Prosím o kontrolu - pomalý ntb

[gomik]

Zdravíčko přeji.
Prosím o kontrolu NTB, který máme pro děti. Reinstall jsem prováděl před pár lety, to pak běželo celkem rychleji, nyní jsem upgradoval RAM na 8GB a zdá se mi že start winů je pořád pomalý. jako je to starý počítač, který máme více méně na pohádky pro děti, takže moc programů ani nemá nainstalovaných - jen taková omáčka, aby fungoval i jako na internet/dokumentz/pohádky a hdd a jiný HW bude už celkem jetý...
Nechce se mi to přeinstalovávat, proto prosím o kontrolu logu a pokud by šlo něco vylepšit, budu jen rád.

Tady je LOG:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Alexandr-Jonáš at 2020-03-26 19:26:16
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 55 GB (25%) free of 224 GB
Total RAM: 7931 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:26:28, on 26.3.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal

Running processes:
C:\Windows\snuvcdsm.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Mouse\Amoumain.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Alexandr-Jonáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII2E.EXE /EPT "EPLTarget\P0000000000000000" /M "L210 Series"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Unknown owner - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3620.132\elevation_service.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9152 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 2455616
\??\C:\Windows\system32\conhost.exe "-1630197545-1378074521145299531039147937058952257625945277-1843582221953665730
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\snuvcdsm.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
C:\Windows\System32\spoolsv.exe
"C:\Windows\PLFSetI.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\Mouse\Amoumain.exe"
"C:\Windows\System32\spool\drivers\x64\3\E_YATII2E.EXE" /EPT "EPLTarget\P0000000000000000" /M "L210 Series"
AvastUI.exe /nogui
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="73934523-2E97-2C26-E73B-8F42381A8958" /binpath="C:\Program Files\AVAST Software\Avast"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\hasplms.exe -run
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1708.0.993656287\1970780827" -parentBuildID 20200309095159 -prefsHandle 1136 -prefMapHandle 1128 -prefsLen 1 -prefMapSize 236573 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 1708 "\\.\pipe\gecko-crash-server-pipe.1708" 1224 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1708.6.848486983\1590346838" -childID 1 -isForBrowser -prefsHandle 2060 -prefMapHandle 2056 -prefsLen 377 -prefMapSize 236573 -parentBuildID 20200309095159 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 1708 "\\.\pipe\gecko-crash-server-pipe.1708" 2072 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1708.13.881190466\1075186165" -childID 2 -isForBrowser -prefsHandle 1780 -prefMapHandle 1936 -prefsLen 377 -prefMapSize 236573 -parentBuildID 20200309095159 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 1708 "\\.\pipe\gecko-crash-server-pipe.1708" 1456 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1708.20.1974277067\612511125" -childID 3 -isForBrowser -prefsHandle 3244 -prefMapHandle 3240 -prefsLen 6664 -prefMapSize 236573 -parentBuildID 20200309095159 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 1708 "\\.\pipe\gecko-crash-server-pipe.1708" 3256 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1708.27.135483654\875150911" -childID 4 -isForBrowser -prefsHandle 8420 -prefMapHandle 8416 -prefsLen 7396 -prefMapSize 236573 -parentBuildID 20200309095159 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 1708 "\\.\pipe\gecko-crash-server-pipe.1708" 8432 tab
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="1708.34.27730830\1293581940" -childID 5 -isForBrowser -prefsHandle 4200 -prefMapHandle 836 -prefsLen 9521 -prefMapSize 236573 -parentBuildID 20200309095159 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 1708 "\\.\pipe\gecko-crash-server-pipe.1708" 3184 tab
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520

"C:\Users\Alexandr-Jonáš\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Alexandr-Jonáš\AppData\Roaming\Mozilla\Firefox\Profiles\3xrprkot.default-1431447207985

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "keyword.URL" - "https://www.google.com/search?bcutc=sp-006"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.344 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.241.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.241.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.344 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll

C:\Users\Alexandr-Jonáš\AppData\Roaming\Mozilla\Firefox\Profiles\3xrprkot.default-1431447207985\searchplugins\
google-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-02-10 480320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-10 194624]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2020-01-11 18391120]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-12-10 1890088]
"PLFSetL"=C:\Windows\PLFSetL.exe [2011-01-13 99712]
"SNUVCDSM"=C:\Windows\snuvcdsm.exe [2011-01-13 30080]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2009-12-30 393256]
"PLFSetI"=C:\Windows\PLFSetI.exe [2010-01-13 206208]
"WheelMouse"=C:\Program Files\Mouse\Amoumain.exe [2008-03-07 237568]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2020-03-16 277664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII2E.EXE [2012-02-27 283232]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-03-17 98304]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2019-12-11 646160]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-03-26 19:26:16 ----D---- C:\rsit
2020-03-26 19:26:16 ----D---- C:\Program Files\trend micro
2020-03-26 16:26:36 ----D---- C:\Program Files (x86)\Microsoft Works
2020-03-26 16:25:47 ----D---- C:\Program Files (x86)\Microsoft Visual Studio
2020-03-26 16:25:16 ----D---- C:\Windows\PCHEALTH
2020-03-26 16:22:29 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2020-03-26 15:38:00 ----SHD---- C:\Config.Msi
2020-03-18 10:38:46 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2020-03-16 15:30:22 ----A---- C:\Windows\system32\aswBoot.exe
2020-03-16 15:30:19 ----A---- C:\Windows\system32\drivers\aswStm.sys
2020-03-16 15:30:19 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2020-03-16 14:23:18 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2020-03-26 19:26:27 ----D---- C:\Windows\system32\drivers\etc
2020-03-26 19:26:16 ----RD---- C:\Program Files
2020-03-26 19:23:14 ----D---- C:\Windows\system32\config
2020-03-26 19:23:06 ----D---- C:\Windows\Temp
2020-03-26 19:10:00 ----D---- C:\Windows\inf
2020-03-26 19:09:59 ----D---- C:\Windows
2020-03-26 18:51:53 ----D---- C:\Windows\System32
2020-03-26 18:48:44 ----D---- C:\Windows\SysWOW64
2020-03-26 18:47:54 ----D---- C:\Windows\system32\drivers
2020-03-26 18:27:32 ----SHD---- C:\Windows\Installer
2020-03-26 16:34:35 ----D---- C:\Windows\Minidump
2020-03-26 16:32:22 ----D---- C:\ProgramData\Microsoft Help
2020-03-26 16:32:19 ----RSD---- C:\Windows\assembly
2020-03-26 16:32:13 ----D---- C:\Windows\winsxs
2020-03-26 16:26:36 ----RD---- C:\Program Files (x86)
2020-03-26 16:26:10 ----D---- C:\Program Files (x86)\MSBuild
2020-03-26 16:26:00 ----D---- C:\Program Files (x86)\Microsoft Office
2020-03-26 16:25:47 ----D---- C:\Program Files (x86)\Common Files
2020-03-26 16:25:45 ----D---- C:\Windows\ShellNew
2020-03-26 16:25:23 ----RSD---- C:\Windows\Fonts
2020-03-26 16:25:16 ----SD---- C:\ProgramData\Microsoft
2020-03-26 16:25:16 ----D---- C:\Program Files (x86)\Microsoft.NET
2020-03-26 16:23:43 ----D---- C:\Program Files\Common Files\Microsoft Shared
2020-03-26 16:22:35 ----D---- C:\Program Files\Microsoft Office
2020-03-26 16:22:09 ----A---- C:\Windows\win.ini
2020-03-26 16:20:21 ----SHD---- C:\System Volume Information
2020-03-26 16:09:43 ----D---- C:\Windows\Microsoft.NET
2020-03-26 16:06:24 ----D---- C:\Program Files\Common Files
2020-03-26 16:06:22 ----HD---- C:\ProgramData
2020-03-26 15:39:17 ----D---- C:\Program Files\Common Files\System
2020-03-23 10:52:08 ----D---- C:\Windows\system32\NDF
2020-03-21 11:18:21 ----D---- C:\Windows\system32\Tasks
2020-03-21 11:15:31 ----D---- C:\Windows\debug
2020-03-18 10:38:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2020-03-18 10:38:49 ----D---- C:\Windows\system32\Macromed
2020-03-18 10:38:47 ----D---- C:\Windows\SYSWOW64\Macromed
2020-03-18 10:18:53 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-16 15:04:05 ----D---- C:\Windows\system32\MRT
2020-03-16 14:32:26 ----AC---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2014-09-23 83656]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2014-09-23 43720]
R0 amdide64;amdide64; C:\Windows\system32\DRIVERS\amdide64.sys [2012-12-04 11944]
R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2020-03-16 37864]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2020-03-16 206608]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2020-03-16 64272]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2020-03-16 84056]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2020-03-16 316256]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-08-23 16440]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 Amfilter;Compatible Mouse Filter Driver; C:\Windows\system32\DRIVERS\Amfltx64.sys [2007-10-15 12288]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2020-03-16 205576]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2020-03-16 271120]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2020-03-16 279360]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2020-03-16 42976]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2020-03-16 110560]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2020-03-16 848672]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2020-03-16 458584]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2020-01-11 27552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2015-09-23 109200]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2015-09-23 205528]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2020-03-16 175400]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2020-03-16 235184]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2015-09-23 350552]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2020-01-11 7877120]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2020-01-11 285696]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-04-01 104976]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2020-01-11 7788792]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2009-12-30 31784]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2020-01-11 6486608]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2020-01-11 458960]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2011-01-13 1806592]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-12-10 301104]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 multikey;Virtual USB MultiKey; C:\Windows\system32\DRIVERS\multikey.sys [2018-12-16 51584]
S3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2015-09-23 77912]
S3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2015-09-23 322560]
S3 Amusbprt;USB HID-compliant Mouse Driver; C:\Windows\system32\DRIVERS\Amusbx64.sys [2008-02-13 17920]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2009-12-30 38440]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2009-12-30 336424]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2009-12-30 246824]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2009-12-30 133672]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2019-07-30 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2019-07-30 556032]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2019-07-30 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2015-03-14 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-10-02 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-08-28 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-08-28 21160]
S3 k57nd;Broadcom NetLink Gigabit Ethernet; C:\Windows\system32\DRIVERS\k57amd64.sys [2010-03-21 334376]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-02-08 239136]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-02 213280]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-29 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-02-25 88648]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2020-01-11 203264]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2009-12-30 23592]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2020-03-16 413472]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-10-02 873248]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe [2009-12-16 3750400]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2020-03-16 6046624]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-07 164984]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-03-18 335416]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-07 164984]
S3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service; C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3620.132\elevation_service.exe [2020-03-09 973760]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 116224]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-03-16 244936]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-03-14 1255736]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[gomik]

Níže přidávám LOG.
Chtělo to dát do karantény i ovládače kamery, které byly součástí ntb, tak ty jsem tam nedal.
tady je ten log:

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-28-2020
# Duration: 00:00:14
# OS: Windows 7 Home Premium
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Alexandr-Jonáš\AppData\Roaming\DRPSu

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit
Deleted HKCU\Software\drpsu
Deleted HKLM\Software\Wow6432Node\Conduit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1678 octets] - [28/03/2020 08:29:44]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

OK. Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

[gomik]

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2020
Ran by Alexandr-Jonáš (administrator) on PC-EMACHINES (eMachines eME640) (28-03-2020 11:32:57)
Running from C:\Users\Alexandr-Jonáš\Desktop
Loaded Profiles: Alexandr-Jonáš (Available Profiles: Alexandr-Jonáš)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Mouse\Amoumain.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Atheros Communications Inc. -> ) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications Inc. -> ) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII2E.EXE
(SONIX TECHNOLOGY CO. , LTD -> ) C:\Windows\PLFSetI.exe
(SONIX TECHNOLOGY CO. , LTD -> ) C:\Windows\snuvcdsm.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2020-01-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [PLFSetL] => C:\Windows\PLFSetL.exe [99712 2011-01-13] (SONIX TECHNOLOGY CO. , LTD -> Sonix Technology Co., Ltd.)
HKLM\...\Run: [SNUVCDSM] => C:\Windows\snuvcdsm.exe [30080 2011-01-13] (SONIX TECHNOLOGY CO. , LTD -> )
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [393256 2009-12-30] (Atheros Communications Inc. -> )
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-01-13] (SONIX TECHNOLOGY CO. , LTD -> )
HKLM\...\Run: [WheelMouse] => C:\Program Files\Mouse\Amoumain.exe [237568 2008-03-07] () [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-17] (Advanced Micro Devices, Inc.) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3833999244-1194182641-1306979284-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII2E.EXE [283232 2012-02-27] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3833999244-1194182641-1306979284-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3620.132\Installer\chrmstp.exe [2020-03-20] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-10-02] (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-03-15]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {138774C9-D615-42BA-8E3C-9C377EA1BD25} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-12] (Adobe Inc. -> Adobe)
Task: {22A1E15B-E0DB-4AE2-AE0B-F705580F6795} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {27B1EE0C-7DE5-4E49-B703-4873B895A2C5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {27B1EE0C-7DE5-4E49-B703-4873B895A2C5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
Task: {27B1EE0C-7DE5-4E49-B703-4873B895A2C5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player PPAPI Notifier" /ENABLE
Task: {27B1EE0C-7DE5-4E49-B703-4873B895A2C5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {27B1EE0C-7DE5-4E49-B703-4873B895A2C5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\AutoKMS" /ENABLE
Task: {27B1EE0C-7DE5-4E49-B703-4873B895A2C5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\klcp_update" /ENABLE
Task: {27B1EE0C-7DE5-4E49-B703-4873B895A2C5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\{B4063CB1-9971-49B9-BCAD-B1505DFC5EC0}" /ENABLE
Task: {27B1EE0C-7DE5-4E49-B703-4873B895A2C5} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {4D75D59E-2EF3-4C3F-A1B7-FA4A82C74256} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
Task: {62EF7451-DC15-4C8B-9170-AD9C8EA0B6B0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-18] (Adobe Inc. -> Adobe)
Task: {6352FD84-D3B4-40B3-91AA-473F3537259C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_pepper.exe [1453624 2020-03-18] (Adobe Inc. -> Adobe)
Task: {94D3950F-F175-4FC4-9144-5F8D465917D7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-28] (Avast Software s.r.o. -> Avast Software)
Task: {B5ADE421-6DAE-44CD-9BB3-5DAA571AED3C} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {B695051C-F5C0-43A9-B7B8-778BE1D46295} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1173504 2015-02-18] () [File not signed]
Task: {C3062133-F912-4541-B5D6-9F9799BAC9FF} - System32\Tasks\{B4063CB1-9971-49B9-BCAD-B1505DFC5EC0} => C:\Windows\system32\pcalua.exe -a "F:\PROGRAMY\NEW\ePLAN\ePLAN crack pro w7x64\eplan_p8_v1.8_1.9_ALL_CRACK - použito\EPLAN P8 1.9 SP1 patch Windows x64\haspdinst.exe" -d "F:\PROGRAMY\NEW\ePLAN\ePLAN crack pro w7x64\eplan_p8_v1.8_1.9_ALL_CRACK - použito\EPLAN P8 1.9 SP1 patch Windows x64"
Task: {CD71372D-6D83-4747-97E3-E6D95A115122} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-09] (Avast Software s.r.o. -> AVAST Software)
Task: {D12A2D43-AFEB-4EA5-9E44-D2BCBD3FE0E9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {E09A1DF7-D94A-473C-842E-6EFDD741301D} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [5196288 2016-09-06] () [File not signed]
Task: {EAAB20AB-463D-4D22-AE2E-9B2DD97A10F0} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {FA960ACB-71D4-4E94-90C1-AF22DB78659C} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-03-09] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2D3380D5-9AC1-4DD8-9510-C16F4F1A448E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{33C22315-55EE-43B3-A342-5E7E1C4C7B9D}: [DhcpNameServer] 88.81.92.1 88.81.64.1

Internet Explorer:
==================
HKU\S-1-5-21-3833999244-1194182641-1306979284-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-02-10] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-10] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: 3xrprkot.default-1431447207985
FF ProfilePath: C:\Users\Alexandr-Jonáš\AppData\Roaming\Mozilla\Firefox\Profiles\3xrprkot.default-1431447207985 [2020-03-28]
FF Homepage: Mozilla\Firefox\Profiles\3xrprkot.default-1431447207985 -> www.seznam.cz
FF NewTab: Mozilla\Firefox\Profiles\3xrprkot.default-1431447207985 -> about:newtab
FF HomepageOverride: Mozilla\Firefox\Profiles\3xrprkot.default-1431447207985 -> Disabled: _ceMembers_@free.easypdfcombine.com
FF NewTabOverride: Mozilla\Firefox\Profiles\3xrprkot.default-1431447207985 -> Disabled: _ceMembers_@free.easypdfcombine.com
FF NewTabOverride: Mozilla\Firefox\Profiles\3xrprkot.default-1431447207985 -> Enabled: _j5Members_@ext.ask.com
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Alexandr-Jonáš\AppData\Roaming\Mozilla\Firefox\Profiles\3xrprkot.default-1431447207985\Extensions\sp@avast.com.xpi [2018-12-21] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/sp/update.json]
FF SearchPlugin: C:\Users\Alexandr-Jonáš\AppData\Roaming\Mozilla\Firefox\Profiles\3xrprkot.default-1431447207985\searchplugins\google-avast.xml [2018-04-25]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-12] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-12] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1235205.dll [2019-03-15] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-03-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203264 2020-01-11] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-07] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-07] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\80.0.3620.132\elevation_service.exe [973760 2020-03-09] (Avast Software s.r.o. -> AVAST Software)
R2 hasplms; C:\Windows\system32\hasplms.exe [3750400 2009-12-16] (Microsoft Windows Hardware Compatibility Publisher -> SafeNet Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [77912 2015-09-23] (SafeNet, Inc. -> SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [322560 2015-09-23] (SafeNet, Inc. -> SafeNet Inc.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [7877120 2020-01-11] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [285696 2020-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [83656 2014-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [43720 2014-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 Amfilter; C:\Windows\System32\DRIVERS\Amfltx64.sys [12288 2007-10-15] (Microsoft Windows Hardware Compatibility Publisher -> (Standard mouse types))
S3 Amusbprt; C:\Windows\System32\DRIVERS\Amusbx64.sys [17920 2008-02-13] (Microsoft Windows Hardware Compatibility Publisher -> A4Tech Co.,Ltd.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37864 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205576 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [271120 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206608 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [64272 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279360 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42976 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175400 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110560 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84056 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848672 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [458584 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235184 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316256 2020-03-16] (Avast Software s.r.o. -> AVAST Software)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104976 2016-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie.sys [16440 2009-08-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [350552 2015-09-23] (SafeNet, Inc. -> SafeNet Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-01-11] (Martin Malik - REALiX -> REALiX(tm))
S3 k57nd; C:\Windows\System32\DRIVERS\k57amd64.sys [334376 2010-03-21] (Broadcom Corporation -> Broadcom Corporation)
S2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [51584 2018-12-16] (NGO -> Chingachguk & Denger2k (Elite & SP edition))
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2011-01-13] (SONIX TECHNOLOGY CO. , LTD -> )
R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [38456 2009-12-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-28 11:32 - 2020-03-28 11:34 - 000022587 _____ C:\Users\Alexandr-Jonáš\Desktop\FRST.txt
2020-03-28 11:32 - 2020-03-28 11:33 - 000000000 ____D C:\FRST
2020-03-28 11:30 - 2020-03-28 11:30 - 002280448 _____ (Farbar) C:\Users\Alexandr-Jonáš\Desktop\FRST64.exe
2020-03-28 08:28 - 2020-03-28 08:31 - 000000000 ____D C:\AdwCleaner
2020-03-28 08:26 - 2020-03-28 08:26 - 008199856 _____ (Malwarebytes) C:\Users\Alexandr-Jonáš\Desktop\adwcleaner_8.0.3.exe
2020-03-26 19:26 - 2020-03-26 19:26 - 000000000 ____D C:\rsit
2020-03-26 19:26 - 2020-03-26 19:26 - 000000000 ____D C:\Program Files\trend micro
2020-03-26 19:25 - 2020-03-26 19:25 - 001222144 _____ C:\Users\Alexandr-Jonáš\Downloads\RSITx64.exe
2020-03-26 17:26 - 2020-03-26 17:26 - 000000000 ____D C:\Users\Alexandr-Jonáš\Downloads\cpu-z_1.90-en
2020-03-26 16:35 - 2020-03-26 16:35 - 000042290 _____ C:\Users\Alexandr-Jonáš\Documents\cc_20200326_163527.reg
2020-03-26 16:32 - 2020-03-26 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2020-03-26 16:26 - 2020-03-28 08:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2020-03-26 16:25 - 2020-03-26 16:25 - 000000000 ____D C:\Windows\PCHEALTH
2020-03-26 16:25 - 2020-03-26 16:25 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2020-03-26 16:22 - 2020-03-26 16:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2020-03-21 11:16 - 2020-03-21 11:16 - 000005878 _____ C:\Users\Alexandr-Jonáš\Documents\cc_20200321_111634.reg
2020-03-20 18:51 - 2020-03-20 18:51 - 000007606 _____ C:\Users\Alexandr-Jonáš\AppData\Local\Resmon.ResmonCfg
2020-03-18 10:38 - 2020-03-18 10:38 - 008491064 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2020-03-16 15:30 - 2020-03-16 15:29 - 000368056 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-03-16 15:30 - 2020-03-16 15:29 - 000235184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-03-16 15:30 - 2020-03-16 15:29 - 000175400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-03-16 14:23 - 2020-03-18 10:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-03-12 20:59 - 2020-03-12 20:59 - 000000153 _____ C:\Users\Alexandr-Jonáš\AppData\Local\{21780B9A-8964-4FF6-9E07-6951DBD9B957}

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-28 11:30 - 2016-09-06 20:48 - 000003758 _____ C:\Windows\system32\Tasks\AutoKMS
2020-03-28 11:26 - 2018-04-07 08:20 - 000000000 ____D C:\Users\Alexandr-Jonáš\AppData\Local\AVAST Software
2020-03-28 11:25 - 2016-11-17 10:12 - 000000000 ____D C:\Users\Alexandr-Jonáš\AppData\LocalLow\Mozilla
2020-03-28 11:22 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-28 10:29 - 2009-07-14 05:45 - 000018224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-28 10:29 - 2009-07-14 05:45 - 000018224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-28 10:00 - 2009-07-14 03:34 - 000000478 _____ C:\Windows\win.ini
2020-03-28 08:27 - 2019-02-12 17:46 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-03-26 19:54 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-03-26 17:21 - 2015-03-14 10:32 - 000112336 _____ C:\Users\Alexandr-Jonáš\AppData\Local\GDIPFONTCACHEV1.DAT
2020-03-26 16:44 - 2009-07-14 05:45 - 000438864 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-26 16:34 - 2018-02-06 14:19 - 000000000 ____D C:\Windows\Minidump
2020-03-26 16:26 - 2015-03-14 16:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-03-26 16:26 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2020-03-26 16:25 - 2009-07-14 16:36 - 000000000 ____D C:\Windows\ShellNew
2020-03-26 16:23 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2020-03-26 16:22 - 2016-09-04 11:51 - 000000000 ____D C:\Program Files\Microsoft Office
2020-03-26 15:39 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\System
2020-03-26 12:19 - 2020-01-11 11:43 - 000004366 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-03-26 12:19 - 2018-03-13 18:27 - 000004554 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-03-26 12:19 - 2016-11-17 09:38 - 000003532 _____ C:\Windows\system32\Tasks\{B4063CB1-9971-49B9-BCAD-B1505DFC5EC0}
2020-03-26 12:19 - 2015-05-18 18:38 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-26 12:19 - 2015-03-14 18:25 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-03-26 12:19 - 2015-03-14 15:07 - 000003722 _____ C:\Windows\system32\Tasks\klcp_update
2020-03-26 11:55 - 2015-12-03 16:44 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-03-23 10:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2020-03-21 11:17 - 2015-11-12 17:14 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-20 18:51 - 2016-09-04 12:43 - 000000000 ____D C:\Users\Alexandr-Jonáš\Documents\Pohádky
2020-03-20 18:36 - 2019-04-17 18:46 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-03-20 18:36 - 2019-04-17 18:46 - 000003150 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-03-20 18:36 - 2018-04-07 08:24 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-03-18 10:38 - 2015-03-14 18:25 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-03-18 10:38 - 2015-03-14 18:25 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-03-18 10:38 - 2015-03-14 18:25 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-03-18 10:38 - 2015-03-14 18:25 - 000000000 ____D C:\Windows\system32\Macromed
2020-03-18 10:18 - 2015-03-14 14:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-03-16 15:30 - 2015-03-14 12:13 - 000458584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-03-16 15:29 - 2019-02-14 18:24 - 000279360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2020-03-16 15:29 - 2018-10-22 18:11 - 000042976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-03-16 15:29 - 2015-03-14 12:13 - 000316256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-03-16 15:29 - 2015-03-14 12:13 - 000110560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-03-16 15:29 - 2015-03-14 12:13 - 000084056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-03-16 15:28 - 2019-01-14 18:13 - 000271120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-03-16 15:28 - 2019-01-04 19:28 - 000206608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-03-16 15:28 - 2019-01-04 19:28 - 000064272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-03-16 15:28 - 2019-01-04 19:28 - 000037864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-03-16 15:28 - 2017-11-11 05:58 - 000205576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-03-16 15:28 - 2015-03-14 12:13 - 000848672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-03-16 15:04 - 2015-03-14 11:31 - 000000000 ____D C:\Windows\system32\MRT
2020-03-16 14:32 - 2015-03-14 11:31 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2020-03-20 18:51 - 2020-03-20 18:51 - 000007606 _____ () C:\Users\Alexandr-Jonáš\AppData\Local\Resmon.ResmonCfg
2019-11-30 19:24 - 2019-11-30 19:24 - 000000000 _____ () C:\Users\Alexandr-Jonáš\AppData\Local\{15CF4A8E-AF95-4A7F-AFE9-BBABA3658857}
2020-03-12 20:59 - 2020-03-12 20:59 - 000000153 _____ () C:\Users\Alexandr-Jonáš\AppData\Local\{21780B9A-8964-4FF6-9E07-6951DBD9B957}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-02-07 17:43
==================== End of FRST.txt ========================

[gomik]

ADDITION:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-03-2020
Ran by Alexandr-Jonáš (28-03-2020 11:35:50)
Running from C:\Users\Alexandr-Jonáš\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-03-14 08:26:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3833999244-1194182641-1306979284-500 - Administrator - Disabled)
Alexandr-Jonáš (S-1-5-21-3833999244-1194182641-1306979284-1000 - Administrator - Enabled) => C:\Users\Alexandr-Jonáš
Guest (S-1-5-21-3833999244-1194182641-1306979284-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3833999244-1194182641-1306979284-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2X-iOfficeWorks 7.80 (HKLM\...\WheelMouse) (Version: - )
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.344 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.344 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.5.205 - Adobe, Inc.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ATI Catalyst Install Manager (HKLM\...\{6F43CF39-8B2F-546B-57E3-4803E935C465}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.0.3620.132 - Autoři prohlížeče Avast Secure Browser)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 6.04.002.3 - Atheros Communications)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
ccc-core-static (HKLM-x32\...\{B284EA3C-8391-5648-BFC4-800A44D01ADA}) (Version: 2010.0317.2140.37057 - Název společnosti:) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
EPSON L210 Series Printer Uninstall (HKLM\...\EPSON L210 Series) (Version: - SEIKO EPSON Corporation)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
K-Lite Codec Pack 11.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3833999244-1194182641-1306979284-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 74.0 (x64 cs) (HKLM\...\Mozilla Firefox 74.0 (x64 cs)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 74.0.0.7373 - Mozilla)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30113 - Realtek Semiconductor Corp.)
Software Bluetooth WIDCOMM (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.800 - Broadcom)
Super Minds Level 1 (HKLM-x32\...\{7ABB9B2A-F756-4EC9-9130-BBCCD19B5B28}) (Version: 1.0.0 - Cambridge)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
Šikula - veselá písmenka (HKLM-x32\...\SmartKid_ABC_CS_CZ_is1) (Version: 1.07 - 1st EasySoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Video Web Camera (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.1.4.1 - Suyin Optronics Corp)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (HKLM\...\3932CA781A7894D20116FDF60F878301800EA8AB) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3833999244-1194182641-1306979284-1000_Classes\CLSID\{42329b89-8189-238a-1f57-7ba692d8f9e22}\InprocServer32 -> 0x774A24ADED99D401C798E01407A2D401020000000400000014000000 => No File
CustomCLSID: HKU\S-1-5-21-3833999244-1194182641-1306979284-1000_Classes\CLSID\{fa8c83be-7ace-f164-570e-03e95d4e1e911}\InprocServer32 -> 0x3167414941424973363974496E3951424541446C4B33386645676F716B32497A476C614F5566627A515142506432356C636A31515A585279595342456232316C633239327736456A554574554D5431695A6D5A6D4E5467785A5451325A44457A4E544D (the data entry has 218 more characters). => No File
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-16] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2009-12-30] (Atheros Communications Inc. -> TODO: <Company name>)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-03-17] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-16] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-03-14 10:28 - 2015-03-14 10:28 - 000007168 _____ ( ) [File not signed] C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
2010-03-08 10:57 - 2010-03-08 10:57 - 000016384 ____R () [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000270336 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3728.37034__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3728.37146__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3728.37034__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3728.37039__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3728.37029__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3728.37155__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3728.37155__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3728.37034__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3728.37035__90ba9c70f846762e\AEM.Server.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3728.37035__90ba9c70f846762e\AEM.Server.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3728.37030__90ba9c70f846762e\APM.Foundation.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000019456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3728.37141__90ba9c70f846762e\CCC.Implementation.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3728.37062__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000397312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3728.37093__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3728.37093__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3728.37092__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000069632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3728.37103__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3728.37103__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3728.37062__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3728.37051__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000307200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3728.37071__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3728.37051__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000077824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3728.37125__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3728.37125__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000573440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3728.37066__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3728.37070__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3728.37051__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 001708032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3728.37183__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3728.37100__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3728.37099__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3728.37099__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3728.37052__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3728.37039__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000196608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3728.37066__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000204800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3728.37065__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000827392 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3728.37094__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3728.37093__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3728.37083__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000409600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3728.37118__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000118784 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3728.37147__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3728.37146__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3728.37119__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000356352 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3728.37109__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3728.37108__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000057344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3728.37108__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3728.37109__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3728.37147__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000491520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3728.37148__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3728.37183__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000009728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3728.37148__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3728.37050__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000073728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3728.37051__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3728.37064__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3728.37058__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3728.37058__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3728.37030__90ba9c70f846762e\CLI.Component.Client.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3728.37044__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3728.37030__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3728.37035__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3728.37034__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3728.37033__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000057344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3728.37038__90ba9c70f846762e\CLI.Component.SkinFactory.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3728.37057__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3728.37031__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3728.37033__90ba9c70f846762e\CLI.Foundation.Private.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3728.37141__90ba9c70f846762e\CLI.Foundation.XManifest.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000098304 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3728.37029__90ba9c70f846762e\CLI.Foundation.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3728.37039__90ba9c70f846762e\DEM.Graphics.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3728.37032__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3728.37139__90ba9c70f846762e\LOG.Foundation.Implementation.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000036864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3728.37031__90ba9c70f846762e\LOG.Foundation.Private.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3728.37027__90ba9c70f846762e\LOG.Foundation.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3728.37032__90ba9c70f846762e\MOM.Foundation.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000106496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3728.37142__90ba9c70f846762e\MOM.Implementation.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3728.37029__90ba9c70f846762e\NEWAEM.Foundation.dll
2009-12-11 12:09 - 2009-12-11 12:09 - 000073728 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2009-06-17 05:27 - 2009-06-17 05:27 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2008-04-03 16:29 - 2008-04-03 16:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2009-04-22 12:13 - 2009-04-22 12:13 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2008-12-30 11:04 - 2008-12-30 11:04 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2009-06-17 10:24 - 2009-06-17 10:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2009-12-08 06:49 - 2009-12-08 06:49 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000061440 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3728.37036__90ba9c70f846762e\APM.Server.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000376832 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3728.37087__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3728.37092__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000323584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3728.37102__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000036864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3728.37101__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000053248 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3728.37091__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 001294336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3728.37179__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000040960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3728.37044__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 001220608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3728.37046__90ba9c70f846762e\CLI.Component.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000061440 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3728.37037__90ba9c70f846762e\CLI.Component.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000405504 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3728.37057__90ba9c70f846762e\CLI.Component.Wizard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000007168 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3728.37037__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000065536 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3728.37149__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000380928 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3728.37040__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000151552 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3728.37032__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
2015-03-14 10:28 - 2015-03-14 10:28 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2015-03-14 12:30 - 2015-03-14 12:30 - 000113152 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_ca3f79d486b08636\ATL80.DLL
2015-03-14 12:31 - 2015-03-14 12:31 - 001656320 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80.DLL
2015-03-14 12:31 - 2015-03-14 12:31 - 001652736 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80U.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2020-03-26 19:26 - 000000844 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64
HKU\S-1-5-21-3833999244-1194182641-1306979284-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alexandr-Jonáš\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A990D91A-8885-418D-81F9-E7C029B643FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9634059B-4B83-4942-BFBE-4CD598AFE8A8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{90B00FA6-8C9A-482D-96DF-C3EE8FD46E5B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{8896128A-514F-4A04-BAB0-056518D68529}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{54751B8B-3738-4F28-B2F4-49DEB3EA2488}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7AAE62C3-F393-4DA6-9A92-D948DA5D81D8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6402C264-5AC5-4188-825F-627BE5FC0ABA}] => (Allow) C:\Users\Alexandr-Jonáš\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DCC448BB-4D02-472B-A948-E41AA1A04CE5}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

26-03-2020 16:20:13 Installed Microsoft Office Enterprise 2007
28-03-2020 08:29:05 Windows Update
28-03-2020 09:14:50 Windows Update
28-03-2020 09:57:00 Windows Update

==================== Faulty Device Manager Devices ============

Name: Virtual USB MultiKey
Description: Virtual USB MultiKey
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: multikey
Problem: : The software for this device has been blocked from starting because it is known to have problems with Windows. Contact the hardware vendor for a new driver. (Code 48)
Resolution: Download the latest drivers from the manufacturer, uninstall the current driver, and then install the latest drivers.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/28/2020 11:29:06 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (03/28/2020 11:25:37 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: \Device\NetBT_Tcpip_{2D3380D5-9AC1-4DD8-9510-C16F4F1A448E}

Error: (03/28/2020 10:36:22 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: \Device\NetBT_Tcpip_{2D3380D5-9AC1-4DD8-9510-C16F4F1A448E}

Error: (03/28/2020 10:27:31 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (03/28/2020 09:45:33 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (03/28/2020 09:39:03 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: \Device\NetBT_Tcpip_{2D3380D5-9AC1-4DD8-9510-C16F4F1A448E}

Error: (03/28/2020 08:59:34 AM) (Source: BROWSER) (EventID: 8032) (User: )
Description: \Device\NetBT_Tcpip_{2D3380D5-9AC1-4DD8-9510-C16F4F1A448E}

Error: (03/28/2020 08:33:24 AM) (Source: MsiInstaller) (EventID: 11704) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Shared 64-bit MUI (Czech) 2007 – Chyba 1704 Instalace produktu Microsoft Office Enterprise 2007 je pozastavena. Chcete-li pokračovat, je nutné vrátit zpět změny provedené při instalaci. Chcete tyto změny vrátit zpět?


System errors:
=============
Error: (03/28/2020 11:29:00 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (03/28/2020 11:22:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Virtual USB MultiKey neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (03/28/2020 11:22:18 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\system32\DRIVERS\multikey.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (03/28/2020 11:21:50 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\system32\DRIVERS\multikey.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (03/28/2020 10:18:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Virtual USB MultiKey neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (03/28/2020 10:18:22 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\system32\DRIVERS\multikey.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (03/28/2020 10:17:55 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\system32\DRIVERS\multikey.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (03/28/2020 09:36:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Virtual USB MultiKey neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.


Windows Defender:
===================================
Date: 2016-04-03 10:54:03.927
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{0F744763-54D9-4633-A464-4954F132A8A9}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

CodeIntegrity:
===================================

Date: 2020-03-28 11:22:18.796
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-28 11:22:09.436
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-28 11:21:50.030
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-28 11:21:41.715
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-28 10:18:22.751
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-28 10:18:14.336
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-28 10:17:55.226
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-03-28 10:17:47.426
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\multikey.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: eMachines V1.05 05/11/2010
Motherboard: eMachines eME640
Processor: AMD Athlon(tm) II P320 Dual-Core Processor
Percentage of memory in use: 50%
Total physical RAM: 7930.9 MB
Available physical RAM: 3904.16 MB
Total Virtual: 15859.94 MB
Available Virtual: 11802.38 MB

==================== Drives ================================

Drive c: (eMachines) (Fixed) (Total:218.78 GB) (Free:48.1 GB) NTFS
Drive e: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{cefd36e1-ca1e-11e4-855c-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:14 GB) (Free:2.13 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 82538859)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3833999244-1194182641-1306979284-1000_Classes\CLSID\{42329b89-8189-238a-1f57-7ba692d8f9e22}\InprocServer32 -> 0x774A24ADED99D401C798E01407A2D401020000000400000014000000 => No File
0x3167414941424973363974496E3951424541446C4B33386645676F716B32497A476C614F5566627A515142506432356C636A31515A585279595342456232316C633239327736456A554574554D5431695A6D5A6D4E5467785A5451325A44457A4E544D (the data entry has 218 more characters). => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {E09A1DF7-D94A-473C-842E-6EFDD741301D} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [5196288 2016-09-06] () [File not signed]
C:\Users\Alexandr-Jonáš\AppData\Local\{15CF4A8E-AF95-4A7F-AFE9-BBABA3658857}
C:\Users\Alexandr-Jonáš\AppData\Local\{21780B9A-8964-4FF6-9E07-6951DBD9B957}

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[gomik]

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-03-2020
Ran by Alexandr-Jonáš (28-03-2020 12:46:15) Run:1
Running from C:\Users\Alexandr-Jonáš\Desktop
Loaded Profiles: Alexandr-Jonáš (Available Profiles: Alexandr-Jonáš)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-3833999244-1194182641-1306979284-1000_Classes\CLSID\{42329b89-8189-238a-1f57-7ba692d8f9e22}\InprocServer32 -> 0x774A24ADED99D401C798E01407A2D401020000000400000014000000 => No File
0x3167414941424973363974496E3951424541446C4B33386645676F716B32497A476C614F5566627A515142506432356C636A31515A585279595342456232316C633239327736456A554574554D5431695A6D5A6D4E5467785A5451325A44457A4E544D (the data entry has 218 more characters). => No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {E09A1DF7-D94A-473C-842E-6EFDD741301D} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [5196288 2016-09-06] () [File not signed]
C:\Users\Alexandr-Jon�\AppData\Local\{15CF4A8E-AF95-4A7F-AFE9-BBABA3658857}
C:\Users\Alexandr-Jon�\AppData\Local\{21780B9A-8964-4FF6-9E07-6951DBD9B957}

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-3833999244-1194182641-1306979284-1000_Classes\CLSID\{42329b89-8189-238a-1f57-7ba692d8f9e22} => removed successfully
0x3167414941424973363974496E3951424541446C4B33386645676F716B32497A476C614F5566627A515142506432356C636A31515A585279595342456232316C633239327736456A554574554D5431695A6D5A6D4E5467785A5451325A44457A4E544D (the data entry has 218 more characters). => No File => Error: No automatic fix found for this entry.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{E09A1DF7-D94A-473C-842E-6EFDD741301D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E09A1DF7-D94A-473C-842E-6EFDD741301D}" => removed successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"C:\Users\Alexandr-Jon�\AppData\Local\{15CF4A8E-AF95-4A7F-AFE9-BBABA3658857}" => not found
"C:\Users\Alexandr-Jon�\AppData\Local\{21780B9A-8964-4FF6-9E07-6951DBD9B957}" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12696201 B
Java, Flash, Steam htmlcache => 1171 B
Windows/system/drivers => 898330054 B
Edge => 0 B
Chrome => 0 B
Firefox => 149012997 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 60233419 B
systemprofile32 => 60302841 B
LocalService => 60369069 B
NetworkService => 60435297 B
Alexandr-Jonáš => 407631699 B

RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:46:36 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[gomik]

Ale jo, počítač je kapku svižnější.
Počítač startuje o minutu rychleji (takže jen 7 minut), a jak vše naběhne, tak to vypadá, že reaguje svižněji.
Průzkumník, internet apod... načítá se to lépe.

děkuji moc za pomoc!
posílám příspěvek

[Rudy]

Ještě můžete zkusit defragmentovat disk. Nemáte zač a za příspěvek děkujeme!