kontrola loga

[vladislav]

Dobrý den.Prosím o kontrolu loga,měl jsem Malvare s koncovkou rezm

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:28:41, on 24.01.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HooTech\NetMeter\HooNetMeter.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
D:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
D:\PROGRAMY\hijackthis\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13554
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\88.0.705.50\BHO\ie_to_edge_bho.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrotherSoftwareUpdateNotification] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun
O4 - HKLM\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PDFProHook] "C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\vava\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [NetMeter] C:\Program Files (x86)\HooTech\NetMeter\HooNetMeter.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\vava\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\vava\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Služba Avast Browser Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
O23 - Service: Služba Avast Browser Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7480.89\elevation_service.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_5d0e65b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11098 bytes
Předem děkuji

[Diallix]

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

[vladislav]

Dobrý den

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-25-2021
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 43
# Failed: 3


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\Microleaves
Deleted C:\Users\vava\AppData\Roaming\Microleaves
Deleted C:\Users\vava\AppData\Roaming\Seznam.cz
Deleted C:\Users\vava\AppData\Roaming\WinThruster
Deleted C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}

***** [ Files ] *****

Deleted C:\Users\vava\appdata\local\installationconfiguration.xml
Deleted C:\Windows\Installer\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\UPDATER_ONLINE_APPLICATION
Deleted C:\Windows\Tasks\ONLINE APPLICATION V2G5.JOB
Deleted C:\Windows\Tasks\ONLINE APPLICATION V2G6.JOB
Deleted C:\Windows\Tasks\UPDATER_ONLINE_APPLICATION.JOB

***** [ Registry ] *****

Deleted HKCU\Software\FastDataX
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|SysHelper
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\MICROSOFT\Speedycar
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04CE3B17-511D-4225-BF7F-477DB37B25DC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04CE3B17-511D-4225-BF7F-477DB37B25DC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater_Online_Application
Deleted HKLM\Software\Classes\Installer\Features\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Classes\Installer\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\MICROSOFT\TechnologyDesktopnew
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Multitimer
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\436F6625D7B77354DBCD89DDC6CFAB1A
Deleted HKLM\Software\Wow6432Node\Microleaves
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}
Deleted HKU\.DEFAULT\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}
Deleted HKU\S-1-5-18\Software\Caphyon\Advanced Updater\{F039D4A9-14D3-4425-A4FA-F2F9D5B0E014}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Conduit
Deleted Web Search
Deleted istartpageing
Deleted omniboxes
Deleted so-v
Deleted yoursearching
Not Deleted Web Search
Not Deleted WebSearch
Not Deleted yoursearching

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5413 octets] - [25/01/2021 10:33:22]
AdwCleaner[C00].txt - [4745 octets] - [25/01/2021 10:34:59]
AdwCleaner[S01].txt - [1886 octets] - [25/01/2021 10:39:02]
AdwCleaner[S02].txt - [1947 octets] - [25/01/2021 10:42:38]
AdwCleaner[S03].txt - [5605 octets] - [25/01/2021 10:47:22]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

[Diallix]

Dobre, poprosim o nove logy FRST + ADDITION.

[vladislav]

dobrý den

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-01-2021 01
Ran by vava (administrator) on DESKTOP-5OK8UPN (Gigabyte Technology Co., Ltd. Z97-D3H) (25-01-2021 13:51:23)
Running from D:\PROGRAMY\hijackthis
Loaded Profiles: vava
Platform: Windows 10 Pro Version 2004 19041.746 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) [File not signed] C:\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <28>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Hoo Technologies) [File not signed] C:\Program Files (x86)\HooTech\NetMeter\HooNetMeter.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\vava\Desktop\adwcleaner_8.0.9.1.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8844032 2016-01-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\Run: [NetMeter] => C:\Program Files (x86)\HooTech\NetMeter\HooNetMeter.exe [577536 2008-12-05] (Hoo Technologies) [File not signed]
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-07] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7480.89\Installer\chrmstp.exe [2021-01-15] (Avast Software s.r.o. -> AVAST Software)
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CA5736B-BDD8-4BF3-92C2-3CB18D36AAB2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {16DE353E-570F-4D42-A46D-F07D12A6FFE1} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1124536 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {36EF4174-9057-4D28-9DE6-5C7CE500CAD1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe)
Task: {380A9833-F6B7-45EE-B37E-0C8E7F3405B6} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [File not signed]
Task: {38552733-E033-4F89-907A-490FF67FBB57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-17] (Google Inc -> Google Inc.)
Task: {48270D34-D2A3-40E0-980B-ED395D6CF8CE} - System32\Tasks\cbwSdEhCHyLotqt2 => rundll32 "C:\Program Files (x86)\bpqCwveWU\IQGRpM.dll",#1
Task: {4CF24B6D-C65C-455E-8FF9-3A02DDF9F63B} - System32\Tasks\ZEQDPgDwyytDid => rundll32 "C:\Program Files (x86)\bPAQiPskLZjU2\EIWQkGpRCpdMD.dll",#1
Task: {54DCFD65-BA2E-41EA-94DF-688F09678B60} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2175216 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {5C4434B3-6DD5-421C-848B-488487C5452A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5FCA14DE-0CC6-4401-8212-9F735058AF01} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {70045ADC-D80A-4644-BAC6-DA0FDB632392} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-14] (Avast Software s.r.o. -> AVAST Software)
Task: {792B3E87-16FC-432E-AAEF-F8B920D8E87B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7CF84D75-4C7A-4896-BB1D-97F419A20F18} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [File not signed]
Task: {83C449C9-3548-4F60-9CF2-5CCD0484FAF8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-14] (Avast Software s.r.o. -> AVAST Software)
Task: {A5E502DF-A2AC-4D12-91AC-C3778DD4195C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-17] (Google Inc -> Google Inc.)
Task: {A6B20565-F2C7-4593-BA69-5B03250CF2D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {A7261761-88FB-4FC0-802F-C49B0D80EFDF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {B4ECE2F4-2473-4989-B411-3E3916C3E8BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {C85569B7-C855-48F5-8EC3-ADB3AB53FD18} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2175216 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {CA68AAF7-4E8E-42C7-84D4-E45F0C454D69} - System32\Tasks\twtIFBDYSoFxflLUA2 => rundll32 "C:\Program Files (x86)\ClkZTLBoMDdHOlUIAmR\GfnEmnc.dll",#1
Task: {F1023799-1BBC-42F6-89AC-26EF0D79826E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-16] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{543d8a16-e5e7-4b9d-8576-7b388f3f553f}: [DhcpNameServer] 192.168.0.1

Edge:
=======
DownloadDir: C:\Users\vava\Downloads
Edge Notifications: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> hxxps://www.tipsport.cz
Edge DefaultProfile: Default
Edge Profile: C:\Users\vava\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-25]
Edge DownloadDir: C:\Users\vava\Downloads
Edge Notifications: Default -> hxxps://www.tipsport.cz

FireFox:
========
FF DefaultProfile: 25n1z54v.default
FF ProfilePath: C:\Users\vava\AppData\Roaming\Mozilla\Firefox\Profiles\25n1z54v.default [2021-01-25]
FF Homepage: Mozilla\Firefox\Profiles\25n1z54v.default -> hxxps://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\25n1z54v.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\25n1z54v.default -> hxxps://mail-notification.info
FF NewTabOverride: Mozilla\Firefox\Profiles\25n1z54v.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\vava\AppData\Roaming\Mozilla\Firefox\Profiles\25n1z54v.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-12-05]
FF Extension: (Text Link) - C:\Users\vava\AppData\Roaming\Mozilla\Firefox\Profiles\25n1z54v.default\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2019-02-16]
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{6806B761-A8BB-4E3A-A923-80C21E1046AF}.xpi [2020-03-03] [not signed]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2011-05-17] (Google) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-14] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-14] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default [2021-01-22]
CHR Extension: (Prezentace) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-20]
CHR Extension: (Dokumenty) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-20]
CHR Extension: (Disk Google) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-02-20]
CHR Extension: (YouTube) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-20]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-02-20]
CHR Extension: (Tabulky) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-20]
CHR Extension: (Avast Online Security) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-20]
CHR Extension: (Adblocker for Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-20]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-02-20]
CHR Extension: (Gmail) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-02-20]
CHR Extension: (Chrome Media Router) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-20]
CHR Profile: C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-01-25]
CHR DownloadDir: D:\hry
CHR Notifications: Profile 2 -> hxxps://best.aliexpress.com; hxxps://chairgaubsy.com; hxxps://cz.pinterest.com; hxxps://dailyreportfeed.com; hxxps://dfiles.eu; hxxps://download-alert.com; hxxps://emefka.sk; hxxps://fastshare.cz; hxxps://flake.creditcable.info; hxxps://footballmanagerstory.com; hxxps://ibb.co; hxxps://install.utilitooltech.com; hxxps://live-stream365.com; hxxps://mail-notification.info; hxxps://news-jupiter.com; hxxps://notification-time.com; hxxps://postovnezdarma.cz; hxxps://pushisback.com; hxxps://sdilej.cz; hxxps://sortitoutsi.net; hxxps://specialthankselsa.com; hxxps://trustcontent.rest; hxxps://uniquecaptcha.com; hxxps://www.bankovnikod.cz; hxxps://www.booktook.cz; hxxps://www.facebook.com; hxxps://www.fmscout.com; hxxps://www.gamesradar.com; hxxps://www.gogy.com; hxxps://www.kupi.cz; hxxps://www.mall.cz; hxxps://www.onlinevideoconverter.com; hxxps://www.pcgamer.com; hxxps://www.tipsport.cz; hxxps://www.wish.com; hxxps://www.youtube.com; hxxps://www1.news-back.com; hxxps://zivot.org
CHR HomePage: Profile 2 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 2 -> "hxxps://www.seznam.cz/#nastavit-jako-domovskou- ... seznam.cz/"
CHR DefaultSearchURL: Profile 2 -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> seznam.cz
CHR DefaultSuggestURL: Profile 2 -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Prezentace) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-17]
CHR Extension: (Dokumenty) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-17]
CHR Extension: (Disk Google) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Sign Language...On the Go!) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bbnelcpofncjheaoglabgaegepbfioje [2018-12-17]
CHR Extension: (World Map) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\biabadelbimllanaekjkipoflfdpihba [2018-12-17]
CHR Extension: (YouTube) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-17]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-15]
CHR Extension: (YouTube Music) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2020-10-07]
CHR Extension: (Tabulky) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-17]
CHR Extension: (TimeMaps: World History Atlas) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gcknipbpempcbnncdekkeimmpjggfaem [2018-12-17]
CHR Extension: (ČSFD Vyhledávač) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gefccnegpdaefgnnfpdlhchpkolpgjbi [2018-12-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-12]
CHR Extension: (Linkification Chrome) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\haaamfoknimneabkapikpoccmfekkidj [2018-12-29]
CHR Extension: (AirDroid) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2018-12-17]
CHR Extension: (Adblocker pro Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (The Weather Channel for Chrome) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2018-12-17]
CHR Extension: (Text to PDF Instant Converter) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kcfoblhpibkgaolddkdakldhfpjfjgod [2018-12-17]
CHR Extension: (Mapy Google) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-12-17]
CHR Extension: (3D Solar System Web) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2018-12-17]
CHR Extension: (Clickable Links) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mgamelhnfokapndfdodnmfiningckjia [2018-12-29]
CHR Extension: (Map of the Earth) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ncekdeccakacjplanbmoofohobljbkad [2020-03-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Televize Online) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2018-12-17]
CHR Extension: (Gmail) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-10]
CHR Profile: C:\Users\vava\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-22]
CHR Extension: (Adblocker for Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-14] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-14] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7480.89\elevation_service.exe [1409224 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3729512 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> )
S2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-08-09] (Microsoft) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-08-09] (Microsoft) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [47560 2018-09-19] (FinalWire Kft. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-12-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-12-17] (Disc Soft Ltd -> Disc Soft Ltd)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-25 13:51 - 2021-01-25 13:51 - 000000000 ____D C:\FRST
2021-01-25 10:29 - 2021-01-25 10:27 - 008457584 _____ (Malwarebytes) C:\Users\vava\Desktop\adwcleaner_8.0.9.1.exe
2021-01-25 10:28 - 2021-01-25 10:34 - 000000000 ____D C:\AdwCleaner
2021-01-25 09:27 - 2021-01-25 09:28 - 2725138885 _____ C:\Users\vava\Downloads\Megapack TCM21.rar
2021-01-24 17:21 - 2021-01-24 17:21 - 000000036 _____ C:\Users\vava\AppData\LocalLow\.bidstack-device-id
2021-01-24 16:00 - 2021-01-24 16:00 - 000846468 _____ C:\WINDOWS\Minidump\012421-7578-01.dmp
2021-01-24 11:32 - 2021-01-24 11:32 - 000000000 ____D C:\Users\vava\AppData\Roaming\PDM
2021-01-23 10:28 - 2021-01-23 10:28 - 000002288 _____ C:\Users\vava\Documents\cc_20210123_102822.reg
2021-01-22 11:34 - 2021-01-22 11:34 - 000000000 ____D C:\Users\vava\Documents\Sports Interactive
2021-01-22 11:34 - 2021-01-22 11:34 - 000000000 ____D C:\Users\vava\AppData\Local\Sports Interactive
2021-01-22 11:34 - 2021-01-22 11:34 - 000000000 ____D C:\Users\Public\Documents\Sports Interactive
2021-01-22 11:26 - 2021-01-22 11:26 - 000000223 _____ C:\Users\vava\Desktop\Football Manager 2021.url
2021-01-22 09:17 - 2021-01-22 09:17 - 000001047 _____ C:\Users\vava\Desktop\IrfanView 64.lnk
2021-01-22 08:37 - 2021-01-22 08:37 - 000000000 ____D C:\Program Files (x86)\WinRAR
2021-01-22 08:36 - 2021-01-22 08:36 - 000000000 ____D C:\Program Files (x86)\IrfanView
2021-01-22 08:35 - 2021-01-22 08:35 - 000150600 _____ C:\Users\vava\Documents\cc_20210122_083511.reg
2021-01-19 17:47 - 2021-01-19 17:47 - 000001838 _____ C:\Users\Public\Desktop\Palm Reader.lnk
2021-01-19 17:47 - 2021-01-19 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Palm
2021-01-19 17:47 - 2021-01-19 17:47 - 000000000 ____D C:\Program Files (x86)\Palm
2021-01-19 16:32 - 2021-01-19 16:32 - 000004608 _____ C:\Users\vava\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-01-19 16:00 - 2021-01-19 16:00 - 000001183 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2021-01-19 16:00 - 2021-01-19 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2021-01-15 09:15 - 2021-01-15 09:15 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 09:15 - 2021-01-15 09:15 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 09:15 - 2021-01-15 09:15 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 09:15 - 2021-01-15 09:15 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 09:15 - 2021-01-15 09:15 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 09:15 - 2021-01-15 09:15 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 09:15 - 2021-01-15 09:15 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 09:15 - 2021-01-15 09:15 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 09:15 - 2021-01-15 09:15 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 09:15 - 2021-01-15 09:15 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 09:15 - 2021-01-15 09:15 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 09:15 - 2021-01-15 09:15 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 09:15 - 2021-01-15 09:15 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 09:15 - 2021-01-15 09:15 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 09:15 - 2021-01-15 09:15 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-15 09:14 - 2021-01-15 09:14 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 09:14 - 2021-01-15 09:14 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-15 09:14 - 2021-01-15 09:14 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-15 09:13 - 2021-01-15 09:13 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 09:13 - 2021-01-15 09:13 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-15 09:13 - 2021-01-15 09:13 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 09:13 - 2021-01-15 09:13 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-15 09:13 - 2021-01-15 09:13 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 09:13 - 2021-01-15 09:13 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 09:13 - 2021-01-15 09:13 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 09:13 - 2021-01-15 09:13 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-09 08:48 - 2020-10-29 13:33 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-09 08:48 - 2020-10-29 13:33 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-09 08:48 - 2020-10-29 13:33 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-09 08:48 - 2020-10-29 13:33 - 001085360 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 001085360 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 064809072 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 053684848 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 004630640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 004141168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 001774192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000760432 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000496752 _____ C:\WINDOWS\system32\GameManager64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000493168 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000456304 _____ C:\WINDOWS\system32\atieah64.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000432752 _____ C:\WINDOWS\system32\EEURestart.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000380016 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000351856 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000339568 _____ C:\WINDOWS\system32\clinfo.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000182392 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000158656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000135792 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000134768 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000125552 _____ C:\WINDOWS\system32\atidxx64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000120432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000107632 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000090736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000075376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 071030384 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 001686016 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 001365368 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000546800 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000489584 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000466544 _____ C:\WINDOWS\system32\amdlogum.exe
2021-01-09 08:48 - 2020-10-29 13:31 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000380016 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000167400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-01-09 08:48 - 2020-10-29 12:28 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-01-09 08:48 - 2020-10-29 12:28 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-01-09 08:48 - 2020-10-29 12:28 - 000544256 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-01-09 08:48 - 2020-10-29 12:28 - 000544256 _____ C:\WINDOWS\system32\atiapfxx.blb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-25 13:43 - 2020-11-24 20:15 - 000003124 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-01-25 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-25 13:43 - 2018-12-17 13:34 - 000000000 ____D C:\Program Files\CCleaner
2021-01-25 13:43 - 2018-12-17 13:12 - 000000000 ____D C:\Users\vava\AppData\Local\D3DSCache
2021-01-25 12:51 - 2020-11-30 08:16 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c295f012e0b9
2021-01-25 12:51 - 2020-11-24 20:15 - 000003788 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-01-25 12:51 - 2020-11-24 20:15 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-25 12:51 - 2020-11-24 20:15 - 000003488 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2021-01-25 12:51 - 2020-11-24 20:15 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-01-25 12:51 - 2020-11-24 20:15 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-25 12:51 - 2020-11-24 20:15 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-25 12:51 - 2020-11-24 20:15 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-25 12:51 - 2020-11-24 20:15 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-25 12:51 - 2020-11-24 20:15 - 000002940 _____ C:\WINDOWS\system32\Tasks\ZEQDPgDwyytDid
2021-01-25 12:51 - 2020-11-24 20:15 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2407068654-2776695394-1459206416-1001
2021-01-25 12:51 - 2020-11-24 20:15 - 000002730 _____ C:\WINDOWS\system32\Tasks\twtIFBDYSoFxflLUA2
2021-01-25 12:51 - 2020-11-24 20:15 - 000002704 _____ C:\WINDOWS\system32\Tasks\cbwSdEhCHyLotqt2
2021-01-25 12:51 - 2020-11-24 20:15 - 000002636 _____ C:\WINDOWS\system32\Tasks\AMD ThankingURL
2021-01-25 12:51 - 2020-11-24 20:15 - 000002392 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-01-25 12:51 - 2020-11-24 20:15 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-25 12:51 - 2020-11-24 20:15 - 000002146 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-01-25 12:51 - 2020-11-24 20:15 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-01-25 11:57 - 2020-11-24 20:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-01-25 10:56 - 2020-11-24 20:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-25 10:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-25 10:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-25 10:51 - 2018-12-17 15:51 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-25 10:42 - 2020-11-24 20:18 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-25 10:42 - 2019-12-07 15:43 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-25 10:42 - 2019-12-07 15:43 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-25 10:42 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-25 10:36 - 2020-11-24 20:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-25 10:36 - 2020-11-24 20:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-25 10:36 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-25 10:36 - 2018-12-17 12:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-25 10:36 - 2018-12-17 12:44 - 000000000 __SHD C:\Users\vava\IntelGraphicsProfiles
2021-01-25 10:36 - 2018-12-17 12:35 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-01-25 08:24 - 2020-10-03 08:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-24 16:00 - 2020-11-28 17:36 - 000000000 ____D C:\WINDOWS\Minidump
2021-01-24 15:13 - 2019-01-08 08:40 - 000000000 ____D C:\Users\vava\AppData\Local\CrashDumps
2021-01-24 12:54 - 2020-11-24 20:10 - 000000000 ____D C:\Users\vava
2021-01-24 10:27 - 2018-12-17 12:30 - 000000000 ____D C:\Users\vava\AppData\Local\VirtualStore
2021-01-23 15:26 - 2020-11-24 20:15 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-01-23 12:19 - 2018-12-17 13:10 - 000000000 ____D C:\Users\vava\AppData\Roaming\vlc
2021-01-23 10:29 - 2018-12-17 15:57 - 000000000 ____D C:\Users\vava\AppData\Local\AVAST Software
2021-01-23 10:29 - 2018-12-17 12:54 - 000000000 ____D C:\Users\vava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-23 10:29 - 2018-12-17 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-23 10:29 - 2018-12-17 12:54 - 000000000 ____D C:\Program Files\WinRAR
2021-01-23 10:25 - 2019-02-12 13:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-23 10:25 - 2019-02-12 13:18 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-23 08:28 - 2020-06-07 09:41 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-23 08:28 - 2020-06-07 09:41 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-22 09:22 - 2018-12-17 13:11 - 000000000 ____D C:\Users\vava\AppData\Roaming\MPC-HC
2021-01-22 09:17 - 2020-03-03 12:21 - 000001921 _____ C:\Users\vava\Desktop\IrfanView 64 Thumbnails.lnk
2021-01-22 08:38 - 2018-12-18 18:23 - 000165032 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-01-22 08:38 - 2018-12-18 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-01-22 08:38 - 2018-12-18 18:23 - 000000000 ____D C:\Program Files (x86)\Java
2021-01-22 08:36 - 2018-12-18 18:15 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-01-22 08:36 - 2018-12-18 18:15 - 000001080 _____ C:\Users\Public\Desktop\Audacity.lnk
2021-01-22 08:36 - 2018-12-18 18:15 - 000000000 ____D C:\Program Files (x86)\Audacity
2021-01-22 08:36 - 2018-12-17 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-01-22 08:34 - 2018-12-17 12:30 - 000000000 ____D C:\Users\vava\AppData\Local\Packages
2021-01-22 08:31 - 2020-11-24 11:28 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-22 08:31 - 2018-12-17 13:44 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-19 17:47 - 2018-12-17 12:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-19 17:42 - 2018-12-17 13:21 - 000000000 ____D C:\Users\vava\AppData\Roaming\AIMP
2021-01-19 16:00 - 2018-12-17 12:44 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-19 16:00 - 2018-12-17 12:43 - 000000000 ____D C:\Users\vava\AppData\Local\Google
2021-01-18 11:53 - 2020-07-24 14:35 - 000000081 _____ C:\Users\vava\AppData\Local\.bidstack.fault
2021-01-17 13:17 - 2020-11-24 20:15 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-01-15 12:43 - 2020-11-24 20:09 - 000459400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-15 12:42 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 12:42 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-15 12:42 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-15 09:20 - 2018-12-17 15:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 09:17 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-15 09:17 - 2018-12-17 15:46 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-15 09:13 - 2020-11-24 20:10 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-15 09:09 - 2020-10-14 14:48 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-01-15 09:09 - 2020-10-14 14:48 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-01-09 12:18 - 2019-02-12 13:18 - 000000000 ____D C:\Users\vava\AppData\LocalLow\Mozilla
2021-01-09 12:18 - 2019-02-12 13:18 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-09 12:17 - 2019-02-12 13:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-08 12:14 - 2018-12-17 15:53 - 000468888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-01-07 16:14 - 2020-12-16 16:10 - 000214808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-01-07 14:45 - 2018-12-17 12:44 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-07 12:14 - 2018-12-17 15:53 - 000324904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys

==================== Files in the root of some directories ========

2020-03-03 08:03 - 2020-03-03 08:03 - 000000000 _____ () C:\Users\vava\iqfjwudd.exe
2020-03-03 08:02 - 2020-03-03 08:02 - 000000000 _____ () C:\Users\vava\vmuscxes.exe
2020-07-24 14:35 - 2021-01-18 11:53 - 000000081 _____ () C:\Users\vava\AppData\Local\.bidstack.fault
2020-03-03 08:03 - 2020-03-03 08:03 - 000000557 _____ () C:\Users\vava\AppData\Local\bowsakkdestx.txt
2021-01-19 16:32 - 2021-01-19 16:32 - 000004608 _____ () C:\Users\vava\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-03 08:01 - 2020-03-03 08:01 - 000142336 _____ () C:\Users\vava\AppData\Local\installer.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021 01
Ran by vava (25-01-2021 13:53:22)
Running from D:\PROGRAMY\hijackthis
Windows 10 Pro Version 2004 19041.746 (X64) (2020-11-24 19:15:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2407068654-2776695394-1459206416-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2407068654-2776695394-1459206416-503 - Limited - Disabled)
Guest (S-1-5-21-2407068654-2776695394-1459206416-501 - Limited - Disabled)
vava (S-1-5-21-2407068654-2776695394-1459206416-1001 - Administrator - Enabled) => C:\Users\vava
WDAGUtilityAccount (S-1-5-21-2407068654-2776695394-1459206416-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
AIDA64 Extreme v5.98 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.98 - FinalWire Ltd.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.4.2 - Advanced Micro Devices, Inc.)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 87.0.7480.89 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{569f9640-fd0a-4a52-97f2-11277f65a3f0}) (Version: 4.4.0.33 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{FE65E525-8FCA-43BE-8D7F-0C4665FAE1A5}) (Version: 4.4.0.33 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{42B7DE8A-B2BF-41E3-9F0C-F3C10DAB9189}) (Version: 1.0.5.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{DFDF4BFA-1551-47EC-93BF-EBC1C305CD47}) (Version: 1.6.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{49F15DD6-D83B-4756-BB57-66E00570C186}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0650 - Disc Soft Ltd)
Google Earth (HKLM-x32\...\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}) (Version: 6.0.3.2197 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.1.1.500 - Huawei Technologies Co., Ltd.)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
IrfanView 4.57 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.57 - Irfan Skiljan)
IrfanView 4.57 (64-bit) (HKLM\...\IrfanView64) (Version: 4.57 - Irfan Skiljan)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kodi (HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\Kodi) (Version: - XBMC Foundation)
Kodi verze 1.5 (HKLM-x32\...\Kodi_is1) (Version: 1.5 - )
LibreOffice 6.3.3.2 (HKLM\...\{4DACF7A7-C851-4943-A63D-3CAE495C48E0}) (Version: 6.3.3.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
Net Meter 3.6 build 437 (HKLM-x32\...\Net Meter) (Version: 3.6 build 437 - Hoo Technologies)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{24510774-4424-46C2-8FB7-5DE0C945ED2B}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{D8151965-282B-4EB6-A3F1-68AB555D8423}) (Version: 7.20.3230 - Nuance Communications, Inc.)
Palm Reader (HKLM-x32\...\{ED8BB1CA-535A-408D-85C9-ED1986D2B85E}) (Version: - )
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: - Jan Fiala)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 beta 15 - Ghisler Software GmbH)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 6.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
yBook (HKLM-x32\...\yBook_is1) (Version: - Spacejock Software)

Packages:
=========
AIMP -> C:\Program Files\WindowsApps\25018ArtemIzmaylov.AIMP_4.60.2175.0_x86__4hdg3aaevdv22 [2020-03-08] (Artem Izmaylov)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.50.3.0_x86__kgqvnymyfvs32 [2021-01-22] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1940.2.0_x86__kgqvnymyfvs32 [2021-01-25] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-19] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-06] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-17] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.24.1.0_x64__nfy108tqq3p12 [2021-01-18] (Thumbmunkeys Ltd)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-12-17] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [PSPad] -> {8903F6C9-25E3-40AC-A98F-E6D35CD0469C} => C:\Program Files (x86)\PSPad editor\PSPadShell.dll [2008-03-30] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-12-17] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter64.acm [2231296 2013-04-05] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [1679360 2013-04-05] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\vava\Desktop\YouTube Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\vava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\vava\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

2020-03-02 17:11 - 2020-03-02 17:11 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-11-19 15:03 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2012-12-05 12:29 - 2012-12-05 12:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2012-12-05 12:29 - 2012-12-05 12:29 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2019-11-19 15:03 - 2016-11-01 11:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2018-12-17 12:54 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-04-21 15:43 - 2020-04-21 15:43 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-04-21 15:43 - 2020-04-21 15:43 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {09A1DFD4-E0C1-4656-8FB0-D97DAD9C4DF9} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {0CAEDC08-FE59-4ECD-B279-D3537DB95D29} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {38668015-7280-4D94-A06D-114AE6B305CE} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {3A61144E-4F09-4C23-B95E-0E3FD852EB30} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {688CCA7C-8592-4C44-A998-9D3D7A7CB63C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {AFD86EDA-DBC2-4741-A9CA-015E1F8AD9B7} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {B085F588-4DF4-492D-AD06-1C5AA328F546} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {B17FE663-364F-4810-B092-186588B33184} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {F4D2D9DE-1A01-487C-BD55-8E241200FBC6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13554
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2019-01-04 12:28 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\Control Panel\Desktop\\Wallpaper -> D:\obrázky\obrázky\2775967_.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "4163644"
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "6048195"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{B5E6FD35-4903-4CCA-871A-0C6E3D351F26}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe
FirewallRules: [TCP Query User{0BDF0992-3B26-4657-9BF9-6320AADF95C0}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe
FirewallRules: [UDP Query User{A2AD8A50-86D6-4B7B-9E48-C517BA9F9CD8}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe (Google) [File not signed]
FirewallRules: [TCP Query User{546069E1-E117-486D-A798-0B8D647E34EE}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe (Google) [File not signed]
FirewallRules: [UDP Query User{2DA8EDDC-CA9F-45E5-99D9-2CC99C2EE432}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [TCP Query User{C54F05B9-0A92-43C8-973A-1089C9CC6841}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{3FDDC596-73C8-414D-8D7D-A80D83A7C757}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{50CCB4AF-2D29-461C-8A7B-F267AF129219}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{DE9933B1-0128-4073-836A-FF53FDC4ADED}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{329A27DD-FA6D-4C74-B1C9-CDCB58033444}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BFEE07AF-F259-433C-97F4-467408E2D6C9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CAACD99A-C4ED-41B5-ADC0-4B4C3F518D3F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0BA88BA1-1C04-4998-89C6-9E2CD8C75E21}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{02649126-4EBC-43DA-A837-C44249945136}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{92525C9E-72D3-44D4-9FC6-A17C14781C84}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EB6982F8-9EB1-4414-8CB7-5BD43172170A}] => (Allow) LPort=54925
FirewallRules: [{EE876AEF-D91A-4FFD-BB82-C00BDEAB6340}] => (Allow) LPort=54950
FirewallRules: [{8FC30779-0841-4B6B-A08B-76CBE7B84DB8}] => (Allow) LPort=54955
FirewallRules: [{3690CDC6-31A0-4FA2-BF19-44704A436448}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{619F4222-4838-4F85-A299-7E6C09849B8E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{60B1D6A8-31C1-4990-98A9-6B8938344527}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C1984D1B-36A7-4BF0-8736-0AB5CF21A014}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4E809655-7876-4F52-90B6-3F77397AB408}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BAA8C41C-1F19-40AD-926C-A3B92790FFE9}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8A3DA0A2-EFE9-4CC8-BAAC-BDE1558715BA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{76F5EB79-A159-4A21-908D-9891094E2D2E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:45.46 GB) (41%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.0.103

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: fe80::8c5adb2e:3a83%7

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Hodnota nemůže být NULL.
Název parametru: ipString


System errors:
=============
Error: (01/25/2021 10:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Brother Workflow Application Controller byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Brother USB Application Controller byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDFProFiltSrvPP byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:34:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:34:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDFProFiltSrvPP byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2021-01-25 13:54:36.1200000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:53:40.6360000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:49:47.4980000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:49:39.6940000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:49:39.6910000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:49:39.6900000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:49:39.6900000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:49:37.9540000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F8 04/21/2015
Motherboard: Gigabyte Technology Co., Ltd. Z97-D3H-CF
Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 53%
Total physical RAM: 8042.92 MB
Available physical RAM: 3754.88 MB
Total Virtual: 17258.92 MB
Available Virtual: 10866.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.19 GB) (Free:45.46 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:211.92 GB) NTFS

\\?\Volume{3f3edb5a-b2cd-4bb3-afab-2f34c55af59c}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{400d0d76-c900-4a2f-91df-2ee9c3435d55}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 94D375C0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 12F758A7)

Partition: GPT.

==================== End of Addition.txt =======================

[vladislav]

dobrý den

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-01-2021 01
Ran by vava (administrator) on DESKTOP-5OK8UPN (Gigabyte Technology Co., Ltd. Z97-D3H) (25-01-2021 13:51:23)
Running from D:\PROGRAMY\hijackthis
Loaded Profiles: vava
Platform: Windows 10 Pro Version 2004 19041.746 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) [File not signed] C:\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <28>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Hoo Technologies) [File not signed] C:\Program Files (x86)\HooTech\NetMeter\HooNetMeter.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\vava\Desktop\adwcleaner_8.0.9.1.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8844032 2016-01-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\Run: [NetMeter] => C:\Program Files (x86)\HooTech\NetMeter\HooNetMeter.exe [577536 2008-12-05] (Hoo Technologies) [File not signed]
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-07] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7480.89\Installer\chrmstp.exe [2021-01-15] (Avast Software s.r.o. -> AVAST Software)
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CA5736B-BDD8-4BF3-92C2-3CB18D36AAB2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {16DE353E-570F-4D42-A46D-F07D12A6FFE1} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1124536 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {36EF4174-9057-4D28-9DE6-5C7CE500CAD1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe)
Task: {380A9833-F6B7-45EE-B37E-0C8E7F3405B6} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [File not signed]
Task: {38552733-E033-4F89-907A-490FF67FBB57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-17] (Google Inc -> Google Inc.)
Task: {48270D34-D2A3-40E0-980B-ED395D6CF8CE} - System32\Tasks\cbwSdEhCHyLotqt2 => rundll32 "C:\Program Files (x86)\bpqCwveWU\IQGRpM.dll",#1
Task: {4CF24B6D-C65C-455E-8FF9-3A02DDF9F63B} - System32\Tasks\ZEQDPgDwyytDid => rundll32 "C:\Program Files (x86)\bPAQiPskLZjU2\EIWQkGpRCpdMD.dll",#1
Task: {54DCFD65-BA2E-41EA-94DF-688F09678B60} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2175216 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {5C4434B3-6DD5-421C-848B-488487C5452A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5FCA14DE-0CC6-4401-8212-9F735058AF01} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {70045ADC-D80A-4644-BAC6-DA0FDB632392} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-14] (Avast Software s.r.o. -> AVAST Software)
Task: {792B3E87-16FC-432E-AAEF-F8B920D8E87B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7CF84D75-4C7A-4896-BB1D-97F419A20F18} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [File not signed]
Task: {83C449C9-3548-4F60-9CF2-5CCD0484FAF8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-14] (Avast Software s.r.o. -> AVAST Software)
Task: {A5E502DF-A2AC-4D12-91AC-C3778DD4195C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-17] (Google Inc -> Google Inc.)
Task: {A6B20565-F2C7-4593-BA69-5B03250CF2D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {A7261761-88FB-4FC0-802F-C49B0D80EFDF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {B4ECE2F4-2473-4989-B411-3E3916C3E8BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {C85569B7-C855-48F5-8EC3-ADB3AB53FD18} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2175216 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {CA68AAF7-4E8E-42C7-84D4-E45F0C454D69} - System32\Tasks\twtIFBDYSoFxflLUA2 => rundll32 "C:\Program Files (x86)\ClkZTLBoMDdHOlUIAmR\GfnEmnc.dll",#1
Task: {F1023799-1BBC-42F6-89AC-26EF0D79826E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-16] (Avast Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{543d8a16-e5e7-4b9d-8576-7b388f3f553f}: [DhcpNameServer] 192.168.0.1

Edge:
=======
DownloadDir: C:\Users\vava\Downloads
Edge Notifications: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> hxxps://www.tipsport.cz
Edge DefaultProfile: Default
Edge Profile: C:\Users\vava\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-25]
Edge DownloadDir: C:\Users\vava\Downloads
Edge Notifications: Default -> hxxps://www.tipsport.cz

FireFox:
========
FF DefaultProfile: 25n1z54v.default
FF ProfilePath: C:\Users\vava\AppData\Roaming\Mozilla\Firefox\Profiles\25n1z54v.default [2021-01-25]
FF Homepage: Mozilla\Firefox\Profiles\25n1z54v.default -> hxxps://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\25n1z54v.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\25n1z54v.default -> hxxps://mail-notification.info
FF NewTabOverride: Mozilla\Firefox\Profiles\25n1z54v.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\vava\AppData\Roaming\Mozilla\Firefox\Profiles\25n1z54v.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-12-05]
FF Extension: (Text Link) - C:\Users\vava\AppData\Roaming\Mozilla\Firefox\Profiles\25n1z54v.default\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2019-02-16]
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{6806B761-A8BB-4E3A-A923-80C21E1046AF}.xpi [2020-03-03] [not signed]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2011-05-17] (Google) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-14] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-14] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default [2021-01-22]
CHR Extension: (Prezentace) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-20]
CHR Extension: (Dokumenty) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-20]
CHR Extension: (Disk Google) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-02-20]
CHR Extension: (YouTube) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-20]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-02-20]
CHR Extension: (Tabulky) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-20]
CHR Extension: (Avast Online Security) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-20]
CHR Extension: (Adblocker for Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-20]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-02-20]
CHR Extension: (Gmail) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-02-20]
CHR Extension: (Chrome Media Router) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-20]
CHR Profile: C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-01-25]
CHR DownloadDir: D:\hry
CHR Notifications: Profile 2 -> hxxps://best.aliexpress.com; hxxps://chairgaubsy.com; hxxps://cz.pinterest.com; hxxps://dailyreportfeed.com; hxxps://dfiles.eu; hxxps://download-alert.com; hxxps://emefka.sk; hxxps://fastshare.cz; hxxps://flake.creditcable.info; hxxps://footballmanagerstory.com; hxxps://ibb.co; hxxps://install.utilitooltech.com; hxxps://live-stream365.com; hxxps://mail-notification.info; hxxps://news-jupiter.com; hxxps://notification-time.com; hxxps://postovnezdarma.cz; hxxps://pushisback.com; hxxps://sdilej.cz; hxxps://sortitoutsi.net; hxxps://specialthankselsa.com; hxxps://trustcontent.rest; hxxps://uniquecaptcha.com; hxxps://www.bankovnikod.cz; hxxps://www.booktook.cz; hxxps://www.facebook.com; hxxps://www.fmscout.com; hxxps://www.gamesradar.com; hxxps://www.gogy.com; hxxps://www.kupi.cz; hxxps://www.mall.cz; hxxps://www.onlinevideoconverter.com; hxxps://www.pcgamer.com; hxxps://www.tipsport.cz; hxxps://www.wish.com; hxxps://www.youtube.com; hxxps://www1.news-back.com; hxxps://zivot.org
CHR HomePage: Profile 2 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 2 -> "hxxps://www.seznam.cz/#nastavit-jako-domovskou- ... seznam.cz/"
CHR DefaultSearchURL: Profile 2 -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> seznam.cz
CHR DefaultSuggestURL: Profile 2 -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Prezentace) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-17]
CHR Extension: (Dokumenty) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-17]
CHR Extension: (Disk Google) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Sign Language...On the Go!) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bbnelcpofncjheaoglabgaegepbfioje [2018-12-17]
CHR Extension: (World Map) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\biabadelbimllanaekjkipoflfdpihba [2018-12-17]
CHR Extension: (YouTube) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-17]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-15]
CHR Extension: (YouTube Music) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2020-10-07]
CHR Extension: (Tabulky) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-17]
CHR Extension: (TimeMaps: World History Atlas) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gcknipbpempcbnncdekkeimmpjggfaem [2018-12-17]
CHR Extension: (ČSFD Vyhledávač) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gefccnegpdaefgnnfpdlhchpkolpgjbi [2018-12-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-12]
CHR Extension: (Linkification Chrome) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\haaamfoknimneabkapikpoccmfekkidj [2018-12-29]
CHR Extension: (AirDroid) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2018-12-17]
CHR Extension: (Adblocker pro Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (The Weather Channel for Chrome) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2018-12-17]
CHR Extension: (Text to PDF Instant Converter) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kcfoblhpibkgaolddkdakldhfpjfjgod [2018-12-17]
CHR Extension: (Mapy Google) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-12-17]
CHR Extension: (3D Solar System Web) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2018-12-17]
CHR Extension: (Clickable Links) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mgamelhnfokapndfdodnmfiningckjia [2018-12-29]
CHR Extension: (Map of the Earth) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ncekdeccakacjplanbmoofohobljbkad [2020-03-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Televize Online) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2018-12-17]
CHR Extension: (Gmail) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-10]
CHR Profile: C:\Users\vava\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-22]
CHR Extension: (Adblocker for Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-14] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-14] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7480.89\elevation_service.exe [1409224 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3729512 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> )
S2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-08-09] (Microsoft) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-08-09] (Microsoft) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [47560 2018-09-19] (FinalWire Kft. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-12-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-12-17] (Disc Soft Ltd -> Disc Soft Ltd)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-25 13:51 - 2021-01-25 13:51 - 000000000 ____D C:\FRST
2021-01-25 10:29 - 2021-01-25 10:27 - 008457584 _____ (Malwarebytes) C:\Users\vava\Desktop\adwcleaner_8.0.9.1.exe
2021-01-25 10:28 - 2021-01-25 10:34 - 000000000 ____D C:\AdwCleaner
2021-01-25 09:27 - 2021-01-25 09:28 - 2725138885 _____ C:\Users\vava\Downloads\Megapack TCM21.rar
2021-01-24 17:21 - 2021-01-24 17:21 - 000000036 _____ C:\Users\vava\AppData\LocalLow\.bidstack-device-id
2021-01-24 16:00 - 2021-01-24 16:00 - 000846468 _____ C:\WINDOWS\Minidump\012421-7578-01.dmp
2021-01-24 11:32 - 2021-01-24 11:32 - 000000000 ____D C:\Users\vava\AppData\Roaming\PDM
2021-01-23 10:28 - 2021-01-23 10:28 - 000002288 _____ C:\Users\vava\Documents\cc_20210123_102822.reg
2021-01-22 11:34 - 2021-01-22 11:34 - 000000000 ____D C:\Users\vava\Documents\Sports Interactive
2021-01-22 11:34 - 2021-01-22 11:34 - 000000000 ____D C:\Users\vava\AppData\Local\Sports Interactive
2021-01-22 11:34 - 2021-01-22 11:34 - 000000000 ____D C:\Users\Public\Documents\Sports Interactive
2021-01-22 11:26 - 2021-01-22 11:26 - 000000223 _____ C:\Users\vava\Desktop\Football Manager 2021.url
2021-01-22 09:17 - 2021-01-22 09:17 - 000001047 _____ C:\Users\vava\Desktop\IrfanView 64.lnk
2021-01-22 08:37 - 2021-01-22 08:37 - 000000000 ____D C:\Program Files (x86)\WinRAR
2021-01-22 08:36 - 2021-01-22 08:36 - 000000000 ____D C:\Program Files (x86)\IrfanView
2021-01-22 08:35 - 2021-01-22 08:35 - 000150600 _____ C:\Users\vava\Documents\cc_20210122_083511.reg
2021-01-19 17:47 - 2021-01-19 17:47 - 000001838 _____ C:\Users\Public\Desktop\Palm Reader.lnk
2021-01-19 17:47 - 2021-01-19 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Palm
2021-01-19 17:47 - 2021-01-19 17:47 - 000000000 ____D C:\Program Files (x86)\Palm
2021-01-19 16:32 - 2021-01-19 16:32 - 000004608 _____ C:\Users\vava\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-01-19 16:00 - 2021-01-19 16:00 - 000001183 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2021-01-19 16:00 - 2021-01-19 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2021-01-15 09:15 - 2021-01-15 09:15 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 09:15 - 2021-01-15 09:15 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 09:15 - 2021-01-15 09:15 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 09:15 - 2021-01-15 09:15 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 09:15 - 2021-01-15 09:15 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 09:15 - 2021-01-15 09:15 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 09:15 - 2021-01-15 09:15 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 09:15 - 2021-01-15 09:15 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 09:15 - 2021-01-15 09:15 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 09:15 - 2021-01-15 09:15 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 09:15 - 2021-01-15 09:15 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 09:15 - 2021-01-15 09:15 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 09:15 - 2021-01-15 09:15 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 09:15 - 2021-01-15 09:15 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 09:15 - 2021-01-15 09:15 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-15 09:14 - 2021-01-15 09:14 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 09:14 - 2021-01-15 09:14 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-15 09:14 - 2021-01-15 09:14 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-15 09:13 - 2021-01-15 09:13 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 09:13 - 2021-01-15 09:13 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-15 09:13 - 2021-01-15 09:13 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 09:13 - 2021-01-15 09:13 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-15 09:13 - 2021-01-15 09:13 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 09:13 - 2021-01-15 09:13 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 09:13 - 2021-01-15 09:13 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 09:13 - 2021-01-15 09:13 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-09 08:48 - 2020-10-29 13:33 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-09 08:48 - 2020-10-29 13:33 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-09 08:48 - 2020-10-29 13:33 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-09 08:48 - 2020-10-29 13:33 - 001085360 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 001085360 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 064809072 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 053684848 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 004630640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 004141168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 001774192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000760432 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000496752 _____ C:\WINDOWS\system32\GameManager64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000493168 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000456304 _____ C:\WINDOWS\system32\atieah64.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000432752 _____ C:\WINDOWS\system32\EEURestart.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000380016 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000351856 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000339568 _____ C:\WINDOWS\system32\clinfo.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000182392 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000158656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000135792 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000134768 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000125552 _____ C:\WINDOWS\system32\atidxx64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000120432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000107632 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000090736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000075376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 071030384 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 001686016 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 001365368 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000546800 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000489584 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000466544 _____ C:\WINDOWS\system32\amdlogum.exe
2021-01-09 08:48 - 2020-10-29 13:31 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000380016 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000167400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-01-09 08:48 - 2020-10-29 12:28 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-01-09 08:48 - 2020-10-29 12:28 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-01-09 08:48 - 2020-10-29 12:28 - 000544256 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-01-09 08:48 - 2020-10-29 12:28 - 000544256 _____ C:\WINDOWS\system32\atiapfxx.blb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-25 13:43 - 2020-11-24 20:15 - 000003124 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-01-25 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-25 13:43 - 2018-12-17 13:34 - 000000000 ____D C:\Program Files\CCleaner
2021-01-25 13:43 - 2018-12-17 13:12 - 000000000 ____D C:\Users\vava\AppData\Local\D3DSCache
2021-01-25 12:51 - 2020-11-30 08:16 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c295f012e0b9
2021-01-25 12:51 - 2020-11-24 20:15 - 000003788 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-01-25 12:51 - 2020-11-24 20:15 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-25 12:51 - 2020-11-24 20:15 - 000003488 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2021-01-25 12:51 - 2020-11-24 20:15 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-01-25 12:51 - 2020-11-24 20:15 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-25 12:51 - 2020-11-24 20:15 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-25 12:51 - 2020-11-24 20:15 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-25 12:51 - 2020-11-24 20:15 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-25 12:51 - 2020-11-24 20:15 - 000002940 _____ C:\WINDOWS\system32\Tasks\ZEQDPgDwyytDid
2021-01-25 12:51 - 2020-11-24 20:15 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2407068654-2776695394-1459206416-1001
2021-01-25 12:51 - 2020-11-24 20:15 - 000002730 _____ C:\WINDOWS\system32\Tasks\twtIFBDYSoFxflLUA2
2021-01-25 12:51 - 2020-11-24 20:15 - 000002704 _____ C:\WINDOWS\system32\Tasks\cbwSdEhCHyLotqt2
2021-01-25 12:51 - 2020-11-24 20:15 - 000002636 _____ C:\WINDOWS\system32\Tasks\AMD ThankingURL
2021-01-25 12:51 - 2020-11-24 20:15 - 000002392 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-01-25 12:51 - 2020-11-24 20:15 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-25 12:51 - 2020-11-24 20:15 - 000002146 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-01-25 12:51 - 2020-11-24 20:15 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-01-25 11:57 - 2020-11-24 20:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-01-25 10:56 - 2020-11-24 20:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-25 10:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-25 10:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-25 10:51 - 2018-12-17 15:51 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-25 10:42 - 2020-11-24 20:18 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-25 10:42 - 2019-12-07 15:43 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-25 10:42 - 2019-12-07 15:43 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-25 10:42 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-25 10:36 - 2020-11-24 20:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-25 10:36 - 2020-11-24 20:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-25 10:36 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-25 10:36 - 2018-12-17 12:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-25 10:36 - 2018-12-17 12:44 - 000000000 __SHD C:\Users\vava\IntelGraphicsProfiles
2021-01-25 10:36 - 2018-12-17 12:35 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-01-25 08:24 - 2020-10-03 08:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-24 16:00 - 2020-11-28 17:36 - 000000000 ____D C:\WINDOWS\Minidump
2021-01-24 15:13 - 2019-01-08 08:40 - 000000000 ____D C:\Users\vava\AppData\Local\CrashDumps
2021-01-24 12:54 - 2020-11-24 20:10 - 000000000 ____D C:\Users\vava
2021-01-24 10:27 - 2018-12-17 12:30 - 000000000 ____D C:\Users\vava\AppData\Local\VirtualStore
2021-01-23 15:26 - 2020-11-24 20:15 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-01-23 12:19 - 2018-12-17 13:10 - 000000000 ____D C:\Users\vava\AppData\Roaming\vlc
2021-01-23 10:29 - 2018-12-17 15:57 - 000000000 ____D C:\Users\vava\AppData\Local\AVAST Software
2021-01-23 10:29 - 2018-12-17 12:54 - 000000000 ____D C:\Users\vava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-23 10:29 - 2018-12-17 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-23 10:29 - 2018-12-17 12:54 - 000000000 ____D C:\Program Files\WinRAR
2021-01-23 10:25 - 2019-02-12 13:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-23 10:25 - 2019-02-12 13:18 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-23 08:28 - 2020-06-07 09:41 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-23 08:28 - 2020-06-07 09:41 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-22 09:22 - 2018-12-17 13:11 - 000000000 ____D C:\Users\vava\AppData\Roaming\MPC-HC
2021-01-22 09:17 - 2020-03-03 12:21 - 000001921 _____ C:\Users\vava\Desktop\IrfanView 64 Thumbnails.lnk
2021-01-22 08:38 - 2018-12-18 18:23 - 000165032 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-01-22 08:38 - 2018-12-18 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-01-22 08:38 - 2018-12-18 18:23 - 000000000 ____D C:\Program Files (x86)\Java
2021-01-22 08:36 - 2018-12-18 18:15 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-01-22 08:36 - 2018-12-18 18:15 - 000001080 _____ C:\Users\Public\Desktop\Audacity.lnk
2021-01-22 08:36 - 2018-12-18 18:15 - 000000000 ____D C:\Program Files (x86)\Audacity
2021-01-22 08:36 - 2018-12-17 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-01-22 08:34 - 2018-12-17 12:30 - 000000000 ____D C:\Users\vava\AppData\Local\Packages
2021-01-22 08:31 - 2020-11-24 11:28 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-22 08:31 - 2018-12-17 13:44 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-19 17:47 - 2018-12-17 12:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-19 17:42 - 2018-12-17 13:21 - 000000000 ____D C:\Users\vava\AppData\Roaming\AIMP
2021-01-19 16:00 - 2018-12-17 12:44 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-19 16:00 - 2018-12-17 12:43 - 000000000 ____D C:\Users\vava\AppData\Local\Google
2021-01-18 11:53 - 2020-07-24 14:35 - 000000081 _____ C:\Users\vava\AppData\Local\.bidstack.fault
2021-01-17 13:17 - 2020-11-24 20:15 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-01-15 12:43 - 2020-11-24 20:09 - 000459400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-15 12:42 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 12:42 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-15 12:42 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-15 09:20 - 2018-12-17 15:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 09:17 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-15 09:17 - 2018-12-17 15:46 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-15 09:13 - 2020-11-24 20:10 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-15 09:09 - 2020-10-14 14:48 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-01-15 09:09 - 2020-10-14 14:48 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-01-09 12:18 - 2019-02-12 13:18 - 000000000 ____D C:\Users\vava\AppData\LocalLow\Mozilla
2021-01-09 12:18 - 2019-02-12 13:18 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-09 12:17 - 2019-02-12 13:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-08 12:14 - 2018-12-17 15:53 - 000468888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-01-07 16:14 - 2020-12-16 16:10 - 000214808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-01-07 14:45 - 2018-12-17 12:44 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-07 12:14 - 2018-12-17 15:53 - 000324904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys

==================== Files in the root of some directories ========

2020-03-03 08:03 - 2020-03-03 08:03 - 000000000 _____ () C:\Users\vava\iqfjwudd.exe
2020-03-03 08:02 - 2020-03-03 08:02 - 000000000 _____ () C:\Users\vava\vmuscxes.exe
2020-07-24 14:35 - 2021-01-18 11:53 - 000000081 _____ () C:\Users\vava\AppData\Local\.bidstack.fault
2020-03-03 08:03 - 2020-03-03 08:03 - 000000557 _____ () C:\Users\vava\AppData\Local\bowsakkdestx.txt
2021-01-19 16:32 - 2021-01-19 16:32 - 000004608 _____ () C:\Users\vava\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-03 08:01 - 2020-03-03 08:01 - 000142336 _____ () C:\Users\vava\AppData\Local\installer.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021 01
Ran by vava (25-01-2021 13:53:22)
Running from D:\PROGRAMY\hijackthis
Windows 10 Pro Version 2004 19041.746 (X64) (2020-11-24 19:15:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2407068654-2776695394-1459206416-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2407068654-2776695394-1459206416-503 - Limited - Disabled)
Guest (S-1-5-21-2407068654-2776695394-1459206416-501 - Limited - Disabled)
vava (S-1-5-21-2407068654-2776695394-1459206416-1001 - Administrator - Enabled) => C:\Users\vava
WDAGUtilityAccount (S-1-5-21-2407068654-2776695394-1459206416-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
AIDA64 Extreme v5.98 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.98 - FinalWire Ltd.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.4.2 - Advanced Micro Devices, Inc.)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 87.0.7480.89 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{569f9640-fd0a-4a52-97f2-11277f65a3f0}) (Version: 4.4.0.33 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{FE65E525-8FCA-43BE-8D7F-0C4665FAE1A5}) (Version: 4.4.0.33 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{42B7DE8A-B2BF-41E3-9F0C-F3C10DAB9189}) (Version: 1.0.5.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{DFDF4BFA-1551-47EC-93BF-EBC1C305CD47}) (Version: 1.6.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{49F15DD6-D83B-4756-BB57-66E00570C186}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0650 - Disc Soft Ltd)
Google Earth (HKLM-x32\...\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}) (Version: 6.0.3.2197 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.1.1.500 - Huawei Technologies Co., Ltd.)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
IrfanView 4.57 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.57 - Irfan Skiljan)
IrfanView 4.57 (64-bit) (HKLM\...\IrfanView64) (Version: 4.57 - Irfan Skiljan)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kodi (HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\Kodi) (Version: - XBMC Foundation)
Kodi verze 1.5 (HKLM-x32\...\Kodi_is1) (Version: 1.5 - )
LibreOffice 6.3.3.2 (HKLM\...\{4DACF7A7-C851-4943-A63D-3CAE495C48E0}) (Version: 6.3.3.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
Net Meter 3.6 build 437 (HKLM-x32\...\Net Meter) (Version: 3.6 build 437 - Hoo Technologies)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{24510774-4424-46C2-8FB7-5DE0C945ED2B}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{D8151965-282B-4EB6-A3F1-68AB555D8423}) (Version: 7.20.3230 - Nuance Communications, Inc.)
Palm Reader (HKLM-x32\...\{ED8BB1CA-535A-408D-85C9-ED1986D2B85E}) (Version: - )
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: - Jan Fiala)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 beta 15 - Ghisler Software GmbH)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 6.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
yBook (HKLM-x32\...\yBook_is1) (Version: - Spacejock Software)

Packages:
=========
AIMP -> C:\Program Files\WindowsApps\25018ArtemIzmaylov.AIMP_4.60.2175.0_x86__4hdg3aaevdv22 [2020-03-08] (Artem Izmaylov)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.50.3.0_x86__kgqvnymyfvs32 [2021-01-22] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1940.2.0_x86__kgqvnymyfvs32 [2021-01-25] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-19] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-06] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-17] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.24.1.0_x64__nfy108tqq3p12 [2021-01-18] (Thumbmunkeys Ltd)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-12-17] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [PSPad] -> {8903F6C9-25E3-40AC-A98F-E6D35CD0469C} => C:\Program Files (x86)\PSPad editor\PSPadShell.dll [2008-03-30] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-12-17] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter64.acm [2231296 2013-04-05] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [1679360 2013-04-05] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\vava\Desktop\YouTube Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\vava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\vava\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

2020-03-02 17:11 - 2020-03-02 17:11 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-11-19 15:03 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2012-12-05 12:29 - 2012-12-05 12:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2012-12-05 12:29 - 2012-12-05 12:29 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2019-11-19 15:03 - 2016-11-01 11:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2018-12-17 12:54 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-04-21 15:43 - 2020-04-21 15:43 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-04-21 15:43 - 2020-04-21 15:43 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {09A1DFD4-E0C1-4656-8FB0-D97DAD9C4DF9} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {0CAEDC08-FE59-4ECD-B279-D3537DB95D29} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {38668015-7280-4D94-A06D-114AE6B305CE} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {3A61144E-4F09-4C23-B95E-0E3FD852EB30} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {688CCA7C-8592-4C44-A998-9D3D7A7CB63C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {AFD86EDA-DBC2-4741-A9CA-015E1F8AD9B7} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {B085F588-4DF4-492D-AD06-1C5AA328F546} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {B17FE663-364F-4810-B092-186588B33184} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {F4D2D9DE-1A01-487C-BD55-8E241200FBC6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13554
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2019-01-04 12:28 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\Control Panel\Desktop\\Wallpaper -> D:\obrázky\obrázky\2775967_.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "4163644"
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "6048195"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{B5E6FD35-4903-4CCA-871A-0C6E3D351F26}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe
FirewallRules: [TCP Query User{0BDF0992-3B26-4657-9BF9-6320AADF95C0}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe
FirewallRules: [UDP Query User{A2AD8A50-86D6-4B7B-9E48-C517BA9F9CD8}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe (Google) [File not signed]
FirewallRules: [TCP Query User{546069E1-E117-486D-A798-0B8D647E34EE}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe (Google) [File not signed]
FirewallRules: [UDP Query User{2DA8EDDC-CA9F-45E5-99D9-2CC99C2EE432}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [TCP Query User{C54F05B9-0A92-43C8-973A-1089C9CC6841}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{3FDDC596-73C8-414D-8D7D-A80D83A7C757}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{50CCB4AF-2D29-461C-8A7B-F267AF129219}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{DE9933B1-0128-4073-836A-FF53FDC4ADED}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{329A27DD-FA6D-4C74-B1C9-CDCB58033444}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BFEE07AF-F259-433C-97F4-467408E2D6C9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CAACD99A-C4ED-41B5-ADC0-4B4C3F518D3F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0BA88BA1-1C04-4998-89C6-9E2CD8C75E21}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{02649126-4EBC-43DA-A837-C44249945136}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{92525C9E-72D3-44D4-9FC6-A17C14781C84}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EB6982F8-9EB1-4414-8CB7-5BD43172170A}] => (Allow) LPort=54925
FirewallRules: [{EE876AEF-D91A-4FFD-BB82-C00BDEAB6340}] => (Allow) LPort=54950
FirewallRules: [{8FC30779-0841-4B6B-A08B-76CBE7B84DB8}] => (Allow) LPort=54955
FirewallRules: [{3690CDC6-31A0-4FA2-BF19-44704A436448}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{619F4222-4838-4F85-A299-7E6C09849B8E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{60B1D6A8-31C1-4990-98A9-6B8938344527}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C1984D1B-36A7-4BF0-8736-0AB5CF21A014}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4E809655-7876-4F52-90B6-3F77397AB408}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BAA8C41C-1F19-40AD-926C-A3B92790FFE9}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8A3DA0A2-EFE9-4CC8-BAAC-BDE1558715BA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{76F5EB79-A159-4A21-908D-9891094E2D2E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:45.46 GB) (41%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.0.103

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: fe80::8c5adb2e:3a83%7

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2

Error: (01/25/2021 10:36:56 AM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Hodnota nemůže být NULL.
Název parametru: ipString


System errors:
=============
Error: (01/25/2021 10:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Brother Workflow Application Controller byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Brother USB Application Controller byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDFProFiltSrvPP byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:34:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:34:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDFProFiltSrvPP byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2021-01-25 13:54:36.1200000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:53:40.6360000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:49:47.4980000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:49:39.6940000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:49:39.6910000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:49:39.6900000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:49:39.6900000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 13:49:37.9540000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F8 04/21/2015
Motherboard: Gigabyte Technology Co., Ltd. Z97-D3H-CF
Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 53%
Total physical RAM: 8042.92 MB
Available physical RAM: 3754.88 MB
Total Virtual: 17258.92 MB
Available Virtual: 10866.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.19 GB) (Free:45.46 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:211.92 GB) NTFS

\\?\Volume{3f3edb5a-b2cd-4bb3-afab-2f34c55af59c}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{400d0d76-c900-4a2f-91df-2ee9c3435d55}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 94D375C0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 12F758A7)

Partition: GPT.

==================== End of Addition.txt =======================

[Diallix]

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

C:\Program Files (x86)\bpqCwveW
C:\Program Files (x86)\bPAQiPskLZjU2
C:\Program Files (x86)\ClkZTLBoMDdHOlUIAmR

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {38552733-E033-4F89-907A-490FF67FBB57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-17] (Google Inc -> Google Inc.)
Task: {48270D34-D2A3-40E0-980B-ED395D6CF8CE} - System32\Tasks\cbwSdEhCHyLotqt2 => rundll32 "C:\Program Files (x86)\bpqCwveWU\IQGRpM.dll",#1
Task: {4CF24B6D-C65C-455E-8FF9-3A02DDF9F63B} - System32\Tasks\ZEQDPgDwyytDid => rundll32 "C:\Program Files (x86)\bPAQiPskLZjU2\EIWQkGpRCpdMD.dll",#1
Task: {A5E502DF-A2AC-4D12-91AC-C3778DD4195C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-17] (Google Inc -> Google Inc.)
Task: {A6B20565-F2C7-4593-BA69-5B03250CF2D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {B4ECE2F4-2473-4989-B411-3E3916C3E8BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {CA68AAF7-4E8E-42C7-84D4-E45F0C454D69} - System32\Tasks\twtIFBDYSoFxflLUA2 => rundll32 "C:\Program Files (x86)\ClkZTLBoMDdHOlUIAmR\GfnEmnc.dll",#1
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{6806B761-A8BB-4E3A-A923-80C21E1046AF}.xpi [2020-03-03] [not signed]
CHR Extension: (Adblocker for Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Notifications: Profile 2 -> hxxps://best.aliexpress.com; hxxps://chairgaubsy.com; hxxps://cz.pinterest.com; hxxps://dailyreportfeed.com; hxxps://dfiles.eu; hxxps://download-alert.com; hxxps://emefka.sk; hxxps://fastshare.cz; hxxps://flake.creditcable.info; hxxps://footballmanagerstory.com; hxxps://ibb.co; hxxps://install.utilitooltech.com; hxxps://live-stream365.com; hxxps://mail-notification.info; hxxps://news-jupiter.com; hxxps://notification-time.com; hxxps://postovnezdarma.cz; hxxps://pushisback.com; hxxps://sdilej.cz; hxxps://sortitoutsi.net; hxxps://specialthankselsa.com; hxxps://trustcontent.rest; hxxps://uniquecaptcha.com; hxxps://www.bankovnikod.cz; hxxps://www.booktook.cz; hxxps://www.facebook.com; hxxps://www.fmscout.com; hxxps://www.gamesradar.com; hxxps://www.gogy.com; hxxps://www.kupi.cz; hxxps://www.mall.cz; hxxps://www.onlinevideoconverter.com; hxxps://www.pcgamer.com; hxxps://www.tipsport.cz; hxxps://www.wish.com; hxxps://www.youtube.com; hxxps://www1.news-back.com; hxxps://zivot.org
CHR DefaultSuggestURL: Profile 2 -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Adblocker pro Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Adblocker for Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
2021-01-25 12:51 - 2020-11-24 20:15 - 000003488 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2021-01-25 12:51 - 2020-11-24 20:15 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-01-25 12:51 - 2020-11-24 20:15 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-25 12:51 - 2020-11-24 20:15 - 000002730 _____ C:\WINDOWS\system32\Tasks\twtIFBDYSoFxflLUA2
2021-01-25 12:51 - 2020-11-24 20:15 - 000002704 _____ C:\WINDOWS\system32\Tasks\cbwSdEhCHyLotqt2
2021-01-25 12:51 - 2020-11-24 20:15 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-25 12:51 - 2020-11-24 20:15 - 000002940 _____ C:\WINDOWS\system32\Tasks\ZEQDPgDwyytDid
2021-01-25 10:36 - 2018-12-17 12:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "4163644"
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "6048195"
FirewallRules: [{EB6982F8-9EB1-4414-8CB7-5BD43172170A}] => (Allow) LPort=54925
FirewallRules: [{EE876AEF-D91A-4FFD-BB82-C00BDEAB6340}] => (Allow) LPort=54950
FirewallRules: [{8FC30779-0841-4B6B-A08B-76CBE7B84DB8}] => (Allow) LPort=54955

EmptyTemp:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

[vladislav]

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021 01
Ran by vava (25-01-2021 15:08:26) Run:1
Running from C:\Users\vava\Desktop
Loaded Profiles: vava
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

C:\Program Files (x86)\bpqCwveW
C:\Program Files (x86)\bPAQiPskLZjU2
C:\Program Files (x86)\ClkZTLBoMDdHOlUIAmR

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {38552733-E033-4F89-907A-490FF67FBB57} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-17] (Google Inc -> Google Inc.)
Task: {48270D34-D2A3-40E0-980B-ED395D6CF8CE} - System32\Tasks\cbwSdEhCHyLotqt2 => rundll32 "C:\Program Files (x86)\bpqCwveWU\IQGRpM.dll",#1
Task: {4CF24B6D-C65C-455E-8FF9-3A02DDF9F63B} - System32\Tasks\ZEQDPgDwyytDid => rundll32 "C:\Program Files (x86)\bPAQiPskLZjU2\EIWQkGpRCpdMD.dll",#1
Task: {A5E502DF-A2AC-4D12-91AC-C3778DD4195C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-17] (Google Inc -> Google Inc.)
Task: {A6B20565-F2C7-4593-BA69-5B03250CF2D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {B4ECE2F4-2473-4989-B411-3E3916C3E8BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {CA68AAF7-4E8E-42C7-84D4-E45F0C454D69} - System32\Tasks\twtIFBDYSoFxflLUA2 => rundll32 "C:\Program Files (x86)\ClkZTLBoMDdHOlUIAmR\GfnEmnc.dll",#1
FF Extension: (No Name) - C:\Program Files\Mozilla Firefox\browser\features\{6806B761-A8BB-4E3A-A923-80C21E1046AF}.xpi [2020-03-03] [not signed]
CHR Extension: (Adblocker for Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Notifications: Profile 2 -> hxxps://best.aliexpress.com; hxxps://chairgaubsy.com; hxxps://cz.pinterest.com; hxxps://dailyreportfeed.com; hxxps://dfiles.eu; hxxps://download-alert.com; hxxps://emefka.sk; hxxps://fastshare.cz; hxxps://flake.creditcable.info; hxxps://footballmanagerstory.com; hxxps://ibb.co; hxxps://install.utilitooltech.com; hxxps://live-stream365.com; hxxps://mail-notification.info; hxxps://news-jupiter.com; hxxps://notification-time.com; hxxps://postovnezdarma.cz; hxxps://pushisback.com; hxxps://sdilej.cz; hxxps://sortitoutsi.net; hxxps://specialthankselsa.com; hxxps://trustcontent.rest; hxxps://uniquecaptcha.com; hxxps://www.bankovnikod.cz; hxxps://www.booktook.cz; hxxps://www.facebook.com; hxxps://www.fmscout.com; hxxps://www.gamesradar.com; hxxps://www.gogy.com; hxxps://www.kupi.cz; hxxps://www.mall.cz; hxxps://www.onlinevideoconverter.com; hxxps://www.pcgamer.com; hxxps://www.tipsport.cz; hxxps://www.wish.com; hxxps://www.youtube.com; hxxps://www1.news-back.com; hxxps://zivot.org
CHR DefaultSuggestURL: Profile 2 -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Adblocker pro Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Adblocker for Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
2021-01-25 12:51 - 2020-11-24 20:15 - 000003488 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2021-01-25 12:51 - 2020-11-24 20:15 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-01-25 12:51 - 2020-11-24 20:15 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-25 12:51 - 2020-11-24 20:15 - 000002730 _____ C:\WINDOWS\system32\Tasks\twtIFBDYSoFxflLUA2
2021-01-25 12:51 - 2020-11-24 20:15 - 000002704 _____ C:\WINDOWS\system32\Tasks\cbwSdEhCHyLotqt2
2021-01-25 12:51 - 2020-11-24 20:15 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-25 12:51 - 2020-11-24 20:15 - 000002940 _____ C:\WINDOWS\system32\Tasks\ZEQDPgDwyytDid
2021-01-25 10:36 - 2018-12-17 12:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "4163644"
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "6048195"
FirewallRules: [{EB6982F8-9EB1-4414-8CB7-5BD43172170A}] => (Allow) LPort=54925
FirewallRules: [{EE876AEF-D91A-4FFD-BB82-C00BDEAB6340}] => (Allow) LPort=54950
FirewallRules: [{8FC30779-0841-4B6B-A08B-76CBE7B84DB8}] => (Allow) LPort=54955

EmptyTemp:

*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.
"C:\Program Files (x86)\bpqCwveW" => not found
"C:\Program Files (x86)\bPAQiPskLZjU2" => not found
"C:\Program Files (x86)\ClkZTLBoMDdHOlUIAmR" => not found
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{38552733-E033-4F89-907A-490FF67FBB57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38552733-E033-4F89-907A-490FF67FBB57}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{48270D34-D2A3-40E0-980B-ED395D6CF8CE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48270D34-D2A3-40E0-980B-ED395D6CF8CE}" => removed successfully
C:\WINDOWS\System32\Tasks\cbwSdEhCHyLotqt2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\cbwSdEhCHyLotqt2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4CF24B6D-C65C-455E-8FF9-3A02DDF9F63B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CF24B6D-C65C-455E-8FF9-3A02DDF9F63B}" => removed successfully
C:\WINDOWS\System32\Tasks\ZEQDPgDwyytDid => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ZEQDPgDwyytDid" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A5E502DF-A2AC-4D12-91AC-C3778DD4195C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5E502DF-A2AC-4D12-91AC-C3778DD4195C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A6B20565-F2C7-4593-BA69-5B03250CF2D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6B20565-F2C7-4593-BA69-5B03250CF2D9}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4ECE2F4-2473-4989-B411-3E3916C3E8BC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4ECE2F4-2473-4989-B411-3E3916C3E8BC}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CA68AAF7-4E8E-42C7-84D4-E45F0C454D69}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA68AAF7-4E8E-42C7-84D4-E45F0C454D69}" => removed successfully
C:\WINDOWS\System32\Tasks\twtIFBDYSoFxflLUA2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\twtIFBDYSoFxflLUA2" => removed successfully
C:\Program Files\Mozilla Firefox\browser\features\{6806B761-A8BB-4E3A-A923-80C21E1046AF}.xpi => moved successfully
CHR Extension: (Adblocker for Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
"Chrome Notifications" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
CHR Extension: (Adblocker pro Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
CHR Extension: (Adblocker for Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION => Error: No automatic fix found for this entry.
"C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater" => not found
"C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\twtIFBDYSoFxflLUA2" => not found
"C:\WINDOWS\system32\Tasks\cbwSdEhCHyLotqt2" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\WINDOWS\system32\Tasks\ZEQDPgDwyytDid" => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\4163644" => removed successfully
"HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\4163644" => not found
"HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\6048195" => removed successfully
"HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\6048195" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB6982F8-9EB1-4414-8CB7-5BD43172170A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE876AEF-D91A-4FFD-BB82-C00BDEAB6340}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8FC30779-0841-4B6B-A08B-76CBE7B84DB8}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11296768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 41467548 B
Java, Flash, Steam htmlcache => 248971777 B
Windows/system/drivers => 90227873 B
Edge => 265754 B
Chrome => 425157509 B
Firefox => 7857278 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 42162 B
NetworkService => 42162 B
vava => 8663350 B

RecycleBin => 0 B
EmptyTemp: => 795.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:08:53 ====

[Diallix]

poprosim o nove logy FRST + ADDITION,

[vladislav]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-01-2021 01
Ran by vava (administrator) on DESKTOP-5OK8UPN (Gigabyte Technology Co., Ltd. Z97-D3H) (25-01-2021 16:33:46)
Running from C:\Users\vava\Desktop
Loaded Profiles: vava
Platform: Windows 10 Pro Version 2004 19041.746 (X64) Language: Čeština (Česko)
Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Hoo Technologies) [File not signed] C:\Program Files (x86)\HooTech\NetMeter\HooNetMeter.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.20122.11121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(Microsoft) [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(Valve -> Valve Corporation) D:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8844032 2016-01-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3581952 2017-04-05] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [731240 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\Run: [NetMeter] => C:\Program Files (x86)\HooTech\NetMeter\HooNetMeter.exe [577536 2008-12-05] (Hoo Technologies) [File not signed]
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-07] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7480.89\Installer\chrmstp.exe [2021-01-15] (Avast Software s.r.o. -> AVAST Software)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CA5736B-BDD8-4BF3-92C2-3CB18D36AAB2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {16DE353E-570F-4D42-A46D-F07D12A6FFE1} - System32\Tasks\AMD ThankingURL => C:\Program Files\AMD\CIM\Bin64\Setup.exe [1124536 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {36EF4174-9057-4D28-9DE6-5C7CE500CAD1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-09] (Adobe Inc. -> Adobe)
Task: {54DCFD65-BA2E-41EA-94DF-688F09678B60} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2175216 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {5C4434B3-6DD5-421C-848B-488487C5452A} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5FCA14DE-0CC6-4401-8212-9F735058AF01} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {70045ADC-D80A-4644-BAC6-DA0FDB632392} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-14] (Avast Software s.r.o. -> AVAST Software)
Task: {792B3E87-16FC-432E-AAEF-F8B920D8E87B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {7CF84D75-4C7A-4896-BB1D-97F419A20F18} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [File not signed]
Task: {83C449C9-3548-4F60-9CF2-5CCD0484FAF8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-14] (Avast Software s.r.o. -> AVAST Software)
Task: {A7261761-88FB-4FC0-802F-C49B0D80EFDF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {C85569B7-C855-48F5-8EC3-ADB3AB53FD18} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2175216 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
Task: {D7571985-BC1D-4EE8-AAAA-A21DE97F90D4} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [File not signed]
Task: {F1023799-1BBC-42F6-89AC-26EF0D79826E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-16] (Avast Software s.r.o. -> AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{543d8a16-e5e7-4b9d-8576-7b388f3f553f}: [DhcpNameServer] 192.168.0.1

Edge:
=======
DownloadDir: C:\Users\vava\Downloads
Edge Notifications: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> hxxps://www.tipsport.cz
Edge DefaultProfile: Default
Edge Profile: C:\Users\vava\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-25]
Edge DownloadDir: C:\Users\vava\Downloads
Edge Notifications: Default -> hxxps://www.tipsport.cz

FireFox:
========
FF DefaultProfile: 25n1z54v.default
FF ProfilePath: C:\Users\vava\AppData\Roaming\Mozilla\Firefox\Profiles\25n1z54v.default [2021-01-25]
FF Homepage: Mozilla\Firefox\Profiles\25n1z54v.default -> hxxps://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\25n1z54v.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\25n1z54v.default -> hxxps://mail-notification.info
FF NewTabOverride: Mozilla\Firefox\Profiles\25n1z54v.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\vava\AppData\Roaming\Mozilla\Firefox\Profiles\25n1z54v.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-12-05]
FF Extension: (Text Link) - C:\Users\vava\AppData\Roaming\Mozilla\Firefox\Profiles\25n1z54v.default\Extensions\{54BB9F3F-07E5-486c-9B39-C7398B99391C}.xpi [2019-02-16]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2011-05-17] (Google) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-14] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-14] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default [2021-01-25]
CHR Extension: (Prezentace) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-20]
CHR Extension: (Dokumenty) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-20]
CHR Extension: (Disk Google) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-02-20]
CHR Extension: (YouTube) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-20]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-02-20]
CHR Extension: (Tabulky) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-20]
CHR Extension: (Avast Online Security) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-20]
CHR Extension: (Adblocker for Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-02-20]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-02-20]
CHR Extension: (Gmail) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-02-20]
CHR Extension: (Chrome Media Router) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-20]
CHR Profile: C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-01-25]
CHR DownloadDir: D:\hry
CHR HomePage: Profile 2 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 2 -> "hxxps://www.seznam.cz/#nastavit-jako-domovskou- ... seznam.cz/"
CHR DefaultSearchURL: Profile 2 -> hxxps://www.gstatic.com/youtube/media/ytm/image ... _48x48.png
CHR Session Restore: Profile 2 -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Prezentace) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-17]
CHR Extension: (Dokumenty) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-17]
CHR Extension: (Disk Google) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (Sign Language...On the Go!) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bbnelcpofncjheaoglabgaegepbfioje [2018-12-17]
CHR Extension: (World Map) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\biabadelbimllanaekjkipoflfdpihba [2018-12-17]
CHR Extension: (YouTube) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-17]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-12-15]
CHR Extension: (YouTube Music) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod [2020-10-07]
CHR Extension: (Tabulky) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-17]
CHR Extension: (TimeMaps: World History Atlas) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gcknipbpempcbnncdekkeimmpjggfaem [2018-12-17]
CHR Extension: (ČSFD Vyhledávač) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gefccnegpdaefgnnfpdlhchpkolpgjbi [2018-12-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-12]
CHR Extension: (Linkification Chrome) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\haaamfoknimneabkapikpoccmfekkidj [2018-12-29]
CHR Extension: (AirDroid) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2018-12-17]
CHR Extension: (Adblocker pro Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (The Weather Channel for Chrome) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2018-12-17]
CHR Extension: (Text to PDF Instant Converter) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kcfoblhpibkgaolddkdakldhfpjfjgod [2018-12-17]
CHR Extension: (Mapy Google) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-12-17]
CHR Extension: (3D Solar System Web) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2018-12-17]
CHR Extension: (Clickable Links) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mgamelhnfokapndfdodnmfiningckjia [2018-12-29]
CHR Extension: (Map of the Earth) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ncekdeccakacjplanbmoofohobljbkad [2020-03-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Televize Online) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pcfeebemepipakkhapnhljbcdkagkloh [2018-12-17]
CHR Extension: (Gmail) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-10]
CHR Profile: C:\Users\vava\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-25]
CHR Extension: (Adblocker for Youtube™) - C:\Users\vava\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ifhmmfkaojalpgphoaknehmekeoilfhh [2020-03-03] [UpdateUrl:hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-14] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-14] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7480.89\elevation_service.exe [1409224 2020-12-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [File not signed]
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3729512 2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-08-17] (Huawei Technologies Co., Ltd. -> )
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-01-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [12288 2019-08-09] (Microsoft) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [20480 2019-08-09] (Microsoft) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [47560 2018-09-19] (FinalWire Kft. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-16] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-12-17] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-12-17] (Disc Soft Ltd -> Disc Soft Ltd)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-25 16:33 - 2021-01-25 16:33 - 000027145 _____ C:\Users\vava\Desktop\FRST.txt
2021-01-25 15:09 - 2021-01-25 15:09 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-25 15:09 - 2021-01-25 15:09 - 000000008 __RSH C:\ProgramData\ntuser.pol
2021-01-25 15:08 - 2021-01-25 15:08 - 000013098 _____ C:\Users\vava\Desktop\Fixlog.txt
2021-01-25 15:01 - 2021-01-25 13:50 - 002297344 _____ (Farbar) C:\Users\vava\Desktop\FRST64.exe
2021-01-25 14:58 - 2021-01-25 14:58 - 000044786 _____ C:\Users\vava\Documents\Bez názvu 1.odt
2021-01-25 13:51 - 2021-01-25 16:33 - 000000000 ____D C:\FRST
2021-01-25 10:29 - 2021-01-25 10:27 - 008457584 _____ (Malwarebytes) C:\Users\vava\Desktop\adwcleaner_8.0.9.1.exe
2021-01-25 10:28 - 2021-01-25 10:34 - 000000000 ____D C:\AdwCleaner
2021-01-25 09:27 - 2021-01-25 09:28 - 2725138885 _____ C:\Users\vava\Downloads\Megapack TCM21.rar
2021-01-24 17:21 - 2021-01-24 17:21 - 000000036 _____ C:\Users\vava\AppData\LocalLow\.bidstack-device-id
2021-01-24 16:00 - 2021-01-24 16:00 - 000846468 _____ C:\WINDOWS\Minidump\012421-7578-01.dmp
2021-01-24 11:32 - 2021-01-24 11:32 - 000000000 ____D C:\Users\vava\AppData\Roaming\PDM
2021-01-23 10:28 - 2021-01-23 10:28 - 000002288 _____ C:\Users\vava\Documents\cc_20210123_102822.reg
2021-01-22 11:34 - 2021-01-22 11:34 - 000000000 ____D C:\Users\vava\Documents\Sports Interactive
2021-01-22 11:34 - 2021-01-22 11:34 - 000000000 ____D C:\Users\vava\AppData\Local\Sports Interactive
2021-01-22 11:34 - 2021-01-22 11:34 - 000000000 ____D C:\Users\Public\Documents\Sports Interactive
2021-01-22 11:26 - 2021-01-22 11:26 - 000000223 _____ C:\Users\vava\Desktop\Football Manager 2021.url
2021-01-22 09:17 - 2021-01-22 09:17 - 000001047 _____ C:\Users\vava\Desktop\IrfanView 64.lnk
2021-01-22 08:37 - 2021-01-22 08:37 - 000000000 ____D C:\Program Files (x86)\WinRAR
2021-01-22 08:36 - 2021-01-22 08:36 - 000000000 ____D C:\Program Files (x86)\IrfanView
2021-01-22 08:35 - 2021-01-22 08:35 - 000150600 _____ C:\Users\vava\Documents\cc_20210122_083511.reg
2021-01-19 17:47 - 2021-01-19 17:47 - 000001838 _____ C:\Users\Public\Desktop\Palm Reader.lnk
2021-01-19 17:47 - 2021-01-19 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Palm
2021-01-19 17:47 - 2021-01-19 17:47 - 000000000 ____D C:\Program Files (x86)\Palm
2021-01-19 16:32 - 2021-01-19 16:32 - 000004608 _____ C:\Users\vava\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-01-19 16:00 - 2021-01-19 16:00 - 000001183 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2021-01-19 16:00 - 2021-01-19 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2021-01-15 09:15 - 2021-01-15 09:15 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-15 09:15 - 2021-01-15 09:15 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-15 09:15 - 2021-01-15 09:15 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-15 09:15 - 2021-01-15 09:15 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-15 09:15 - 2021-01-15 09:15 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-15 09:15 - 2021-01-15 09:15 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-15 09:15 - 2021-01-15 09:15 - 000467968 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-15 09:15 - 2021-01-15 09:15 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-15 09:15 - 2021-01-15 09:15 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-15 09:15 - 2021-01-15 09:15 - 000157184 _____ C:\WINDOWS\system32\uwfcsp.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000138056 _____ C:\WINDOWS\system32\HvsiManagementApi.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-15 09:15 - 2021-01-15 09:15 - 000101704 _____ C:\WINDOWS\SysWOW64\HvsiManagementApi.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-15 09:15 - 2021-01-15 09:15 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-15 09:15 - 2021-01-15 09:15 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-15 09:15 - 2021-01-15 09:15 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-15 09:15 - 2021-01-15 09:15 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-15 09:15 - 2021-01-15 09:15 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-01-15 09:14 - 2021-01-15 09:14 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-15 09:14 - 2021-01-15 09:14 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-15 09:14 - 2021-01-15 09:14 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-15 09:14 - 2021-01-15 09:14 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-01-15 09:14 - 2021-01-15 09:14 - 000010894 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-01-15 09:13 - 2021-01-15 09:13 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-15 09:13 - 2021-01-15 09:13 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-01-15 09:13 - 2021-01-15 09:13 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-15 09:13 - 2021-01-15 09:13 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-15 09:13 - 2021-01-15 09:13 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-15 09:13 - 2021-01-15 09:13 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-15 09:13 - 2021-01-15 09:13 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-15 09:13 - 2021-01-15 09:13 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-01-09 08:48 - 2020-10-29 13:33 - 001783920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-01-09 08:48 - 2020-10-29 13:33 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-01-09 08:48 - 2020-10-29 13:33 - 001374320 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-01-09 08:48 - 2020-10-29 13:33 - 001085360 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 001085360 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000944208 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000736880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000046704 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2021-01-09 08:48 - 2020-10-29 13:33 - 000043632 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 064809072 _____ C:\WINDOWS\system32\amd_comgr.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 053684848 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 004630640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 004141168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 001774192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 001341552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000760432 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000621168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000496752 _____ C:\WINDOWS\system32\GameManager64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000493168 _____ C:\WINDOWS\system32\dgtrayicon.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000468592 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000456304 _____ C:\WINDOWS\system32\atieah64.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000432752 _____ C:\WINDOWS\system32\EEURestart.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000380016 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000351856 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000339568 _____ C:\WINDOWS\system32\clinfo.exe
2021-01-09 08:48 - 2020-10-29 13:32 - 000245360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000213104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000186992 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000182392 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000167024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000166512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000158656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000156784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000142448 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000140912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000135792 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000134768 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000125552 _____ C:\WINDOWS\system32\atidxx64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000122480 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000120432 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000107632 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000107120 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000090736 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mcl64.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000075376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mcl32.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000070256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-01-09 08:48 - 2020-10-29 13:32 - 000019784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 071030384 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdhip64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 001686016 _____ (AMD) C:\WINDOWS\system32\amf-mft-mjpeg-decoder64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 001365368 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000941168 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000768624 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000553584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000546800 _____ C:\WINDOWS\system32\amdmiracast.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000489584 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000466544 _____ C:\WINDOWS\system32\amdlogum.exe
2021-01-09 08:48 - 2020-10-29 13:31 - 000383600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000380016 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000167400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000135928 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000130232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000120264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2021-01-09 08:48 - 2020-10-29 13:31 - 000108248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2021-01-09 08:48 - 2020-10-29 12:28 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2021-01-09 08:48 - 2020-10-29 12:28 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2021-01-09 08:48 - 2020-10-29 12:28 - 000544256 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2021-01-09 08:48 - 2020-10-29 12:28 - 000544256 _____ C:\WINDOWS\system32\atiapfxx.blb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-25 16:31 - 2020-11-30 08:16 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c295f012e0b9
2021-01-25 16:31 - 2020-11-24 20:15 - 000003788 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-01-25 16:31 - 2020-11-24 20:15 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-25 16:31 - 2020-11-24 20:15 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-25 16:31 - 2020-11-24 20:15 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-25 16:31 - 2020-11-24 20:15 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2407068654-2776695394-1459206416-1001
2021-01-25 16:31 - 2020-11-24 20:15 - 000002636 _____ C:\WINDOWS\system32\Tasks\AMD ThankingURL
2021-01-25 16:31 - 2020-11-24 20:15 - 000002526 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-01-25 16:31 - 2020-11-24 20:15 - 000002392 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate
2021-01-25 16:31 - 2020-11-24 20:15 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-25 16:31 - 2020-11-24 20:15 - 000002146 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-01-25 16:31 - 2020-11-24 20:15 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-01-25 16:31 - 2020-11-24 20:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-01-25 15:54 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-25 15:31 - 2018-12-17 13:12 - 000000000 ____D C:\Users\vava\AppData\Local\D3DSCache
2021-01-25 15:26 - 2018-12-17 15:51 - 000000000 ____D C:\ProgramData\AVAST Software
2021-01-25 15:14 - 2020-11-24 20:18 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-25 15:14 - 2019-12-07 15:43 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-25 15:14 - 2019-12-07 15:43 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-25 15:14 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-01-25 15:11 - 2018-12-17 13:34 - 000000000 ____D C:\Program Files\CCleaner
2021-01-25 15:09 - 2020-11-24 20:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-25 15:09 - 2020-11-24 20:09 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-25 15:09 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-25 15:09 - 2018-12-17 12:44 - 000000000 __SHD C:\Users\vava\IntelGraphicsProfiles
2021-01-25 15:09 - 2018-12-17 12:35 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-01-25 15:08 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2021-01-25 10:56 - 2020-11-24 20:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-25 10:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-25 10:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-25 08:24 - 2020-10-03 08:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-01-24 16:00 - 2020-11-28 17:36 - 000000000 ____D C:\WINDOWS\Minidump
2021-01-24 15:13 - 2019-01-08 08:40 - 000000000 ____D C:\Users\vava\AppData\Local\CrashDumps
2021-01-24 12:54 - 2020-11-24 20:10 - 000000000 ____D C:\Users\vava
2021-01-24 10:27 - 2018-12-17 12:30 - 000000000 ____D C:\Users\vava\AppData\Local\VirtualStore
2021-01-23 15:26 - 2020-11-24 20:15 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-01-23 12:19 - 2018-12-17 13:10 - 000000000 ____D C:\Users\vava\AppData\Roaming\vlc
2021-01-23 10:29 - 2018-12-17 15:57 - 000000000 ____D C:\Users\vava\AppData\Local\AVAST Software
2021-01-23 10:29 - 2018-12-17 12:54 - 000000000 ____D C:\Users\vava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-23 10:29 - 2018-12-17 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-23 10:29 - 2018-12-17 12:54 - 000000000 ____D C:\Program Files\WinRAR
2021-01-23 10:25 - 2019-02-12 13:18 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-23 10:25 - 2019-02-12 13:18 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-23 08:28 - 2020-06-07 09:41 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-23 08:28 - 2020-06-07 09:41 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-01-22 09:22 - 2018-12-17 13:11 - 000000000 ____D C:\Users\vava\AppData\Roaming\MPC-HC
2021-01-22 09:17 - 2020-03-03 12:21 - 000001921 _____ C:\Users\vava\Desktop\IrfanView 64 Thumbnails.lnk
2021-01-22 08:38 - 2018-12-18 18:23 - 000165032 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2021-01-22 08:38 - 2018-12-18 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-01-22 08:38 - 2018-12-18 18:23 - 000000000 ____D C:\Program Files (x86)\Java
2021-01-22 08:36 - 2018-12-18 18:15 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2021-01-22 08:36 - 2018-12-18 18:15 - 000001080 _____ C:\Users\Public\Desktop\Audacity.lnk
2021-01-22 08:36 - 2018-12-18 18:15 - 000000000 ____D C:\Program Files (x86)\Audacity
2021-01-22 08:36 - 2018-12-17 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-01-22 08:34 - 2018-12-17 12:30 - 000000000 ____D C:\Users\vava\AppData\Local\Packages
2021-01-22 08:31 - 2020-11-24 11:28 - 000000000 ___DC C:\WINDOWS\Panther
2021-01-22 08:31 - 2018-12-17 13:44 - 000000000 ____D C:\Program Files (x86)\Steam
2021-01-19 17:47 - 2018-12-17 12:57 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-01-19 17:42 - 2018-12-17 13:21 - 000000000 ____D C:\Users\vava\AppData\Roaming\AIMP
2021-01-19 16:00 - 2018-12-17 12:44 - 000000000 ____D C:\Program Files (x86)\Google
2021-01-19 16:00 - 2018-12-17 12:43 - 000000000 ____D C:\Users\vava\AppData\Local\Google
2021-01-18 11:53 - 2020-07-24 14:35 - 000000081 _____ C:\Users\vava\AppData\Local\.bidstack.fault
2021-01-17 13:17 - 2020-11-24 20:15 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-01-15 12:43 - 2020-11-24 20:09 - 000459400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-15 12:42 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-15 12:42 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-01-15 12:42 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-15 12:42 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-15 09:20 - 2018-12-17 15:46 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-15 09:17 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-15 09:17 - 2018-12-17 15:46 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-15 09:13 - 2020-11-24 20:10 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-01-15 09:09 - 2020-10-14 14:48 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-01-15 09:09 - 2020-10-14 14:48 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-01-09 12:18 - 2019-02-12 13:18 - 000000000 ____D C:\Users\vava\AppData\LocalLow\Mozilla
2021-01-09 12:18 - 2019-02-12 13:18 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-09 12:17 - 2019-02-12 13:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-08 12:14 - 2018-12-17 15:53 - 000468888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-01-07 16:14 - 2020-12-16 16:10 - 000214808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-01-07 14:45 - 2018-12-17 12:44 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-07 12:14 - 2018-12-17 15:53 - 000324904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys

==================== Files in the root of some directories ========

2020-03-03 08:03 - 2020-03-03 08:03 - 000000000 _____ () C:\Users\vava\iqfjwudd.exe
2020-03-03 08:02 - 2020-03-03 08:02 - 000000000 _____ () C:\Users\vava\vmuscxes.exe
2020-07-24 14:35 - 2021-01-18 11:53 - 000000081 _____ () C:\Users\vava\AppData\Local\.bidstack.fault
2020-03-03 08:03 - 2020-03-03 08:03 - 000000557 _____ () C:\Users\vava\AppData\Local\bowsakkdestx.txt
2021-01-19 16:32 - 2021-01-19 16:32 - 000004608 _____ () C:\Users\vava\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-03-03 08:01 - 2020-03-03 08:01 - 000142336 _____ () C:\Users\vava\AppData\Local\installer.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021 01
Ran by vava (25-01-2021 16:35:07)
Running from C:\Users\vava\Desktop
Windows 10 Pro Version 2004 19041.746 (X64) (2020-11-24 19:15:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2407068654-2776695394-1459206416-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2407068654-2776695394-1459206416-503 - Limited - Disabled)
Guest (S-1-5-21-2407068654-2776695394-1459206416-501 - Limited - Disabled)
vava (S-1-5-21-2407068654-2776695394-1459206416-1001 - Administrator - Enabled) => C:\Users\vava
WDAGUtilityAccount (S-1-5-21-2407068654-2776695394-1459206416-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
AIDA64 Extreme v5.98 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.98 - FinalWire Ltd.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.4.2 - Advanced Micro Devices, Inc.)
Audacity 2.4.2 (HKLM-x32\...\Audacity_is1) (Version: 2.4.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 87.0.7480.89 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{569f9640-fd0a-4a52-97f2-11277f65a3f0}) (Version: 4.4.0.33 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{FE65E525-8FCA-43BE-8D7F-0C4665FAE1A5}) (Version: 4.4.0.33 - Brother Industries, Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{42B7DE8A-B2BF-41E3-9F0C-F3C10DAB9189}) (Version: 1.0.5.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{DFDF4BFA-1551-47EC-93BF-EBC1C305CD47}) (Version: 1.6.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{49F15DD6-D83B-4756-BB57-66E00570C186}) (Version: 1.0.22.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0650 - Disc Soft Ltd)
Google Earth (HKLM-x32\...\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}) (Version: 6.0.3.2197 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.1.1.500 - Huawei Technologies Co., Ltd.)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
IrfanView 4.57 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.57 - Irfan Skiljan)
IrfanView 4.57 (64-bit) (HKLM\...\IrfanView64) (Version: 4.57 - Irfan Skiljan)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kodi (HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\Kodi) (Version: - XBMC Foundation)
Kodi verze 1.5 (HKLM-x32\...\Kodi_is1) (Version: 1.5 - )
LibreOffice 6.3.3.2 (HKLM\...\{4DACF7A7-C851-4943-A63D-3CAE495C48E0}) (Version: 6.3.3.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
Net Meter 3.6 build 437 (HKLM-x32\...\Net Meter) (Version: 3.6 build 437 - Hoo Technologies)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Nuance PaperPort 14 (HKLM-x32\...\{24510774-4424-46C2-8FB7-5DE0C945ED2B}) (Version: 14.5.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer SE (HKLM-x32\...\{D8151965-282B-4EB6-A3F1-68AB555D8423}) (Version: 7.20.3230 - Nuance Communications, Inc.)
Palm Reader (HKLM-x32\...\{ED8BB1CA-535A-408D-85C9-ED1986D2B85E}) (Version: - )
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0002 - Nuance Communications, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: - Jan Fiala)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
SoftwareUpdateNotification (HKLM-x32\...\{34F12379-C924-41E6-921D-51C71217F58C}) (Version: 1.0.9.0 - Brother Industries, Ltd.) Hidden
StatusMonitor (HKLM-x32\...\{40578A7A-6E36-457F-A4F0-45BC37EB61FD}) (Version: 1.20.1.0 - Brother Insutries Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 beta 15 - Ghisler Software GmbH)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 6.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
yBook (HKLM-x32\...\yBook_is1) (Version: - Spacejock Software)

Packages:
=========
AIMP -> C:\Program Files\WindowsApps\25018ArtemIzmaylov.AIMP_4.60.2175.0_x86__4hdg3aaevdv22 [2020-03-08] (Artem Izmaylov)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.50.3.0_x86__kgqvnymyfvs32 [2021-01-22] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1940.2.0_x86__kgqvnymyfvs32 [2021-01-25] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.337.0_x64__rz1tebttyb220 [2020-12-19] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-06] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2018-12-17] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-16] (Netflix, Inc.)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.24.1.0_x64__nfy108tqq3p12 [2021-01-18] (Thumbmunkeys Ltd)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-12-17] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [PSPad] -> {8903F6C9-25E3-40AC-A98F-E6D35CD0469C} => C:\Program Files (x86)\PSPad editor\PSPadShell.dll [2008-03-30] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-10-19] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2018-12-17] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-16] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.ac3filter] => C:\WINDOWS\system32\ac3filter64.acm [2231296 2013-04-05] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [1679360 2013-04-05] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\vava\Desktop\YouTube Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\vava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube Music.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\vava\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

2020-03-02 17:11 - 2020-03-02 17:11 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-11-19 15:03 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2012-12-05 12:29 - 2012-12-05 12:29 - 004883456 _____ (BCGSoft Ltd) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\BCGCBPRO1100u100.dll
2012-12-05 12:29 - 2012-12-05 12:29 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2019-11-19 15:03 - 2016-11-01 11:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2018-12-17 12:54 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000413696 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000519168 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 001431040 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 001180672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-04-21 15:43 - 2020-04-21 15:43 - 006010880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 006345216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000724992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000120832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5MultimediaQuick.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 001078272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 004000256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 003802624 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 001083904 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000205312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000376320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 092323328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 005560832 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000188416 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 002888704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000260608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtMultimedia\declarative_multimedia.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000287232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000329216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000089088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000312320 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-03-02 17:11 - 2020-03-02 17:11 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-04-21 15:43 - 2020-04-21 15:43 - 000085504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {09A1DFD4-E0C1-4656-8FB0-D97DAD9C4DF9} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {0CAEDC08-FE59-4ECD-B279-D3537DB95D29} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {38668015-7280-4D94-A06D-114AE6B305CE} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {3A61144E-4F09-4C23-B95E-0E3FD852EB30} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {688CCA7C-8592-4C44-A998-9D3D7A7CB63C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {AFD86EDA-DBC2-4741-A9CA-015E1F8AD9B7} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {B085F588-4DF4-492D-AD06-1C5AA328F546} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {B17FE663-364F-4810-B092-186588B33184} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13554
SearchScopes: HKU\S-1-5-21-2407068654-2776695394-1459206416-1001 -> {F4D2D9DE-1A01-487C-BD55-8E241200FBC6} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13554
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2021-01-22] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2019-01-04 12:28 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\Control Panel\Desktop\\Wallpaper -> D:\obrázky\obrázky\2775967_.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HuaweiHiSuiteService64.exe => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
HKLM\...\StartupApproved\Run32: => "ISUSPM"
HKLM\...\StartupApproved\Run32: => "ControlCenter4"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "BrotherSoftwareUpdateNotification"
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2407068654-2776695394-1459206416-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{B5E6FD35-4903-4CCA-871A-0C6E3D351F26}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe
FirewallRules: [TCP Query User{0BDF0992-3B26-4657-9BF9-6320AADF95C0}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe
FirewallRules: [UDP Query User{A2AD8A50-86D6-4B7B-9E48-C517BA9F9CD8}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe (Google) [File not signed]
FirewallRules: [TCP Query User{546069E1-E117-486D-A798-0B8D647E34EE}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe (Google) [File not signed]
FirewallRules: [UDP Query User{2DA8EDDC-CA9F-45E5-99D9-2CC99C2EE432}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [TCP Query User{C54F05B9-0A92-43C8-973A-1089C9CC6841}C:\windows\syswow64\svchost.exe] => (Allow) C:\windows\syswow64\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{3FDDC596-73C8-414D-8D7D-A80D83A7C757}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{50CCB4AF-2D29-461C-8A7B-F267AF129219}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{DE9933B1-0128-4073-836A-FF53FDC4ADED}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{329A27DD-FA6D-4C74-B1C9-CDCB58033444}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BFEE07AF-F259-433C-97F4-467408E2D6C9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{CAACD99A-C4ED-41B5-ADC0-4B4C3F518D3F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{0BA88BA1-1C04-4998-89C6-9E2CD8C75E21}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{02649126-4EBC-43DA-A837-C44249945136}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{92525C9E-72D3-44D4-9FC6-A17C14781C84}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3690CDC6-31A0-4FA2-BF19-44704A436448}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{619F4222-4838-4F85-A299-7E6C09849B8E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{60B1D6A8-31C1-4990-98A9-6B8938344527}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{C1984D1B-36A7-4BF0-8736-0AB5CF21A014}] => (Allow) D:\Program Files (x86)\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4E809655-7876-4F52-90B6-3F77397AB408}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BAA8C41C-1F19-40AD-926C-A3B92790FFE9}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8A3DA0A2-EFE9-4CC8-BAAC-BDE1558715BA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [File not signed]
FirewallRules: [{76F5EB79-A159-4A21-908D-9891094E2D2E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Football Manager 2021\fm.exe (Sports Interactive) [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:45.98 GB) (41%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/25/2021 03:09:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (01/25/2021 03:09:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (01/25/2021 03:09:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (01/25/2021 03:09:49 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (01/25/2021 03:09:48 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 192.168.0.103

Error: (01/25/2021 03:09:48 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[0]: fe80::8c5adb2e:3a83%7

Error: (01/25/2021 03:09:48 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList.Length: 2

Error: (01/25/2021 03:09:48 PM) (Source: USBAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.


System errors:
=============
Error: (01/25/2021 03:08:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/25/2021 03:08:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Brother Workflow Application Controller byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 03:08:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Brother USB Application Controller byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 03:08:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 03:08:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDFProFiltSrvPP byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 03:08:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 03:08:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/25/2021 10:49:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Brother Workflow Application Controller byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2021-01-25 16:33:34.4130000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-01-25 16:31:54.0790000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 16:31:42.9520000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 16:31:37.4080000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 16:31:37.0710000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 16:31:32.8680000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 16:31:27.2360000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-25 16:31:25.9950000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F8 04/21/2015
Motherboard: Gigabyte Technology Co., Ltd. Z97-D3H-CF
Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 47%
Total physical RAM: 8042.92 MB
Available physical RAM: 4236.27 MB
Total Virtual: 17258.92 MB
Available Virtual: 10868.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.19 GB) (Free:45.98 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:211.92 GB) NTFS

\\?\Volume{3f3edb5a-b2cd-4bb3-afab-2f34c55af59c}\ () (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{400d0d76-c900-4a2f-91df-2ee9c3435d55}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 94D375C0)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 111.8 GB) (Disk ID: 12F758A7)

Partition: GPT.

==================== End of Addition.txt =======================

[Diallix]

Este urobte docistenie:

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
2021-01-25 15:09 - 2021-01-25 15:09 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-19 16:32 - 2021-01-19 16:32 - 000004608 _____ C:\Users\vava\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

[vladislav]

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021 01
Ran by vava (26-01-2021 08:07:15) Run:2
Running from C:\Users\vava\Desktop
Loaded Profiles: vava
Boot Mode: Normal
==============================================

fixlist content:
*****************
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
2021-01-25 15:09 - 2021-01-25 15:09 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-19 16:32 - 2021-01-19 16:32 - 000004608 _____ C:\Users\vava\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

*****************

C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\vava\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

==== End of Fixlog 08:07:15 ====

[Diallix]

ok, ako je na tom pocitac?

[vladislav]

Dobrý den
Počítač je v pohodě za což děkuji.Měl bych ještě jednu prosbu,dalo by se nějak od šifrovat ty napadené soubory jsou to většinou fotky o které bych nerad přišel.
Ještě jednou děkuji za pomoc.

[Diallix]

Zrejme isto islo o ransomware.

Skuste pouzit tieto nastroje: https://noransom.kaspersky.com

Kolko je tych fotiek?