VIRY.CZ

Dobrý den,
chci vás moc poprosit o preventivní kontrolu logu z RSIT. PC nebyl nějakou dobu kontrolován pořádně do hloubky, včera mi vyskočila BSOD asi kvůli nesprávné přeinstalaci ovladačů a programů, tak chci mít jistotu. Děkuji a zde posílám log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2020-07-24 11:40:13
Microsoft Windows 8.1
System drive C: has 374 GB (40%) free of 937 GB
Total RAM: 16330 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:40:18, on 24. 7. 2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Lenka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [DropboxOEM] "C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe" auto
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIJCE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-600 Series"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{174806FC-C0FF-4257-BC8A-A936A1690BAC}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{174806FC-C0FF-4257-BC8A-A936A1690BAC}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\AVGSvc.exe
O23 - Service: AVG Firewall Service (AVG Firewall) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\afwServ.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12081 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVG\Antivirus\AVGSvc.exe" /runassvc
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVG\Antivirus\afwServ.exe"
"C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe"
dashost.exe {0b9b76b8-9a4e-4c13-b8ccbbfdb7ad1260}
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\SysWOW64\PnkBstrA.exe
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\EscSvc64.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVG\Antivirus\aswidsagent.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
taskhost.exe $(Arg0)
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
AVGUI.exe /nogui
"C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe"
"C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\AVG\Antivirus\AVGUI.exe" --type=gpu-process --field-trial-handle=3748,12114497468284932437,16248506208959487657,131072 --no-sandbox --log-file="C:\Users\Lenka\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.5.3130)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAMAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=2971996631367534095 --mojo-platform-channel-handle=3320 /prefetch:2
"C:\Program Files (x86)\HP\Shared\hpqwmiex.exe"
"C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe" --ran-launcher --started-from-shortcut
"C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe" --type=gpu-process --field-trial-handle=1276,7549859343274102041,17060162635403745603,131072 --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --service-request-channel-token=18172347298624652430 --mojo-platform-channel-handle=1304 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe" --type=renderer --field-trial-handle=1276,7549859343274102041,17060162635403745603,131072 --service-pipe-token=17347978989959438120 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17347978989959438120 --renderer-client-id=3 --mojo-platform-channel-handle=2308 /prefetch:1
"C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe" --type=renderer --field-trial-handle=1276,7549859343274102041,17060162635403745603,131072 --service-pipe-token=14311862476438963278 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14311862476438963278 --renderer-client-id=4 --mojo-platform-channel-handle=2280 /prefetch:1
"C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe" --type=renderer --field-trial-handle=1276,7549859343274102041,17060162635403745603,131072 --service-pipe-token=8307737357897758018 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8307737357897758018 --renderer-client-id=5 --mojo-platform-channel-handle=2676 /prefetch:1
"C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe" --type=renderer --field-trial-handle=1276,7549859343274102041,17060162635403745603,131072 --service-pipe-token=1845615459476966842 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1845615459476966842 --renderer-client-id=6 --mojo-platform-channel-handle=2696 /prefetch:1
"C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe" --type=renderer --field-trial-handle=1276,7549859343274102041,17060162635403745603,131072 --service-pipe-token=13849054602504797129 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13849054602504797129 --renderer-client-id=7 --mojo-platform-channel-handle=2708 /prefetch:1
"C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe" --type=renderer --field-trial-handle=1276,7549859343274102041,17060162635403745603,131072 --service-pipe-token=5794632407341860673 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5794632407341860673 --renderer-client-id=8 --mojo-platform-channel-handle=2716 /prefetch:1
"C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe" --type=renderer --field-trial-handle=1276,7549859343274102041,17060162635403745603,131072 --service-pipe-token=18184481445275498510 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18184481445275498510 --renderer-client-id=12 --mojo-platform-channel-handle=3652 /prefetch:1
"C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe" --type=renderer --field-trial-handle=1276,7549859343274102041,17060162635403745603,131072 --service-pipe-token=8263866489230123654 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8263866489230123654 --renderer-client-id=13 --mojo-platform-channel-handle=4088 /prefetch:1
"C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe" --type=renderer --field-trial-handle=1276,7549859343274102041,17060162635403745603,131072 --service-pipe-token=3445630852681188095 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3445630852681188095 --renderer-client-id=19 --mojo-platform-channel-handle=912 /prefetch:1
"C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe" --type=renderer --field-trial-handle=1276,7549859343274102041,17060162635403745603,131072 --service-pipe-token=10802898678079241083 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10802898678079241083 --renderer-client-id=26 --mojo-platform-channel-handle=6560 /prefetch:1
taskhost.exe /RuntimeWide
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19750_none_fa39f32f9b2d0928\TiWorker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 560 568 576 65536 572

C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe" --type=renderer --field-trial-handle=1276,7549859343274102041,17060162635403745603,131072 --service-pipe-token=10130476983746968767 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=10130476983746968767 --renderer-client-id=47 --mojo-platform-channel-handle=8428 /prefetch:1
"C:\Users\Lenka\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\HPCeeScheduleForLenka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForLenka (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-02-17 228968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-07-24 736424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-07-24 350888]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-02-17 163440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25 585568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27 416288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2020-03-24 9277520]
"AVGUI.exe"=C:\Program Files\AVG\Antivirus\AvLaunch.exe [2020-07-06 156808]
"HP Remote Solution"=C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [2013-06-11 791040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPLTarget\P0000000000000000"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIJCE.EXE [2012-02-29 283232]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DropboxOEM"=C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2014-09-02 462160]
"EEventManager"=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2012-01-26 1058400]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-12-09 336992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2020-06-18 710264]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\amsdk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-07-24 11:40:13 ----D---- C:\rsit
2020-07-24 11:40:13 ----D---- C:\Program Files\trend micro
2020-07-24 11:38:46 ----D---- C:\FRST
2020-07-24 01:16:54 ----D---- C:\Program Files\Common Files\AV
2020-07-24 01:11:05 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
2020-07-15 16:04:31 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2020-07-15 16:04:31 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2020-07-15 16:04:31 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2020-07-15 16:04:31 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2020-07-15 16:04:31 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-07-15 16:04:31 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2020-07-15 16:04:31 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-07-15 16:04:31 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2020-07-15 16:04:29 ----A---- C:\WINDOWS\SYSWOW64\nvwgf2um.dll
2020-07-15 16:04:29 ----A---- C:\WINDOWS\SYSWOW64\nvumdshim.dll
2020-07-15 16:04:28 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler32.dll
2020-07-15 16:04:28 ----A---- C:\WINDOWS\system32\nvrtum64.dll
2020-07-15 16:04:28 ----A---- C:\WINDOWS\system32\nvptxJitCompiler64.dll
2020-07-15 16:04:27 ----A---- C:\WINDOWS\system32\nvoptix.dll
2020-07-15 16:04:26 ----A---- C:\WINDOWS\SYSWOW64\nvopencl32.dll
2020-07-15 16:04:26 ----A---- C:\WINDOWS\system32\nvopencl64.dll
2020-07-15 16:04:26 ----A---- C:\WINDOWS\system32\nvoglv64.dll
2020-07-15 16:04:25 ----A---- C:\WINDOWS\SYSWOW64\nvoglv32.dll
2020-07-15 16:04:25 ----A---- C:\WINDOWS\SYSWOW64\nvoglshim32.dll
2020-07-15 16:04:25 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2020-07-15 16:04:25 ----A---- C:\WINDOWS\system32\nvoglshim64.dll
2020-07-15 16:04:25 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2020-07-15 16:04:25 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2020-07-15 16:04:24 ----A---- C:\WINDOWS\SYSWOW64\nvinit.dll
2020-07-15 16:04:24 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2020-07-15 16:04:24 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2020-07-15 16:04:24 ----A---- C:\WINDOWS\system32\nvinitx.dll
2020-07-15 16:04:24 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2020-07-15 16:04:24 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2020-07-15 16:04:24 ----A---- C:\WINDOWS\system32\drivers\nvlddmkm.sys
2020-07-15 16:04:23 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2020-07-15 16:04:23 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2020-07-15 16:04:23 ----A---- C:\WINDOWS\SYSWOW64\nvdlist.dll
2020-07-15 16:04:23 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2020-07-15 16:04:23 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-07-15 16:04:23 ----A---- C:\WINDOWS\system32\nvdlistx.dll
2020-07-15 16:04:23 ----A---- C:\WINDOWS\system32\nvdispgenco6445167.dll
2020-07-15 16:04:23 ----A---- C:\WINDOWS\system32\nvdispco6445167.dll
2020-07-15 16:04:22 ----A---- C:\WINDOWS\SYSWOW64\nvd3dum.dll
2020-07-15 16:04:22 ----A---- C:\WINDOWS\system32\nvd3dumx.dll
2020-07-15 16:04:22 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2020-07-15 16:04:21 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2020-07-15 16:04:21 ----A---- C:\WINDOWS\system32\nvcuda.dll
2020-07-15 16:04:19 ----A---- C:\WINDOWS\SYSWOW64\nvcompiler32.dll
2020-07-15 16:04:19 ----A---- C:\WINDOWS\system32\nvcompiler64.dll
2020-07-15 16:04:19 ----A---- C:\WINDOWS\system32\nvcbl64.dll
2020-07-15 11:23:40 ----A---- C:\WINDOWS\system32\mshtml.dll
2020-07-15 11:23:39 ----A---- C:\WINDOWS\system32\shell32.dll
2020-07-15 11:23:38 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2020-07-15 11:23:37 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2020-07-15 11:23:37 ----A---- C:\WINDOWS\system32\twinui.dll
2020-07-15 11:23:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2020-07-15 11:23:36 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2020-07-15 11:23:36 ----A---- C:\WINDOWS\system32\mstscax.dll
2020-07-15 11:23:35 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-07-15 11:23:35 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-07-15 11:23:35 ----A---- C:\WINDOWS\system32\msxml6.dll
2020-07-15 11:23:34 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2020-07-15 11:23:33 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2020-07-15 11:23:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2020-07-15 11:23:32 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2020-07-15 11:23:32 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2020-07-15 11:23:32 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-07-15 11:23:32 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2020-07-15 11:23:32 ----A---- C:\WINDOWS\system32\gdi32.dll
2020-07-15 11:23:31 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2020-07-15 11:23:31 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2020-07-15 11:23:31 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-07-15 11:23:31 ----A---- C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-07-15 11:23:31 ----A---- C:\WINDOWS\system32\jscript9.dll
2020-07-15 11:23:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2020-07-15 11:23:30 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2020-07-15 11:23:30 ----A---- C:\WINDOWS\system32\SHCore.dll
2020-07-15 11:23:29 ----A---- C:\WINDOWS\system32\diagtrack.dll
2020-07-15 11:23:28 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2020-07-15 11:23:27 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2020-07-15 11:23:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.SmartCards.dll
2020-07-15 11:23:26 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2020-07-15 11:23:26 ----A---- C:\WINDOWS\system32\upnphost.dll
2020-07-15 11:23:25 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2020-07-15 11:23:25 ----A---- C:\WINDOWS\system32\oleaut32.dll
2020-07-15 11:23:24 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2020-07-15 11:23:24 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2020-07-15 11:23:24 ----A---- C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-07-15 11:23:24 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-07-15 11:23:23 ----A---- C:\WINDOWS\SYSWOW64\upnphost.dll
2020-07-15 11:23:23 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2020-07-15 11:23:23 ----A---- C:\WINDOWS\system32\msv1_0.dll
2020-07-15 11:23:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2020-07-15 11:23:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.PointOfService.dll
2020-07-15 11:23:21 ----A---- C:\WINDOWS\SYSWOW64\tsmf.dll
2020-07-15 11:23:21 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2020-07-15 11:23:21 ----A---- C:\WINDOWS\system32\tsmf.dll
2020-07-15 11:23:21 ----A---- C:\WINDOWS\system32\schannel.dll
2020-07-15 11:23:21 ----A---- C:\WINDOWS\system32\rasapi32.dll
2020-07-15 11:23:21 ----A---- C:\WINDOWS\system32\profsvc.dll
2020-07-15 11:23:21 ----A---- C:\WINDOWS\system32\nlasvc.dll
2020-07-15 11:23:21 ----A---- C:\WINDOWS\system32\lsasrv.dll
2020-07-15 11:23:21 ----A---- C:\WINDOWS\system32\kerberos.dll
2020-07-15 11:23:20 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2020-07-15 11:23:20 ----A---- C:\WINDOWS\SYSWOW64\netprofm.dll
2020-07-15 11:23:20 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2020-07-15 11:23:20 ----A---- C:\WINDOWS\system32\wer.dll
2020-07-15 11:23:20 ----A---- C:\WINDOWS\system32\user32.dll
2020-07-15 11:23:20 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2020-07-15 11:23:20 ----A---- C:\WINDOWS\system32\sechost.dll
2020-07-15 11:23:20 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2020-07-15 11:23:20 ----A---- C:\WINDOWS\system32\netprofm.dll
2020-07-15 11:23:20 ----A---- C:\WINDOWS\system32\netman.dll
2020-07-15 11:23:20 ----A---- C:\WINDOWS\system32\ncsi.dll
2020-07-15 11:23:20 ----A---- C:\WINDOWS\system32\DWrite.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\SYSWOW64\fdWSD.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\SYSWOW64\easwrt.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\system32\WebcamUi.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\system32\FntCache.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\system32\fdWSD.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\system32\easwrt.dll
2020-07-15 11:23:19 ----A---- C:\WINDOWS\system32\atmfd.dll
2020-07-15 11:23:18 ----A---- C:\WINDOWS\SYSWOW64\WebcamUi.dll
2020-07-15 11:23:18 ----A---- C:\WINDOWS\SYSWOW64\wdigest.dll
2020-07-15 11:23:18 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2020-07-15 11:23:18 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2020-07-15 11:23:18 ----A---- C:\WINDOWS\system32\wdigest.dll
2020-07-15 11:23:18 ----A---- C:\WINDOWS\system32\vbscript.dll
2020-07-15 11:23:18 ----A---- C:\WINDOWS\system32\pku2u.dll
2020-07-15 11:23:18 ----A---- C:\WINDOWS\system32\logoncli.dll
2020-07-15 11:23:18 ----A---- C:\WINDOWS\system32\keyiso.dll
2020-07-15 11:23:18 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2020-07-15 11:23:18 ----A---- C:\WINDOWS\system32\dxtrans.dll
2020-07-15 11:23:18 ----A---- C:\WINDOWS\system32\AxInstSv.dll
2020-07-15 11:23:18 ----A---- C:\WINDOWS\splwow64.exe
2020-07-15 11:23:16 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2020-07-15 11:23:16 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2020-07-15 11:23:16 ----A---- C:\WINDOWS\SYSWOW64\keyiso.dll
2020-07-15 11:23:16 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2020-07-15 11:23:16 ----A---- C:\WINDOWS\system32\mshtmled.dll
2020-07-15 11:23:16 ----A---- C:\WINDOWS\system32\fontsub.dll
2020-07-15 11:23:15 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2020-07-15 11:23:15 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2020-07-15 11:23:15 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2020-07-15 11:23:15 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2020-07-15 11:23:15 ----A---- C:\WINDOWS\system32\wininet.dll
2020-07-15 11:23:15 ----A---- C:\WINDOWS\system32\netlogon.dll
2020-07-15 11:23:15 ----A---- C:\WINDOWS\system32\mf3216.dll
2020-07-15 11:23:15 ----A---- C:\WINDOWS\system32\certcli.dll
2020-07-15 11:23:15 ----A---- C:\WINDOWS\system32\bootux.dll
2020-07-15 11:23:14 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2020-07-15 11:23:14 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2020-07-15 11:23:14 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2020-07-15 11:23:14 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2020-07-15 11:23:14 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2020-07-15 11:23:14 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2020-07-15 11:23:14 ----A---- C:\WINDOWS\system32\urlmon.dll
2020-07-15 11:23:14 ----A---- C:\WINDOWS\system32\msfeeds.dll
2020-07-15 11:23:14 ----A---- C:\WINDOWS\system32\jscript.dll
2020-07-15 11:23:14 ----A---- C:\WINDOWS\system32\inetcomm.dll
2020-07-15 11:23:14 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2020-07-14 14:50:06 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2020-07-06 11:31:41 ----A---- C:\WINDOWS\system32\avgBoot.exe
2020-07-06 11:31:40 ----A---- C:\WINDOWS\system32\drivers\avgStm.sys
2020-07-06 11:31:39 ----A---- C:\WINDOWS\system32\drivers\avgMonFlt.sys
2020-06-25 03:14:16 ----A---- C:\WINDOWS\system32\nvhdap64.dll
2020-06-25 03:14:16 ----A---- C:\WINDOWS\system32\drivers\nvhda64v.sys
2020-06-25 03:14:15 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2020-06-25 03:14:15 ----A---- C:\WINDOWS\system32\nvdispgenco6445148.dll
2020-06-25 03:14:15 ----A---- C:\WINDOWS\system32\nvdispco6445148.dll

======List of files/folders modified in the last 1 month======

2020-07-24 11:40:13 ----RD---- C:\Program Files
2020-07-24 11:38:48 ----D---- C:\WINDOWS\Temp
2020-07-24 11:30:00 ----D---- C:\WINDOWS\Microsoft.NET
2020-07-24 11:29:45 ----D---- C:\WINDOWS\Prefetch
2020-07-24 11:02:01 ----D---- C:\WINDOWS\system32\sru
2020-07-24 10:49:23 ----D---- C:\Windows
2020-07-24 10:49:18 ----D---- C:\WINDOWS\Inf
2020-07-24 10:41:25 ----D---- C:\WINDOWS\Minidump
2020-07-24 10:37:49 ----SHD---- C:\System Volume Information
2020-07-24 10:37:07 ----D---- C:\ProgramData\AVG
2020-07-24 10:30:47 ----RD---- C:\Program Files (x86)
2020-07-24 10:22:41 ----D---- C:\ProgramData\NVIDIA
2020-07-24 05:39:53 ----D---- C:\Program Files (x86)\TeamViewer
2020-07-24 05:23:19 ----SHD---- C:\WINDOWS\Installer
2020-07-24 05:23:16 ----HD---- C:\ProgramData
2020-07-24 05:23:15 ----HD---- C:\WINDOWS\ELAMBKUP
2020-07-24 05:23:06 ----RD---- C:\WINDOWS\System32
2020-07-24 04:52:53 ----D---- C:\WINDOWS\system32\catroot2
2020-07-24 03:52:16 ----D---- C:\WINDOWS\system32\drivers
2020-07-24 03:07:30 ----D---- C:\WINDOWS\system32\config
2020-07-24 03:04:02 ----D---- C:\WINDOWS\system32\DriverStore
2020-07-24 02:47:33 ----D---- C:\WINDOWS\system32\Tasks
2020-07-24 02:43:37 ----D---- C:\WINDOWS\SysWOW64
2020-07-24 02:40:38 ----D---- C:\Program Files\Java
2020-07-24 01:57:01 ----D---- C:\WINDOWS\LiveKernelReports
2020-07-24 01:56:21 ----D---- C:\ProgramData\ProductData
2020-07-24 01:16:54 ----D---- C:\Program Files\Common Files
2020-07-24 01:14:44 ----D---- C:\Program Files (x86)\Common Files
2020-07-24 01:10:36 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-07-24 01:01:21 ----D---- C:\AdwCleaner
2020-07-24 00:43:33 ----D---- C:\WINDOWS\WinSxS
2020-07-20 13:33:05 ----RD---- C:\WINDOWS\ToastData
2020-07-20 13:33:04 ----D---- C:\WINDOWS\SYSWOW64\setup
2020-07-20 13:33:04 ----D---- C:\Program Files\Windows Mail
2020-07-20 13:33:04 ----D---- C:\Program Files\Internet Explorer
2020-07-20 13:33:04 ----D---- C:\Program Files\Common Files\System
2020-07-20 13:33:04 ----D---- C:\Program Files (x86)\Windows Mail
2020-07-20 13:33:04 ----D---- C:\Program Files (x86)\Internet Explorer
2020-07-20 13:33:03 ----D---- C:\WINDOWS\system32\setup
2020-07-19 10:33:12 ----D---- C:\WINDOWS\CbsTemp
2020-07-17 10:34:08 ----RSD---- C:\WINDOWS\assembly
2020-07-17 10:05:16 ----D---- C:\ProgramData\Microsoft Help
2020-07-17 10:03:44 ----A---- C:\WINDOWS\win.ini
2020-07-15 16:03:40 ----D---- C:\WINDOWS\SoftwareDistribution
2020-07-14 14:50:08 ----D---- C:\WINDOWS\system32\Macromed
2020-07-14 14:50:07 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2020-07-11 14:29:24 ----D---- C:\Users\Lenka\AppData\Roaming\audacity
2020-07-10 22:56:13 ----D---- C:\Program Files (x86)\Steam
2020-07-07 18:34:16 ----A---- C:\WINDOWS\system32\nvumdshimx.dll
2020-07-07 18:28:36 ----A---- C:\WINDOWS\system32\nvwgf2umx.dll
2020-07-07 18:28:12 ----A---- C:\WINDOWS\system32\nvapi64.dll
2020-07-07 18:28:10 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
2020-07-05 21:12:41 ----A---- C:\WINDOWS\system32\nvsvc64.dll
2020-07-05 21:12:41 ----A---- C:\WINDOWS\system32\nvcpl.dll
2020-07-05 21:12:39 ----A---- C:\WINDOWS\system32\nvsvcr.dll
2020-07-05 21:12:39 ----A---- C:\WINDOWS\system32\nvshext.dll
2020-07-05 21:12:38 ----A---- C:\WINDOWS\system32\nvmctray.dll
2020-07-05 21:12:38 ----A---- C:\WINDOWS\system32\nv3dappshextr.dll
2020-07-05 21:12:38 ----A---- C:\WINDOWS\system32\nv3dappshext.dll
2020-06-28 13:14:13 ----D---- C:\WINDOWS\system32\NDF
2020-06-25 02:56:30 ----D---- C:\WINDOWS\SYSWOW64\RTCOM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2019-01-23 83656]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2019-01-23 23752]
R0 avgbidsh;avgbidsh; C:\WINDOWS\system32\drivers\avgbidsh.sys [2020-07-06 195720]
R0 avgbuniv;avgbuniv; C:\WINDOWS\system32\drivers\avgbuniv.sys [2020-07-06 61064]
R0 avgRvrt;avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [2020-07-06 84912]
R0 avgVmm;avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [2020-07-06 323344]
R1 avgArPot;avgArPot; C:\WINDOWS\system32\drivers\avgArPot.sys [2020-07-06 205952]
R1 avgbidsdriver;avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdriver.sys [2020-07-06 235656]
R1 avgKbd;avgKbd; C:\WINDOWS\system32\drivers\avgKbd.sys [2020-07-06 42840]
R1 avgNetHub;avgNetHub; C:\WINDOWS\system32\drivers\avgNetHub.sys [2020-07-06 514520]
R1 avgRdr;avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [2020-07-06 109336]
R1 avgSnx;avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [2020-07-06 851664]
R1 avgSP;avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [2020-07-06 466304]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2019-01-15 27552]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2012-12-09 126944]
R2 avgMonFlt;avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [2020-07-06 175264]
R2 avgStm;avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [2020-07-06 216880]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2020-03-24 6886992]
R3 NVHDA;@oem111.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2020-06-22 222112]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2020-07-07 24188648]
R3 nvvad_WaveExtensible;@oem75.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-05-15 69840]
R3 nvvhci;@oem104.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2020-03-11 67456]
R3 RTL8168;@oem106.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2020-04-10 1124344]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2014-03-18 121088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S1 amsdk;AMSDK Driver; \??\C:\WINDOWS\system32\drivers\amsdk.sys []
S3 AmUStor;@oem47.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS []
S3 avgTap;@oem98.inf,%DeviceDescription%;AVG TAP Adapter v3; C:\WINDOWS\system32\DRIVERS\avgTap.sys [2018-09-05 54888]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 ew_usbccgpfilter;@oem82.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [2019-07-03 18944]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2020-02-25 30336]
S3 RSUSBSTOR;@oem48.inf,%RSUSBSTOR.SvcDesc%;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2019-01-23 272088]
S3 RTSUER;@oem64.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2019-01-23 424384]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-05-07 169032]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]
R2 AVG Antivirus;AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [2020-07-06 357408]
R2 AVG Firewall;AVG Firewall Service; C:\Program Files\AVG\Antivirus\afwServ.exe [2020-07-06 1065528]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [2012-05-10 608864]
R2 EpsonScanSvc;Epson Scanner Service; C:\WINDOWS\system32\EscSvc64.exe [2011-12-12 135824]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2020-05-20 379224]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2019-07-03 190784]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2020-02-25 858480]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2020-07-05 874472]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-09-27 94720]
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2020-06-10 3460408]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2020-03-15 76152]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2014-04-14 389896]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2020-03-24 267552]
R2 TeamViewer;TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2019-12-16 12758528]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [2020-07-06 6561216]
R3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-06-03 1031704]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-04-04 156456]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-07-14 335416]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\elevation_service.exe [2020-07-11 1309680]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-04-04 156456]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2019-02-01 6562472]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2020-02-25 858480]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2020-06-10 2508592]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-12 189640]
S3 Rockstar Service;Rockstar Game Library Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2019-12-23 474256]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2020-07-09 1785120]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\WINDOWS\system32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Spustit skenovani a pockaj na dokoncenie
• V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
• V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
• Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede

Tak tady je

# AdwCleaner v6.044 - Log vytvořen 25/07/2020 v 07:21:05
# Aktualizováno dne 28/02/2017 z Malwarebytes
# Databáze : 2017-02-28.2 [Místní]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Lenka - LENKA
# Spuštěno z : C:\Users\Lenka\Desktop\adwcleaner_6.044.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****

Nebyly nalezeny žádné škodlivé služby.


***** [ Složky ] *****

Nebyly nalezeny žádné škodlivé složky.


***** [ Soubory ] *****

Nebyly nalezeny žádné škodlivé soubory.


***** [ DLL ] *****

Nebyly nalezeny žádné škodlivé DLL.


***** [ WMI ] *****

Nebyly nalezeny žádné škodlivé klíče.


***** [ Zástupci ] *****

Žádný infikovaný zástupce nenalezen.


***** [ Naplánované úlohy ] *****

Žádná nebezpečná úloha nenalezena.


***** [ Registry ] *****

Nebyly nalezeny žádné škodlivé položky registru.


***** [ Internetové prohlížeče ] *****

Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox.
Nebyly nalezeny žádné škodlivé položky prohlížeče Chromium.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1358 Bajty] - [29/02/2020 18:43:08]
C:\AdwCleaner\AdwCleaner[S1].txt - [1431 Bajty] - [10/03/2020 18:10:55]
C:\AdwCleaner\AdwCleaner[S2].txt - [1504 Bajty] - [11/03/2020 00:22:41]
C:\AdwCleaner\AdwCleaner[S3].txt - [1577 Bajty] - [13/03/2020 22:20:35]
C:\AdwCleaner\AdwCleaner[S4].txt - [1650 Bajty] - [17/03/2020 15:52:58]
C:\AdwCleaner\AdwCleaner[S5].txt - [1723 Bajty] - [24/03/2020 14:06:20]
C:\AdwCleaner\AdwCleaner[S6].txt - [1644 Bajty] - [25/07/2020 07:21:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1717 Bajty] ##########

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-07-2020
Ran by Lenka (administrator) on LENKA (Hewlett-Packard 500-526nc) (26-07-2020 13:58:05)
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <2>
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Hewlett-Packard Company -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe <16>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [156808 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [HP Remote Solution] => C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [791040 2013-06-11] (Hewlett-Packard) [File not signed]
HKLM-x32\...\Run: [DropboxOEM] => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160 2014-09-02] (Dropbox, Inc -> )
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [336992 2012-12-09] (Power Software Ltd -> Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIJCE.EXE [283232 2012-02-29] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\MountPoints2: {1f35bcf3-bc3e-11e9-8282-3464a913c695} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\MountPoints2: {1f35c3d2-bc3e-11e9-8282-3464a913c695} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\MountPoints2: {fb4e5439-d7b6-11e9-8284-3464a913c695} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [133632 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\EPSON XP-600 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMJCE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [558080 2011-08-30] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [423936 2014-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\chrmstp.exe [2020-07-24] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-09-27] (Softex Inc..) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-09-27] (Softex Inc..) [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0076A7E6-12EF-4F53-A656-B5B44D1371CD} - System32\Tasks\Opera scheduled Autoupdate 1547507275 => C:\Program Files (x86)\Opera\launcher.exe [1465432 2019-03-22] (Opera Software AS -> Opera Software)
Task: {0827FD2A-FE8F-4D11-849F-787D60BAF68A} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {121DFC2A-E4C4-4D20-BAB0-CE69F3A4B9C2} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2018-05-04] (HP Inc. -> HP Inc.)
Task: {14ABDD86-C529-49EC-B292-1DBFB5AFC800} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2020-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {16695E46-F345-419C-A211-C44AEA19C434} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {1D5586C4-C0BF-42EC-911F-3758685D2C82} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [506104 2014-09-27] (Softex Incorporated -> Hewlett-Packard)
Task: {24E7185E-8AC8-45B4-8F54-AE6192F48139} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {277D29A4-697C-4B9B-BFC3-CE860378C991} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14614416 2018-11-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2ACF0339-FFAB-4DD3-9617-90F388B68BEF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {2C072912-3AE3-4EB2-9908-22045CD3A3DE} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [4678392 2014-09-27] (Softex Incorporated -> Hewlett-Packard)
Task: {2F0A2893-5E1C-481D-9006-5CC567ABED7D} - System32\Tasks\Driver Booster SkipUAC (Lenka) => C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe [7610128 2019-04-24] (IObit Information Technology -> IObit)
Task: {33E66D58-18FF-4EC9-ABEE-5DEF9F5A7F4F} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-03-11] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {350FDB90-54B6-47CC-A3D3-E08A8D75EAB0} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2020-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {36099736-7E2C-491A-A71A-51828D2E1E1E} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\6.4.0\Scheduler.exe [149776 2019-04-23] (IObit Information Technology -> IObit)
Task: {459E2BF2-ED8B-47AD-9D14-A2761A224BB5} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2020-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45F982C4-0066-42C4-B9AB-B101CD213BEC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-04] (Google Inc -> Google LLC)
Task: {4D82F97E-A62A-4616-897F-47222FDBABB7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {4EABA1AF-AE34-4EB2-B0BF-505A82840F19} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
Task: {58029423-F9AD-4975-8DA2-3C57EEA375CE} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_pepper.exe [1471032 2020-07-14] (Adobe Inc. -> Adobe)
Task: {61D03564-3695-4C12-A193-D4BB6D171C3C} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [3387528 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {64635C49-5B0B-4696-AAD4-90B148E634C7} - System32\Tasks\DB Bigupgrade Task ( One Time ) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\BigUpgrade.exe
Task: {6493B0AB-0391-4D69-B463-5C839FC1FAB4} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2020-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {661DD9C4-6C1F-4E31-A7F1-93803B4AE77C} - System32\Tasks\{198F4BA0-1E55-4847-B151-762CF30A07FB} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Lenka\Desktop\sp68476.exe -d C:\Users\Lenka\Desktop
Task: {6CA0041A-A2A8-49BF-ABC2-BD420B42EA94} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [506104 2014-09-27] (Softex Incorporated -> Hewlett-Packard)
Task: {6D502D55-ADC7-41BE-82A0-9CCAF5254B22} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe
Task: {6E0FDCDF-75F4-46C8-AB2B-5F44FFB0F7AF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2020-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7849F64C-E354-44A2-82ED-F7949648162B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {89CDCCB2-1599-4E92-BA37-7FC48B398C4E} - System32\Tasks\{F9E483CF-C8B1-411B-A89B-7DC9AA12A082} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Lenka\Desktop\sp70394.exe -d C:\Users\Lenka\Desktop
Task: {96D6DF1C-A069-4DFB-9D27-08A4F56E680E} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2020-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {99D1AC3A-D89C-4DC3-A325-D97C65E6C999} - System32\Tasks\{E10836CF-668A-4433-AB06-E0B542A70990} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Lenka\Desktop\sp70441 (1).exe" -d C:\Users\Lenka\Desktop
Task: {9AB689F9-93A7-4FA8-90A5-D2AB7508A43D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {9B159E95-2C21-42D9-8D87-F1A0D543F48A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2020-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9CEDC8FB-89A3-42E4-A0D2-97F91379EA78} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {9EF2A4FF-AE8F-49CE-83F0-2756AFB40553} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-04] (Google Inc -> Google LLC)
Task: {AC20C64E-27FC-4934-AEAE-58E962310993} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B631194E-1FA7-4540-9423-8986E69EAB69} - System32\Tasks\{F61ED266-7095-4FC0-9B29-D9B222E301B9} => "c:\program files\internet explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.5.0.101/cs/go/help.faq.installer?LastError=1618
Task: {E534A79E-E4E5-4338-8A92-D5EE28F96D8E} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2020-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA69CDBC-4017-4980-9DFE-06E58CD22533} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2020-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EED79A9B-CED3-46F3-99A3-A6423B70D3E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F25FAA99-6544-43A1-B172-1D917449FE14} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {FA2B006F-863B-40D5-ACC0-B98D9C659C0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)
Task: {FA62CC4D-03D3-40AC-9CFB-D1BCBA8FC9C3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2020-02-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD111210-A8A0-4F46-A7E2-036DD3BA2EC4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-14] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForLenka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{174806FC-C0FF-4257-BC8A-A936A1690BAC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{174806FC-C0FF-4257-BC8A-A936A1690BAC}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
SearchScopes: HKLM -> {9F3255F0-76F5-4616-ACEC-1AF54A8B66FC} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-02-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-07-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-07-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-02-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) [File not signed]
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2018-03-14] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Profile: C:\Users\Lenka\AppData\Local\Microsoft\Edge\User Data\Default [2020-06-22]

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-03-16] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-07-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-07-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (Electronic Arts -> EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default [2020-07-24]
CHR Extension: (Prezentace) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-04]
CHR Extension: (Dokumenty) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-04]
CHR Extension: (Disk Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-04]
CHR Extension: (YouTube) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-04]
CHR Extension: (Tabulky) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-29]
CHR Extension: (Gmail) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-04]
CHR Extension: (Chrome Media Router) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-19]
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

Opera:
=======
OPR DownloadDir: C:\Users\Lenka\Desktop
OPR StartupUrls: "hxxp://www.seznam.cz/"
OPR Extension: (User-Agent Switcher and Manager) - C:\Users\Lenka\AppData\Roaming\Opera Software\Opera Stable\Extensions\mdhadkjmpbhfdmmoogneplmcpoelfggp [2020-07-10]
OPR Extension: (Tampermonkey) - C:\Users\Lenka\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2019-12-07]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Lenka\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2020-07-24]
OPR Extension: (Mate Translate – translator, dictionary) - C:\Users\Lenka\AppData\Roaming\Opera Software\Opera Stable\Extensions\ollghamalkmmhboihmhoaaobmamehjgn [2020-01-02]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-14] (Adobe Inc. -> Adobe)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [357408 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [1065528 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [6561216 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-07-03] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [94720 2014-09-27] (Softex Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2508592 2020-06-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3460408 2020-06-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2020-03-15] (Even Balance, Inc. -> )
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [474256 2019-12-23] (Rockstar Games, Inc. -> Rockstar Games)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [83656 2019-01-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [23752 2019-01-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205952 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [235656 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [195720 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [61064 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42840 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [175264 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [514520 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109336 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84912 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851664 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [466304 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [216880 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 avgTap; C:\WINDOWS\system32\DRIVERS\avgTap.sys [54888 2018-09-05] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [323344 2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-01-15] (Martin Malik - REALiX -> REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
S3 AmUStor; \SystemRoot\system32\drivers\AmUStor.SYS [X]
U1 avgbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-26 13:58 - 2020-07-26 13:58 - 000032551 _____ C:\Users\Lenka\Desktop\FRST.txt
2020-07-26 13:44 - 2020-07-26 13:58 - 000000000 ____D C:\FRST
2020-07-26 13:43 - 2020-07-26 13:43 - 002295808 _____ (Farbar) C:\Users\Lenka\Desktop\FRST64.COM.exe
2020-07-24 11:40 - 2020-07-24 11:40 - 000000000 ____D C:\rsit
2020-07-24 11:40 - 2020-07-24 11:40 - 000000000 ____D C:\Program Files\trend micro
2020-07-24 11:39 - 2020-07-24 11:39 - 001222144 _____ C:\Users\Lenka\Desktop\RSITx64.exe
2020-07-24 10:55 - 2020-07-24 10:58 - 000000000 ____D C:\Users\Lenka\Desktop\GK amd
2020-07-24 10:40 - 2020-07-24 10:40 - 000003840 _____ C:\Users\Lenka\Desktop\24.7.2020.reg
2020-07-24 02:47 - 2020-07-24 02:57 - 000003476 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-07-24 02:47 - 2020-07-24 02:47 - 000000000 ____D C:\Users\Lenka\AppData\Local\Zemana
2020-07-24 01:19 - 2020-07-24 01:19 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab
2020-07-24 01:16 - 2020-07-24 02:46 - 000000000 ____D C:\Program Files\Common Files\AV
2020-07-24 01:11 - 2020-07-24 03:02 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2020-07-15 16:04 - 2020-07-07 18:34 - 034741648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrtum64.dll
2020-07-15 16:04 - 2020-07-07 18:34 - 007977192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler64.dll
2020-07-15 16:04 - 2020-07-07 18:34 - 007090920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler32.dll
2020-07-15 16:04 - 2020-07-07 18:34 - 001780944 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-07-15 16:04 - 2020-07-07 18:34 - 001780944 _____ C:\WINDOWS\system32\vulkaninfo.exe
2020-07-15 16:04 - 2020-07-07 18:34 - 001371344 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-07-15 16:04 - 2020-07-07 18:34 - 001371344 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2020-07-15 16:04 - 2020-07-07 18:34 - 001086672 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-07-15 16:04 - 2020-07-07 18:34 - 001086672 _____ C:\WINDOWS\system32\vulkan-1.dll
2020-07-15 16:04 - 2020-07-07 18:34 - 000946384 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2020-07-15 16:04 - 2020-07-07 18:34 - 000946384 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2020-07-15 16:04 - 2020-07-07 18:34 - 000420240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2020-07-15 16:04 - 2020-07-07 18:33 - 123286248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoptix.dll
2020-07-15 16:04 - 2020-07-07 18:33 - 041648016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2020-07-15 16:04 - 2020-07-07 18:33 - 035518352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl64.dll
2020-07-15 16:04 - 2020-07-07 18:33 - 031032208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2020-07-15 16:04 - 2020-07-07 18:33 - 030256016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl32.dll
2020-07-15 16:04 - 2020-07-07 18:33 - 000166800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2020-07-15 16:04 - 2020-07-07 18:33 - 000143592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 024188648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2020-07-15 16:04 - 2020-07-07 18:32 - 002075880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 001722088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6445167.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 001568656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 001486224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 001482984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6445167.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 001146256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 000948456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 000669416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 000555920 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 000545680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 000471784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 000427408 _____ C:\WINDOWS\system32\nvofapi64.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 000378256 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 000182160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 000168168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdlistx.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 000159120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2020-07-15 16:04 - 2020-07-07 18:32 - 000146152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvdlist.dll
2020-07-15 16:04 - 2020-07-07 18:31 - 040572312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler64.dll
2020-07-15 16:04 - 2020-07-07 18:31 - 035438832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler32.dll
2020-07-15 16:04 - 2020-07-07 18:31 - 020025744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2020-07-15 16:04 - 2020-07-07 18:31 - 006241680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2020-07-15 16:04 - 2020-07-07 18:31 - 005584784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2020-07-15 16:04 - 2020-07-07 18:31 - 000672152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcbl64.dll
2020-07-15 16:04 - 2020-07-07 18:28 - 038307672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2020-07-15 16:04 - 2020-07-07 18:28 - 024845248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2020-07-15 16:04 - 2020-07-07 18:28 - 020697672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2020-07-15 11:23 - 2020-07-08 12:56 - 001370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-07-15 11:23 - 2020-07-08 10:28 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-07-15 11:23 - 2020-07-08 09:40 - 001088512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-07-15 11:23 - 2020-07-02 06:05 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-07-15 11:23 - 2020-07-02 05:32 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-07-15 11:23 - 2020-07-02 04:57 - 001756672 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-07-15 11:23 - 2020-07-02 04:43 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-07-15 11:23 - 2020-06-16 05:11 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-07-15 11:23 - 2020-06-13 02:29 - 000092944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-15 11:23 - 2020-06-13 01:27 - 000073776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Credentials.UI.CredentialPicker.dll
2020-07-15 11:23 - 2020-06-13 00:53 - 000360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-07-15 11:23 - 2020-06-12 23:39 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-07-15 11:23 - 2020-06-12 23:25 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-07-15 11:23 - 2020-06-12 19:37 - 000537616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-07-15 11:23 - 2020-06-12 18:56 - 000450296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-07-15 11:23 - 2020-06-12 15:29 - 001549560 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-07-15 11:23 - 2020-06-11 22:18 - 007362288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-07-15 11:23 - 2020-06-11 07:03 - 022378304 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-07-15 11:23 - 2020-06-11 07:03 - 000723008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-07-15 11:23 - 2020-06-11 06:56 - 000806200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-07-15 11:23 - 2020-06-11 06:37 - 019803064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-07-15 11:23 - 2020-06-11 06:37 - 000561896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-07-15 11:23 - 2020-06-11 06:33 - 000613528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-07-15 11:23 - 2020-06-11 06:16 - 025755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-07-15 11:23 - 2020-06-11 05:52 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-07-15 11:23 - 2020-06-11 05:42 - 000187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2020-07-15 11:23 - 2020-06-11 05:41 - 020291072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-07-15 11:23 - 2020-06-11 05:41 - 005498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-07-15 11:23 - 2020-06-11 05:41 - 000785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-07-15 11:23 - 2020-06-11 05:39 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2020-07-15 11:23 - 2020-06-11 05:25 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-07-15 11:23 - 2020-06-11 05:24 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-07-15 11:23 - 2020-06-11 05:19 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-07-15 11:23 - 2020-06-11 05:17 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-07-15 11:23 - 2020-06-11 05:16 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2020-07-15 11:23 - 2020-06-11 05:15 - 000653824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-07-15 11:23 - 2020-06-11 05:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2020-07-15 11:23 - 2020-06-11 05:13 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2020-07-15 11:23 - 2020-06-11 05:05 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-07-15 11:23 - 2020-06-11 05:04 - 015479296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-07-15 11:23 - 2020-06-11 05:04 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2020-07-15 11:23 - 2020-06-11 05:02 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-07-15 11:23 - 2020-06-11 04:59 - 000076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-07-15 11:23 - 2020-06-11 04:57 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-07-15 11:23 - 2020-06-11 04:56 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-07-15 11:23 - 2020-06-11 04:56 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-07-15 11:23 - 2020-06-11 04:55 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2020-07-15 11:23 - 2020-06-11 04:54 - 000551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-07-15 11:23 - 2020-06-11 04:52 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-07-15 11:23 - 2020-06-11 04:52 - 004111872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-07-15 11:23 - 2020-06-11 04:50 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-07-15 11:23 - 2020-06-11 04:49 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2020-07-15 11:23 - 2020-06-11 04:48 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2020-07-15 11:23 - 2020-06-11 04:46 - 013861888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-07-15 11:23 - 2020-06-11 04:45 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2020-07-15 11:23 - 2020-06-11 04:44 - 014534656 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-07-15 11:23 - 2020-06-11 04:44 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-07-15 11:23 - 2020-06-11 04:42 - 000906240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2020-07-15 11:23 - 2020-06-11 04:42 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-07-15 11:23 - 2020-06-11 04:40 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-07-15 11:23 - 2020-06-11 04:39 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2020-07-15 11:23 - 2020-06-11 04:37 - 007800320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-07-15 11:23 - 2020-06-11 04:37 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2020-07-15 11:23 - 2020-06-11 04:35 - 012880896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-07-15 11:23 - 2020-06-11 04:35 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2020-07-15 11:23 - 2020-06-11 04:32 - 003317248 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2020-07-15 11:23 - 2020-06-11 04:31 - 004387328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-07-15 11:23 - 2020-06-11 04:29 - 005272064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-07-15 11:23 - 2020-06-11 04:29 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-07-15 11:23 - 2020-06-11 04:28 - 001341952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-07-15 11:23 - 2020-06-11 04:27 - 001728512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-07-15 11:23 - 2020-06-11 04:27 - 000710656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-07-15 11:23 - 2020-06-11 04:22 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-07-15 11:23 - 2020-06-09 07:12 - 001764872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-07-15 11:23 - 2020-06-09 07:12 - 000374008 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2020-07-15 11:23 - 2020-06-09 07:05 - 000357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-07-15 11:23 - 2020-06-09 06:37 - 001489528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-07-15 11:23 - 2020-06-09 06:36 - 000316152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2020-07-15 11:23 - 2020-06-09 06:31 - 000255104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2020-07-15 11:23 - 2020-06-09 06:15 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-07-15 11:23 - 2020-06-09 05:44 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-07-15 11:23 - 2020-06-09 05:27 - 001994240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2020-07-15 11:23 - 2020-06-09 05:18 - 001384960 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-07-15 11:23 - 2020-06-09 05:06 - 001695744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-07-15 11:23 - 2020-06-09 05:03 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2020-07-15 11:23 - 2020-06-06 21:58 - 001542672 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-07-15 11:23 - 2020-06-06 00:09 - 000430832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-07-15 11:23 - 2020-06-06 00:06 - 000320240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-07-15 11:23 - 2020-06-05 18:20 - 001441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-07-15 11:23 - 2020-06-05 18:16 - 000964096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-07-15 11:23 - 2020-06-05 18:15 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-07-15 11:23 - 2020-06-05 18:15 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-07-15 11:23 - 2020-06-05 18:15 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-07-15 11:23 - 2020-06-05 18:15 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-07-15 11:23 - 2020-06-05 18:14 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-07-15 11:23 - 2020-06-05 18:14 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-07-15 11:23 - 2020-06-05 18:14 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-07-15 11:23 - 2020-06-05 18:09 - 001377792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-07-15 11:23 - 2020-06-05 18:06 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-07-15 11:23 - 2020-06-05 18:06 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-07-15 11:23 - 2020-06-05 18:06 - 000174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-07-15 11:23 - 2020-06-05 17:39 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-07-15 11:23 - 2020-06-05 17:39 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-07-15 11:23 - 2020-06-04 21:33 - 001902240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-07-15 11:23 - 2020-06-04 21:32 - 002535960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-07-15 11:23 - 2020-06-04 20:25 - 000427584 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-07-15 11:23 - 2020-06-04 20:21 - 000368240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-07-15 11:23 - 2020-06-04 15:58 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-07-15 11:23 - 2020-06-04 15:47 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\upnphost.dll
2020-07-15 11:23 - 2020-06-04 15:43 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-07-15 11:23 - 2020-06-04 15:38 - 000628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-07-15 11:23 - 2020-06-03 20:48 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2020-07-15 11:23 - 2020-06-03 20:40 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2020-07-15 11:23 - 2020-06-03 20:20 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-07-15 11:23 - 2020-06-03 20:19 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-07-15 11:23 - 2020-06-03 20:08 - 006220288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-07-15 11:23 - 2020-06-03 18:54 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2020-07-15 11:23 - 2020-06-03 18:43 - 001101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2020-07-15 11:23 - 2020-06-03 18:25 - 001080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2020-07-15 11:23 - 2020-06-03 18:24 - 000840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-07-15 11:23 - 2020-06-03 18:12 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-07-15 11:23 - 2020-06-03 18:12 - 000172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-07-15 11:23 - 2020-06-03 17:52 - 007040000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-07-14 14:50 - 2020-07-14 14:50 - 008774200 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-07-12 09:55 - 2020-07-17 17:58 - 000000000 ____D C:\Users\Lenka\Desktop\nehoda
2020-07-06 11:31 - 2020-07-06 11:31 - 000336520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2020-07-06 11:31 - 2020-07-06 11:31 - 000216880 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2020-07-06 11:31 - 2020-07-06 11:31 - 000175264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-07-26 13:29 - 2019-01-14 23:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-07-26 13:29 - 2019-01-14 22:54 - 000003958 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6E2E033A-4184-489D-8F08-B493565E0C75}
2020-07-25 17:29 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2020-07-25 17:17 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-07-25 07:21 - 2020-02-29 18:40 - 000000000 ____D C:\AdwCleaner
2020-07-24 11:29 - 2019-01-14 22:56 - 000003594 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1753748593-2747000319-1568198-1001
2020-07-24 11:19 - 2019-09-20 16:09 - 000000000 ____D C:\Users\Lenka\Desktop\na triko madonna
2020-07-24 10:41 - 2019-02-20 16:57 - 000000000 ____D C:\WINDOWS\Minidump
2020-07-24 10:37 - 2019-01-14 23:59 - 000000000 ____D C:\ProgramData\AVG
2020-07-24 10:32 - 2020-05-20 21:55 - 000002832 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Lenka)
2020-07-24 10:22 - 2015-08-06 18:46 - 000000000 ___DO C:\Users\Lenka\OneDrive
2020-07-24 05:42 - 2019-01-15 00:01 - 000004162 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-07-24 05:39 - 2019-01-15 18:51 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-07-24 05:39 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-24 05:23 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-07-24 05:23 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2020-07-24 03:52 - 2020-02-15 17:57 - 000022764 _____ C:\WINDOWS\ZAM.krnl.trace
2020-07-24 03:08 - 2019-01-14 22:42 - 000000000 ____D C:\Users\Lenka
2020-07-24 02:57 - 2020-02-29 18:26 - 000000000 ____D C:\Users\Lenka\AppData\Local\AMSDK
2020-07-24 02:48 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-07-24 02:40 - 2019-01-15 05:27 - 000000000 ____D C:\Program Files\Java
2020-07-24 02:04 - 2020-05-20 21:55 - 000003084 _____ C:\WINDOWS\system32\Tasks\Driver Booster Scheduler
2020-07-24 02:04 - 2020-04-04 19:06 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-07-24 02:04 - 2020-03-02 15:20 - 000003798 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-24 02:04 - 2020-03-02 15:20 - 000003790 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-24 02:04 - 2020-03-02 15:20 - 000003704 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-24 02:04 - 2020-03-02 15:20 - 000003704 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-24 02:04 - 2020-03-02 15:20 - 000003704 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-24 02:04 - 2020-03-02 15:19 - 000004146 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-24 02:04 - 2020-03-02 15:19 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-24 02:04 - 2020-03-02 15:19 - 000003738 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-24 02:04 - 2020-03-02 15:19 - 000003704 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-24 02:04 - 2020-03-02 15:19 - 000003494 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-07-24 02:04 - 2019-10-17 12:38 - 000003108 _____ C:\WINDOWS\system32\Tasks\{F9E483CF-C8B1-411B-A89B-7DC9AA12A082}
2020-07-24 02:04 - 2019-10-17 12:34 - 000003108 _____ C:\WINDOWS\system32\Tasks\{198F4BA0-1E55-4847-B151-762CF30A07FB}
2020-07-24 02:04 - 2019-10-17 12:23 - 000003120 _____ C:\WINDOWS\system32\Tasks\{E10836CF-668A-4433-AB06-E0B542A70990}
2020-07-24 02:04 - 2019-04-09 18:10 - 000003830 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1547507275
2020-07-24 02:04 - 2019-04-04 05:03 - 000003388 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-07-24 02:04 - 2019-04-04 05:03 - 000003260 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-07-24 02:04 - 2019-01-23 02:56 - 000003146 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2020-07-24 02:04 - 2019-01-15 18:00 - 000003090 _____ C:\WINDOWS\system32\Tasks\DB Bigupgrade Task ( One Time )
2020-07-24 02:04 - 2019-01-15 03:29 - 000004534 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-07-24 02:04 - 2019-01-15 03:29 - 000004408 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-07-24 02:04 - 2019-01-15 03:01 - 000004128 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-07-24 02:04 - 2019-01-15 00:21 - 000003086 _____ C:\WINDOWS\system32\Tasks\{F61ED266-7095-4FC0-9B29-D9B222E301B9}
2020-07-24 02:04 - 2015-03-16 20:01 - 000002986 _____ C:\WINDOWS\system32\Tasks\Start SimplePass
2020-07-24 02:04 - 2015-03-16 20:01 - 000002924 _____ C:\WINDOWS\system32\Tasks\Start OPBHOBrokerDesktop
2020-07-24 02:04 - 2015-03-16 20:01 - 000002912 _____ C:\WINDOWS\system32\Tasks\Start OPBHOBroker
2020-07-24 01:57 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-07-24 01:56 - 2020-05-20 21:55 - 000000000 ____D C:\ProgramData\ProductData
2020-07-24 01:33 - 2019-04-04 05:03 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-24 01:33 - 2019-04-04 05:03 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-24 01:12 - 2019-01-15 05:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-07-24 01:10 - 2019-01-15 05:29 - 000193704 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2020-07-24 01:03 - 2020-04-15 23:45 - 000000000 ____D C:\Users\Lenka\Desktop\Ulice
2020-07-24 00:41 - 2013-08-22 16:44 - 000502256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-07-20 13:33 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2020-07-20 13:33 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-07-20 13:33 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\setup
2020-07-20 13:33 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Common Files\System
2020-07-18 00:16 - 2019-01-15 05:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-07-17 10:05 - 2019-01-14 23:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-07-17 10:03 - 2013-08-22 15:25 - 000000199 _____ C:\WINDOWS\win.ini
2020-07-14 14:50 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-07-14 14:50 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-07-11 14:29 - 2019-01-15 18:55 - 000000000 ____D C:\Users\Lenka\AppData\Roaming\audacity
2020-07-10 22:56 - 2019-01-15 03:30 - 000000000 ____D C:\Program Files (x86)\Steam
2020-07-10 20:45 - 2020-02-26 11:24 - 000000927 _____ C:\Users\Lenka\Desktop\zkratka.txt
2020-07-10 16:39 - 2020-04-04 19:05 - 000002086 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-07-07 18:34 - 2020-01-10 21:51 - 000503184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2020-07-07 18:31 - 2020-06-25 03:14 - 017355504 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2020-07-07 18:28 - 2020-01-10 21:51 - 043292136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2020-07-07 18:28 - 2020-01-10 21:51 - 005310872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2020-07-07 18:28 - 2020-01-10 21:51 - 004626608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2020-07-06 11:31 - 2020-05-03 16:58 - 000514520 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2020-07-06 11:31 - 2019-01-15 00:01 - 000851664 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2020-07-06 11:31 - 2019-01-15 00:01 - 000466304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2020-07-06 11:31 - 2019-01-15 00:01 - 000323344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2020-07-06 11:31 - 2019-01-15 00:01 - 000235656 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2020-07-06 11:31 - 2019-01-15 00:01 - 000205952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2020-07-06 11:31 - 2019-01-15 00:01 - 000195720 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2020-07-06 11:31 - 2019-01-15 00:01 - 000109336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2020-07-06 11:31 - 2019-01-15 00:01 - 000084912 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2020-07-06 11:31 - 2019-01-15 00:01 - 000061064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2020-07-06 11:31 - 2019-01-15 00:01 - 000042840 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2020-07-06 01:07 - 2020-03-24 14:08 - 000054543 _____ C:\WINDOWS\system32\nvinfo.pb
2020-07-05 21:12 - 2019-01-14 23:34 - 005492712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2020-07-05 21:12 - 2019-01-14 23:34 - 002633528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2020-07-05 21:12 - 2019-01-14 23:34 - 001760232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2020-07-05 21:12 - 2019-01-14 23:34 - 000991032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2020-07-05 21:12 - 2019-01-14 23:34 - 000195560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2020-07-05 21:12 - 2019-01-14 23:34 - 000121144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2020-07-05 21:12 - 2019-01-14 23:34 - 000084456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2020-07-03 18:12 - 2019-01-14 23:34 - 009216447 _____ C:\WINDOWS\system32\nvcoproc.bin
2020-06-28 13:14 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-06-28 13:09 - 2019-01-14 23:36 - 000000000 ____D C:\Users\Lenka\AppData\Local\CrashDumps

==================== Files in the root of some directories ========

2019-01-15 20:36 - 2019-01-15 20:36 - 000000000 ___SH () C:\Users\Lenka\AppData\Local\LumaEmu
2019-08-17 14:59 - 2019-08-17 14:59 - 000000869 _____ () C:\Users\Lenka\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-07-24 17:24
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2020
Ran by Lenka (26-07-2020 13:58:55)
Running from C:\Users\Lenka\Desktop
Windows 8.1 (Update) (X64) (2019-01-14 20:45:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1753748593-2747000319-1568198-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1753748593-2747000319-1568198-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1753748593-2747000319-1568198-1003 - Limited - Enabled)
Lenka (S-1-5-21-1753748593-2747000319-1568198-1001 - Administrator - Enabled) => C:\Users\Lenka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: AVG Antivirus (Enabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Antivirus (Enabled) {2092F4DC-EC63-3680-C854-E2DACF7E736A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\uTorrent) (Version: 3.5.5.45608 - BitTorrent Inc.)
7Launcher CSS v1.3.4 (HKLM\...\7l_cstrike_is1) (Version: 1.3.4 - SE7EN Solutions)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.403 - Adobe)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
AVG Internet Security (HKLM-x32\...\AVG Antivirus) (Version: 20.5.3130 - AVG Technologies)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5529 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.2.3317 - CyberLink Corp.) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version: - SEIKO EPSON Corporation)
Foxit PhantomPDF (HKLM-x32\...\{4E32271C-B55A-4CDF-8DB7-88FD1C45927C}) (Version: 7.0.310.226 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.89 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.1868.0 - Rockstar Games)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.27 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.27 - Softex Inc.) Hidden
Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Little Nightmares (HKLM-x32\...\Little Nightmares_is1) (Version: - )
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: - )
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{659502b7-dea8-4adc-99c4-64f141a83c2d}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{1ef719a9-357f-4764-aa61-60a720d495d0}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NVIDIA Virtuální audio Miracast 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 451.67 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.71.41480 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 451.67 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
Roblox Player for Lenka (HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for Lenka (HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\roblox-studio) (Version: - Roblox Corporation)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.62.67.1020 - Electronic Arts Inc.)
Update for Skype for Business 2015 (KB4484097) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1EB78C78-BFAF-4052-BD35-9A0F99B941CC}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484097) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1EB78C78-BFAF-4052-BD35-9A0F99B941CC}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484097) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{1EB78C78-BFAF-4052-BD35-9A0F99B941CC}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484097) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{1EB78C78-BFAF-4052-BD35-9A0F99B941CC}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinX HD Video Converter Deluxe 5.9.8 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)

Packages:
=========
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_4.5.0.18_x64__kx24dqmazqk8j [2016-09-23] (Random Salad Games LLC)
HP Connected Music -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedMusic_1.5.0.253_x86__v10z8vjag6ke6 [2016-03-27] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2016-03-27] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2016-03-27] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2016-03-27] (Microsoft Corporation) [MS Ad]
McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-04-03] (.-McAfee Inc-.)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2019-04-04] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2018-07-27] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2016-03-27] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2016-03-27] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-22] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-29] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2016-03-27] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-27] (Microsoft Corporation) [MS Ad]
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_5.5.0.8_x86__v10z8vjag6ke6 [2016-05-04] (HP Inc.)
The Weather Channel for HP -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforHP_2.1.20.0_x64__t3yemqpq4kp7p [2016-03-27] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-04-07] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2016-03-27] (TripAdvisor LLC)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2016-03-27] (Microsoft Corporation) [MS Ad]
Začínáme se systémem Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2016-03-27] (Hewlett-Packard Company)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1753748593-2747000319-1568198-1001_Classes\CLSID\{2E44F2B2-ACC8-80C5-F434-A05EE7047B74}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-03-03] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-12-09] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-07-24] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-12-09] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-07-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2020-07-06] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files (x86)\PowerISO\PWRISOSH.DLL [2012-12-09] (Power Software Ltd -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Lenka\Desktop\Counter-Strike 1.6 Fusion.lnk -> C:\Users\Lenka\Counter-Strike 1.6 Fusion\Counter-Strike 1.6.bat ()

==================== Loaded Modules (Whitelisted) =============

2014-09-27 15:47 - 2014-09-27 15:47 - 000855552 _____ (%CFullName%) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OpBHO64.dll
2014-09-27 15:40 - 2014-09-27 15:40 - 002150400 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-09-27 15:39 - 2014-09-27 15:39 - 000021504 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-09-27 15:39 - 2014-09-27 15:39 - 000055296 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-09-27 15:39 - 2014-09-27 15:39 - 000035840 _____ () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-09-27 15:39 - 2014-09-27 15:39 - 000702976 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\storeng.dll
2014-09-27 15:40 - 2014-09-27 15:40 - 001119232 _____ (Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\userdata.dll
2005-01-13 11:47 - 2005-01-13 11:47 - 000049152 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\ESPSUTL.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 000206336 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\ScnCom10.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 000082944 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\ScnEps25.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 000055808 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\ScnMgr10.dll
2019-01-15 00:30 - 2007-09-18 17:44 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBIPDev.dll
2019-01-15 00:30 - 2007-09-10 16:03 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBLPBidiDev.dll
2019-01-15 00:30 - 2006-12-26 15:58 - 000233544 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBMSDev.dll
2019-01-15 00:30 - 2004-11-17 17:56 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBNWDev.dll
2019-01-15 00:30 - 2007-09-10 16:32 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBRSVC.dll
2019-01-15 00:30 - 2006-08-30 02:02 - 000106496 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\epLocalBidi.dll
2012-02-09 13:53 - 2012-02-09 13:53 - 000110080 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll
2011-04-14 10:16 - 2011-04-14 10:16 - 000136704 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\ScanEngine30.dll
2019-01-15 00:20 - 2011-08-30 14:38 - 000558080 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2019-01-15 00:20 - 2011-08-01 19:24 - 000250880 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
2014-09-27 15:48 - 2014-09-27 15:48 - 000746064 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-09-27 15:48 - 2014-09-27 15:48 - 000420432 _____ (Softex Incorporated -> ) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-09-27 15:48 - 2014-09-27 15:48 - 000760912 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\hdddrv.dll
2014-09-27 15:48 - 2014-09-27 15:48 - 001376848 _____ (Softex Incorporated -> Hewlett-Packard) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\Wbf.dll
2020-04-14 23:45 - 2020-04-14 23:45 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2020-04-14 23:45 - 2020-04-14 23:45 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2020-04-14 23:45 - 2020-04-14 23:45 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2020-04-14 23:45 - 2020-04-14 23:45 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2020-04-14 23:45 - 2020-04-14 23:45 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2020-04-14 23:45 - 2020-04-14 23:45 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2020-04-14 23:45 - 2020-04-14 23:45 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2020-04-14 23:45 - 2020-04-14 23:45 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2020-04-14 23:45 - 2020-04-14 23:45 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Hewlett-Packard\SimplePass\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenka\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "DropboxOEM"
HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE"
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3480AE54-E26D-48C0-BDBE-618930722D15}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D23517F8-8F9F-4CD4-B847-8BDBB90677ED}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B7E4B3E5-6BC7-4FB9-ADA6-E05B63E94083}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2B354EB8-CB03-4D5F-A27D-77900D1FA938}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7322B2A7-FA66-4C1E-AC38-521CD1D7A684}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{62E27DCD-2C30-41F8-8BF6-C84855008256}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{BA335FC6-7994-4383-87A8-BCF7775B11C7}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{FEA19800-F489-4148-A96B-7850C20B7FC1}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E7569022-6403-4602-A484-D7D5F9600AE0}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{58CD65C8-176A-4A0C-94E8-C582437D8231}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6527C690-23A4-46B5-8261-FC7D9626CD25}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A1B7CA72-668D-4937-9390-D74BFA7D9030}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8A657C8B-2205-4271-87BC-C8CC85D204AE}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{E8D2BBD5-2C33-423E-B74C-6D9A221E6875}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{80A3A200-685B-4A73-B2AE-FC2CC7EB01C6}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{F082B435-14F8-4BD5-95A5-E30E4810AE55}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{A562F424-39DC-4EF1-98E0-61B160A49249}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{8DC25FAA-7A60-4B87-8673-BF713CF6F5A6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{124F59D8-EF9C-4040-B32E-C69AB6A75131}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9C245F1D-E75F-4262-AF1A-C679A074541D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E0880DF9-7D04-4889-9C00-8D1D397830AA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D2BA3547-9AF6-4654-9488-23B79F6E2B8C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{4EA59A42-4BC5-4AA7-A9DB-2FB356B1C79A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{1F9C38AB-8054-4E92-A452-B003E212398A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{B7F78A53-2A2A-433A-BAB6-8FBBB33B0A93}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{5F47ACE7-6854-4578-9176-6AC3E6C226DF}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{156A3C0B-1366-4213-9C00-B8AC2C5B4441}C:\program files\counter-strike source\hl2.exe] => (Allow) C:\program files\counter-strike source\hl2.exe (Valve -> )
FirewallRules: [UDP Query User{79939821-A785-4A7A-B323-3411019D05DF}C:\program files\counter-strike source\hl2.exe] => (Allow) C:\program files\counter-strike source\hl2.exe (Valve -> )
FirewallRules: [{B32F72CD-BBF5-4767-BC63-A9E208D71EA8}] => (Allow) C:\Users\Lenka\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C5F942CD-18FA-4778-968F-E8B8B63E5D99}] => (Allow) C:\Users\Lenka\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D779BFAE-4F11-44EC-BD4C-1191B64B9BF5}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{CF2ECAF5-6E9B-4E85-977E-3BA88D791486}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{C26D1A55-58C4-4B7E-853F-0D1564DC54C6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E1A56A2-F0EC-4887-B008-6FE7021AB6C4}] => (Allow) LPort=2869
FirewallRules: [{651EC268-866B-4ACD-9E97-33950FD62FA5}] => (Allow) LPort=1900
FirewallRules: [{D54ED154-FA3E-4628-9416-528C519D0232}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{060CE58A-6C99-4C84-9A50-7789C5748C02}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9821B881-058E-4576-B048-661086B31520}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A5F96DCC-97D2-4A10-8312-FBB41EB42D62}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{83A2D108-3DC8-40A7-A153-363E5DE8BB73}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CED4CBC7-625E-4283-91E7-16E85E36148D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A890B836-1157-447C-8CCD-0EB5B0C64407}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{C509DEA6-F437-4DE8-A87E-589BCEDAF6E6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{D40A3506-392F-4AC8-93F8-147EFEF6BD1D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{343081EE-5198-48AA-A081-3B67831F7485}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{5CAD3F0A-EB73-4AFF-9338-7322D2035C9E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{D9624F71-DBD1-4607-A41D-7252245ADDD4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{A8DBD1BB-C5E8-42E7-A33D-A399DD2780E5}] => (Allow) C:\Program Files (x86)\Opera\58.0.3135.118_1\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{D9E6F5FA-5352-4B85-8F21-7B5A3DBB7621}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{917D78F7-03DB-4749-A825-E3A035F4EDFE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F0479EBB-A83E-40FB-BE4D-1DC6657528D5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CF8A992B-B624-4695-89E4-D24CD1FC9E9E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{CDA5B4DC-CFC7-4E3F-B2EE-B13A3B1EF721}C:\users\lenka\desktop\vlc\vlc.exe] => (Allow) C:\users\lenka\desktop\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{3368D85C-48AF-4B7B-947A-E2570CA1F55C}C:\users\lenka\desktop\vlc\vlc.exe] => (Allow) C:\users\lenka\desktop\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{26643B53-92E5-407B-BC85-6FFA416C6F79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E4794CAB-01C0-4A08-95D6-48D057A24F9E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{092D13AF-7BD0-45CE-81D1-E2693870B38F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EA0F6E5C-FC37-4705-B76B-F90946A8916B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8BDB1E73-2DC5-47D1-A7BD-F1C3FAFC6ECF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2629E6AB-E2C7-4A95-91FF-39D5480B2CDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1ACEC434-D428-47F9-9E5F-1D568FB73B8E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{65945C28-C2D3-4D01-BC32-1E2AAB73D7AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{F34750C9-2E19-4B8E-95F1-1368415FAFE1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{F897FF72-5240-4679-BB84-47369DC960D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{03755D25-0451-4C38-90FE-1C5E0DE9BE16}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{B9D8D2BF-E051-4904-A5C6-57568FE75C7B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe (Electronic Arts -> EA Digital Illusions CE AB)
FirewallRules: [{C0AAE2D6-FA06-412A-AB4D-D09D786A11C4}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{8724F23F-41B0-446A-9280-387EEC163CBD}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin_LE\TS4.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{5F4EABFB-5007-4443-8024-003A3970B004}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{4EBEC132-E07F-433F-9D40-4ABE3C0768E8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe (Electronic Arts, Inc. -> Electronic Arts Inc.)
FirewallRules: [{8A92424D-15D9-43F0-9CA5-AC104852D92C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

15-07-2020 09:09:22 Windows Update
19-07-2020 10:27:39 Windows Update
24-07-2020 00:53:41 Removed STORMWARE POHODA Start CZ .
24-07-2020 10:37:28 24/7/2020

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/26/2020 01:37:22 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/26/2020 01:36:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 25.7.2020.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1d7c

Čas spuštění: 01d6634106df328e

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\Lenka\Desktop\FRST64.exe

ID hlášení: 47788d5d-cf34-11ea-82ff-3464a913c695

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (07/26/2020 01:35:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 25.7.2020.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: ae4

Čas spuštění: 01d66340c913a8a7

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\Lenka\Desktop\FRST64.exe

ID hlášení: 08d2981e-cf34-11ea-82ff-3464a913c695

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (07/25/2020 04:31:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: launcher.exe_Opera Internet Browser, verze: 58.0.3135.118, časové razítko: 0x5c946bd0
Název chybujícího modulu: launcher.exe, verze: 58.0.3135.118, časové razítko: 0x5c946bd0
Kód výjimky: 0x80000003
Posun chyby: 0x000000000004c478
ID chybujícího procesu: 0xf40
Čas spuštění chybující aplikace: 0x01d6629045a1f727
Cesta k chybující aplikaci: C:\Program Files (x86)\Opera\launcher.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Opera\launcher.exe
ID zprávy: 83ad303a-ce83-11ea-82ff-3464a913c695
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/25/2020 07:29:13 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/24/2020 05:16:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: launcher.exe_Opera Internet Browser, verze: 58.0.3135.118, časové razítko: 0x5c946bd0
Název chybujícího modulu: launcher.exe, verze: 58.0.3135.118, časové razítko: 0x5c946bd0
Kód výjimky: 0x80000003
Posun chyby: 0x000000000004c478
ID chybujícího procesu: 0x1adc
Čas spuštění chybující aplikace: 0x01d661cd75d0d56d
Cesta k chybující aplikaci: C:\Program Files (x86)\Opera\launcher.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Opera\launcher.exe
ID zprávy: b3a5e2d4-cdc0-11ea-82ff-3464a913c695
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/24/2020 10:43:26 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu WmiApRpl v knihovně DLL C:\WINDOWS\system32\wbem\wmiaprpl.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (07/24/2020 10:43:26 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (07/24/2020 05:39:09 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x00000139 (0x0000000000000003, 0xffffd00022f7f6c0, 0xffffd00022f7f618, 0x0000000000000000). Výpis byl uložen do: C:\WINDOWS\Minidump\072420-37140-01.dmp. ID hlášení: 072420-37140-01

Error: (07/24/2020 05:39:08 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (5:37:33, ‎24. ‎7. ‎2020) bylo neočekávané.

Error: (07/24/2020 05:23:43 AM) (Source: DCOM) (EventID: 10005) (User: LENKA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/24/2020 05:23:29 AM) (Source: DCOM) (EventID: 10005) (User: LENKA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (07/24/2020 05:23:29 AM) (Source: DCOM) (EventID: 10005) (User: LENKA)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/24/2020 05:23:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (07/24/2020 05:23:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (07/24/2020 05:23:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Prohledávání počítačů závisí na službě Server, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.


==================== Memory info ===========================

BIOS: AMI 80.02 10/29/2014
Motherboard: Hewlett-Packard 2B35
Processor: AMD A10-7800 Radeon R7, 12 Compute Cores 4C+8G
Percentage of memory in use: 30%
Total physical RAM: 16329.61 MB
Available physical RAM: 11382.18 MB
Total Virtual: 18089.61 MB
Available Virtual: 9921.87 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:915.19 GB) (Free:362.42 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:14.85 GB) (Free:1.89 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{1d319eff-c8a0-4ef3-8aaa-798c3e25e7e1}\ (Windows RE tools ) (Fixed) (Total:1 GB) (Free:0.65 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 723037A7)

Partition: GPT.

==================== End of Addition.txt =======================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  ExportKey: HKLM\SOFTWARE\Policies\Mozilla\Firefox
  ExportKey: HKLM\SOFTWARE\Policies\Google
  Folder: C:\WINDOWS\Minidump
  
  HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\MountPoints2: {1f35bcf3-bc3e-11e9-8282-3464a913c695} - "G:\HiSuiteDownLoader.exe" 
  HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\MountPoints2: {1f35c3d2-bc3e-11e9-8282-3464a913c695} - "G:\HiSuiteDownLoader.exe" 
  HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\MountPoints2: {fb4e5439-d7b6-11e9-8284-3464a913c695} - "G:\HiSuiteDownLoader.exe" 
  Task: {2F0A2893-5E1C-481D-9006-5CC567ABED7D} - System32\Tasks\Driver Booster SkipUAC (Lenka) => C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe [7610128 2019-04-24] (IObit Information Technology -> IObit)
  Task: {36099736-7E2C-491A-A71A-51828D2E1E1E} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\6.4.0\Scheduler.exe [149776 2019-04-23] (IObit Information Technology -> IObit)
  Task: {64635C49-5B0B-4696-AAD4-90B148E634C7} - System32\Tasks\DB Bigupgrade Task ( One Time ) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\BigUpgrade.exe
  Task: {661DD9C4-6C1F-4E31-A7F1-93803B4AE77C} - System32\Tasks\{198F4BA0-1E55-4847-B151-762CF30A07FB} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Lenka\Desktop\sp68476.exe -d C:\Users\Lenka\Desktop
  Task: {89CDCCB2-1599-4E92-BA37-7FC48B398C4E} - System32\Tasks\{F9E483CF-C8B1-411B-A89B-7DC9AA12A082} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Lenka\Desktop\sp70394.exe -d C:\Users\Lenka\Desktop
  Task: {99D1AC3A-D89C-4DC3-A325-D97C65E6C999} - System32\Tasks\{E10836CF-668A-4433-AB06-E0B542A70990} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Lenka\Desktop\sp70441 (1).exe" -d C:\Users\Lenka\Desktop
  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
  S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
  S3 AmUStor; \SystemRoot\system32\drivers\AmUStor.SYS [X]
  U1 avgbdisk; no ImagePath
  2020-07-24 11:40 - 2020-07-24 11:40 - 000000000 ____D C:\rsit
  2020-07-24 11:40 - 2020-07-24 11:40 - 000000000 ____D C:\Program Files\trend micro
  2020-07-24 11:39 - 2020-07-24 11:39 - 001222144 _____ C:\Users\Lenka\Desktop\RSITx64.exe
  2020-07-24 10:32 - 2020-05-20 21:55 - 000002832 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Lenka)
  2019-01-15 20:36 - 2019-01-15 20:36 - 000000000 ___SH () C:\Users\Lenka\AppData\Local\LumaEmu
  CustomCLSID: HKU\S-1-5-21-1753748593-2747000319-1568198-1001_Classes\CLSID\{2E44F2B2-ACC8-80C5-F434-A05EE7047B74}\InprocServer32 -> no filepath
  ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
  HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
  FirewallRules: [{A890B836-1157-447C-8CCD-0EB5B0C64407}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe (IObit Information Technology -> IObit)
  FirewallRules: [{C509DEA6-F437-4DE8-A87E-589BCEDAF6E6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe (IObit Information Technology -> IObit)
  FirewallRules: [{D40A3506-392F-4AC8-93F8-147EFEF6BD1D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe (IObit Information Technology -> IObit)
  FirewallRules: [{343081EE-5198-48AA-A081-3B67831F7485}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe (IObit Information Technology -> IObit)
  FirewallRules: [{5CAD3F0A-EB73-4AFF-9338-7322D2035C9E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe (IObit Information Technology -> IObit)
  FirewallRules: [{D9624F71-DBD1-4607-A41D-7252245ADDD4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe (IObit Information Technology -> IObit)
  
  C:\Program Files\IObit
  C:\Program Files (x86)\IObit
  C:\Program Files\Common Files\IObit
  C:\ProgramData\IObit
  C:\ProgramData\ProductData
  C:\Users\AllUserName\AppData\Local\IObit
  C:\Users\AllUserName\AppData\LocalLow\IObit
  C:\Users\AllUserName\AppData\Roaming\IObit
  C:\Users\AllUserName\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
  C:\Users\AllUserName\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
  C:\Users\Default\AppData\Local\IObit
  C:\Users\Default\AppData\LocalLow\IObit
  C:\Users\Default\AppData\Roaming\IObit
  C:\Users\Public\Desktop\*Driver Booster*
  C:\Users\Public\Desktop\*Advanced SystemCare*
  C:\Windows\IObit
  C:\Windows\Tasks\ImCleanDisabled
  C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 6
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Posílám
Jen se chci zeptat, dočetla jsem se také, že programy IObit jsou svinstvo, takže se ani nedivím, že mi to smázlo Driver Booster akorát teda když budu chtít příp. instalovat jednotlivé ovladače, tak bude asi lepší hledat přímo na stránkách výrobce, že?


Fix result of Farbar Recovery Scan Tool (x64) Version: 26-07-2020
Ran by Lenka (27-07-2020 14:26:17) Run:1
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
ExportKey: HKLM\SOFTWARE\Policies\Mozilla\Firefox
ExportKey: HKLM\SOFTWARE\Policies\Google
Folder: C:\WINDOWS\Minidump

HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\MountPoints2: {1f35bcf3-bc3e-11e9-8282-3464a913c695} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\MountPoints2: {1f35c3d2-bc3e-11e9-8282-3464a913c695} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\...\MountPoints2: {fb4e5439-d7b6-11e9-8284-3464a913c695} - "G:\HiSuiteDownLoader.exe"
Task: {2F0A2893-5E1C-481D-9006-5CC567ABED7D} - System32\Tasks\Driver Booster SkipUAC (Lenka) => C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe [7610128 2019-04-24] (IObit Information Technology -> IObit)
Task: {36099736-7E2C-491A-A71A-51828D2E1E1E} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\6.4.0\Scheduler.exe [149776 2019-04-23] (IObit Information Technology -> IObit)
Task: {64635C49-5B0B-4696-AAD4-90B148E634C7} - System32\Tasks\DB Bigupgrade Task ( One Time ) => C:\Program Files (x86)\IObit\Driver Booster\5.5.1\BigUpgrade.exe
Task: {661DD9C4-6C1F-4E31-A7F1-93803B4AE77C} - System32\Tasks\{198F4BA0-1E55-4847-B151-762CF30A07FB} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Lenka\Desktop\sp68476.exe -d C:\Users\Lenka\Desktop
Task: {89CDCCB2-1599-4E92-BA37-7FC48B398C4E} - System32\Tasks\{F9E483CF-C8B1-411B-A89B-7DC9AA12A082} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Lenka\Desktop\sp70394.exe -d C:\Users\Lenka\Desktop
Task: {99D1AC3A-D89C-4DC3-A325-D97C65E6C999} - System32\Tasks\{E10836CF-668A-4433-AB06-E0B542A70990} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Lenka\Desktop\sp70441 (1).exe" -d C:\Users\Lenka\Desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HPDTDFJS
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
S3 AmUStor; \SystemRoot\system32\drivers\AmUStor.SYS [X]
U1 avgbdisk; no ImagePath
2020-07-24 11:40 - 2020-07-24 11:40 - 000000000 ____D C:\rsit
2020-07-24 11:40 - 2020-07-24 11:40 - 000000000 ____D C:\Program Files\trend micro
2020-07-24 11:39 - 2020-07-24 11:39 - 001222144 _____ C:\Users\Lenka\Desktop\RSITx64.exe
2020-07-24 10:32 - 2020-05-20 21:55 - 000002832 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Lenka)
2019-01-15 20:36 - 2019-01-15 20:36 - 000000000 ___SH () C:\Users\Lenka\AppData\Local\LumaEmu
CustomCLSID: HKU\S-1-5-21-1753748593-2747000319-1568198-1001_Classes\CLSID\{2E44F2B2-ACC8-80C5-F434-A05EE7047B74}\InprocServer32 -> no filepath
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
FirewallRules: [{A890B836-1157-447C-8CCD-0EB5B0C64407}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{C509DEA6-F437-4DE8-A87E-589BCEDAF6E6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DriverBooster.exe (IObit Information Technology -> IObit)
FirewallRules: [{D40A3506-392F-4AC8-93F8-147EFEF6BD1D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{343081EE-5198-48AA-A081-3B67831F7485}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\DBDownloader.exe (IObit Information Technology -> IObit)
FirewallRules: [{5CAD3F0A-EB73-4AFF-9338-7322D2035C9E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe (IObit Information Technology -> IObit)
FirewallRules: [{D9624F71-DBD1-4607-A41D-7252245ADDD4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\6.4.0\AutoUpdate.exe (IObit Information Technology -> IObit)

C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Administrator\AppData\Local\IObit
C:\Users\Default\AppData\Local\IObit
C:\Users\Lenka\AppData\Local\IObit
C:\Users\Public\AppData\Local\IObit
C:\Users\Administrator\AppData\LocalLow\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Lenka\AppData\LocalLow\IObit
C:\Users\Public\AppData\LocalLow\IObit
C:\Users\Administrator\AppData\Roaming\IObit
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Lenka\AppData\Roaming\IObit
C:\Users\Public\AppData\Roaming\IObit
C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Lenka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Public\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Lenka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Public\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Local\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 6
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End

*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 10327
Average :
Sum : 59343465204
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

================== ExportKey: ===================

[HKLM\SOFTWARE\Policies\Mozilla\Firefox]
[HKLM\SOFTWARE\Policies\Mozilla\Firefox\Certificates]
"ImportEnterpriseRoots"="1"

=== End of ExportKey ===
================== ExportKey: ===================

[HKLM\SOFTWARE\Policies\Google]
[HKLM\SOFTWARE\Policies\Google\Chrome]

=== End of ExportKey ===

========================= Folder: C:\WINDOWS\Minidump ========================


====== End of Folder: ======

HKU\S-1-5-21-1753748593-2747000319-1568198-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f35bcf3-bc3e-11e9-8282-3464a913c695} => removed successfully
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f35c3d2-bc3e-11e9-8282-3464a913c695} => removed successfully
HKU\S-1-5-21-1753748593-2747000319-1568198-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fb4e5439-d7b6-11e9-8284-3464a913c695} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F0A2893-5E1C-481D-9006-5CC567ABED7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F0A2893-5E1C-481D-9006-5CC567ABED7D}" => removed successfully
C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Lenka) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Lenka)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{36099736-7E2C-491A-A71A-51828D2E1E1E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36099736-7E2C-491A-A71A-51828D2E1E1E}" => removed successfully
C:\WINDOWS\System32\Tasks\Driver Booster Scheduler => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{64635C49-5B0B-4696-AAD4-90B148E634C7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64635C49-5B0B-4696-AAD4-90B148E634C7}" => removed successfully
C:\WINDOWS\System32\Tasks\DB Bigupgrade Task ( One Time ) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DB Bigupgrade Task ( One Time )" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{661DD9C4-6C1F-4E31-A7F1-93803B4AE77C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{661DD9C4-6C1F-4E31-A7F1-93803B4AE77C}" => removed successfully
C:\WINDOWS\System32\Tasks\{198F4BA0-1E55-4847-B151-762CF30A07FB} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{198F4BA0-1E55-4847-B151-762CF30A07FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89CDCCB2-1599-4E92-BA37-7FC48B398C4E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89CDCCB2-1599-4E92-BA37-7FC48B398C4E}" => removed successfully
C:\WINDOWS\System32\Tasks\{F9E483CF-C8B1-411B-A89B-7DC9AA12A082} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F9E483CF-C8B1-411B-A89B-7DC9AA12A082}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99D1AC3A-D89C-4DC3-A325-D97C65E6C999}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99D1AC3A-D89C-4DC3-A325-D97C65E6C999}" => removed successfully
C:\WINDOWS\System32\Tasks\{E10836CF-668A-4433-AB06-E0B542A70990} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E10836CF-668A-4433-AB06-E0B542A70990}" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL" => removed successfully
HKLM\System\CurrentControlSet\Services\amsdk => removed successfully
amsdk => service removed successfully
HKLM\System\CurrentControlSet\Services\AmUStor => removed successfully
AmUStor => service removed successfully
HKLM\System\CurrentControlSet\Services\avgbdisk => could not remove, key could be protected
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Lenka\Desktop\RSITx64.exe => moved successfully
"C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Lenka)" => not found
C:\Users\Lenka\AppData\Local\LumaEmu => moved successfully
HKU\S-1-5-21-1753748593-2747000319-1568198-1001_Classes\CLSID\{2E44F2B2-ACC8-80C5-F434-A05EE7047B74} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A890B836-1157-447C-8CCD-0EB5B0C64407}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C509DEA6-F437-4DE8-A87E-589BCEDAF6E6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D40A3506-392F-4AC8-93F8-147EFEF6BD1D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{343081EE-5198-48AA-A081-3B67831F7485}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5CAD3F0A-EB73-4AFF-9338-7322D2035C9E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D9624F71-DBD1-4607-A41D-7252245ADDD4}" => removed successfully
"C:\Program Files\IObit" => not found
C:\Program Files (x86)\IObit => moved successfully
"C:\Program Files\Common Files\IObit" => not found
C:\ProgramData\IObit => moved successfully
C:\ProgramData\ProductData => moved successfully
"C:\Users\Administrator\AppData\Local\IObit" => not found
"C:\Users\Default\AppData\Local\IObit" => not found
"C:\Users\Lenka\AppData\Local\IObit" => not found
"C:\Users\Public\AppData\Local\IObit" => not found
"C:\Users\Administrator\AppData\LocalLow\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found
C:\Users\Lenka\AppData\LocalLow\IObit => moved successfully
"C:\Users\Public\AppData\LocalLow\IObit" => not found
"C:\Users\Administrator\AppData\Roaming\IObit" => not found
"C:\Users\Default\AppData\Roaming\IObit" => not found
C:\Users\Lenka\AppData\Roaming\IObit => moved successfully
"C:\Users\Public\AppData\Roaming\IObit" => not found

=========== "C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========


=========== "C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========


=========== "C:\Users\Lenka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Lenka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========


=========== "C:\Users\Public\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Public\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========


=========== "C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========


=========== "C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========


=========== "C:\Users\Lenka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Lenka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========


=========== "C:\Users\Public\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Public\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========

"C:\Users\Default\AppData\Local\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found
"C:\Users\Default\AppData\Roaming\IObit" => not found

=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========

C:\Users\Public\Desktop\Driver Booster 6.lnk => moved successfully

========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========


=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========

C:\Windows\IObit => moved successfully
C:\Windows\Tasks\ImCleanDisabled => moved successfully
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 6 => moved successfully
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 121307491 B
Java, Flash, Steam htmlcache => 365836291 B
Windows/system/drivers => 274 B
Edge => 0 B
Chrome => 196507 B
Firefox => 0 B
Opera => 954039268 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 256 B
LocalService => 256 B
NetworkService => 256 B
Lenka => 684722306 B
Administrator => 684734587 B

RecycleBin => 0 B
EmptyTemp: => 2.6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 27-07-2020 14:31:49)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\avgbdisk => could not remove, key could be protected

==== End of Fixlog 14:32:41 ====

Co sa tyka IObit a ovladacov, tak ano. Programy od IObit (Driver Booster, Advanced SystemCare, atd.) rozhodne neodporucame pouzivat, su to smejdy, ktore mozu poskodit system. Ovladace by sa mali stahovat z webu vyrobcu daneho HW. Ani ine podobne programy na vyhladavanie ovladacov nie su velmi spolahlive.

Plocha ma cca 55 GB, co je prilis vela. Odporucam presunut vsetky subory a zlozky z plochy do dokumentov a na ploche nechat iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Ako to vyzera s PC? Su nejake problemy?

Provedeno, plochu jsem trochu pročistila a roztřídila jednotlivé soubory.
Co se týká pc, tak to vypadá, že vše jede v pořádku. Další BSOD už nebyla, zhoršení taky nepozoruji

Tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"

Tak dodám ještě příp. poslední log:

# DelFix v1.013 - Logfile created 31/07/2020 at 09:48:11
# Updated 17/04/2016 by Xplode
# Username : Lenka - LENKA
# Operating System : Windows 8.1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Lenka\Desktop\adwcleaner_6.044.exe
Deleted : C:\Users\Lenka\Desktop\Fixlog.txt
Deleted : C:\Users\Lenka\Desktop\FRST64.exe
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########

A pokud je to tedy vše, tak mnohokrát děkuji za pomoc a Tvůj čas vážím si toho!

Ano, to by bolo vsetko. Nie je zaco, rad som pomohol