4 avast! Firewall; "C:\Program Files\AVAST Software\Avast\afwServ.exe" [X]
  FirewallRules: [TCP Query User{0583A2D6-D741-4B6E-9228-C297B4D0710A}E:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr841n\easysetupassistant.exe No File
  FirewallRules: [UDP Query User{5C9FF138-06D0-4151-B44C-CB16C4C0E45F}E:\easysetupassistant\wr841n\easysetupassistant.exe] => (Allow) E:\easysetupassistant\wr841n\easysetupassistant.exe No File
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj