Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Filda
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 19 úno 2018 20:45

Kontrola logu

#1 Příspěvek od Filda »

Dobrý den,

prosím o kontrolu logu, počítač je velmi pomalý. Děkuji.

Přikládám log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by Filip Marčík (administrator) on DESKTOP-KQGVJSN (ASUSTeK COMPUTER INC. X541UV) (08-12-2019 18:00:38)
Running from C:\Users\Filip Marčík\Desktop
Loaded Profiles: Filip Marčík & Ivuška & Maminka & Táta2 (Available Profiles: Filip Marčík & Ivuška & Maminka & Táta2)
Platform: Windows 10 Home Version 1903 18362.175 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(FarStone Technology -> ) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
(Farstone Technology Inc -> ) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Mail.Ru, LLC -> ) C:\Users\Filip Marčík\AppData\Local\GameCenter\GameCenter.exe
(Mail.Ru, LLC -> ) C:\Users\Filip Marčík\AppData\Local\GameCenter\GameCenter.exe
(McAfee, LLC -> McAfee, LLC.) C:\Users\Filip Marčík\AppData\Local\Temp\MCPR\mccleanup.exe
(McAfee, LLC -> McAfee, LLC.) C:\Users\Filip Marčík\AppData\Local\Temp\MCPR\mccleanup.exe
(McAfee, LLC -> McAfee, LLC.) C:\Users\Filip Marčík\AppData\Local\Temp\MCPR\McClnUI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Filip Marčík\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
(Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.) C:\Program Files\Microvirt\MEmu\MemuService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36058000 2019-12-05] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2541944 2019-05-18] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Run: [GameCenter] => C:\Users\Filip Marčík\AppData\Local\GameCenter\GameCenter.exe [10395776 2019-12-05] (Mail.Ru, LLC -> )
HKU\S-1-5-21-3901295729-2401866428-3015012624-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1005\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BB81A9F-3476-4C0B-9E3F-B34A6A824BAF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {0BBB64D3-9EF8-412D-9FBA-14C35FB62408} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2108216 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {14F7D6E3-5BE4-42FE-AC8C-390B7BB7DC77} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {19849B53-BCBD-445E-9F63-587846EC063A} - System32\Tasks\WpsKtpcntrQingTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exe [1531136 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {204F16B9-8C89-4CB1-A4DF-3A4C9345E5F8} - System32\Tasks\Norton Family\Norton Family Error Analyzer => C:\Program Files (x86)\Norton Family\Engine\3.7.2.37\SymErr.exe
Task: {257D01DE-5354-4A0A-9945-5317D961229C} - System32\Tasks\McAfee Cleanup => C:\Users\Filip Marčík\AppData\Local\Temp\MCPR\mccleanup.exe [688896 2019-06-21] (McAfee, LLC -> McAfee, LLC.) <==== ATTENTION
Task: {2EBFE872-9459-494E-B78C-4369DC2AB788} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
Task: {300C6C10-4734-4CD5-95E8-E94E560C9849} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [File not signed]
Task: {32BC4421-6F4A-42FE-BE4C-C39108A01BA7} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {34A84272-39A2-41E1-9728-B89A3854AE2C} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [File not signed]
Task: {376D87BA-CBA8-4B7F-9E5A-AD73951CAD31} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {3BD92534-B9A6-4C7F-A41C-5A1D199A478A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391104 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {3C64CF9A-8190-488F-9A72-5AC008C28D7D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3FEB29A4-0018-48BE-B031-158541A69766} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {54D45970-EDEC-4E81-AC8D-F954ACEC1D93} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19786024 2016-02-23] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {60EFC32D-BFD4-4BAD-886F-00F65DEA2ECE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2089864 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {684DEB0C-1C4E-422A-BECE-BC9B8BB1E0F1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {75DE6A22-4176-4165-BA9E-DB57516581F2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [964544 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {78607855-4EC6-461B-B1A5-C832A5D86591} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [521152 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8131B922-E991-4A0D-9F43-6748501A8CAF} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54784 2016-02-23] (ASUS) [File not signed]
Task: {969168FC-E07E-4CE0-855A-42993B079FE4} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9DD74553-8723-4F08-B8B2-F7BC6E5C60BA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A3DCAB9C-FCE4-4747-B8CD-A9AD5D709BDF} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [File not signed]
Task: {A8EC45D1-1C10-4387-9DF3-3F6F7809A2CF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AEAEED82-C8E1-488B-9546-D9A57F1A3922} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B7C730AA-2DAA-48A5-BD4E-BA1147DE7E2B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671304 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA741588-964C-496A-9ECF-9FDFC1621F33} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C1669F19-7766-43B9-B9AA-561024F27020} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1864640 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD426258-6747-4F25-864A-53587E6FFD45} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {D81FF288-7101-479D-A50C-96F80DAFDC0C} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1578784 2016-07-07] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) [File not signed]
Task: {D900DB63-0952-42F4-97BC-692BC77054A4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671304 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE77944F-6D67-46D9-ADAE-85815B17BA8E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2108216 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1BF6F52-19A1-4349-A55B-CB0E78E8B23A} - System32\Tasks\WpsExternal_20161114022915 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe [516352 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {F29D077F-90FA-4679-918C-D7DF210DB314} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\WpsExternal_20161114022915.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe
Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exeÃqing 10.1.0.5644 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 79.98.72.27 79.98.72.2 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{99b5710c-532b-4064-baaf-32772c54e8ac}: [DhcpNameServer] 79.98.72.27 79.98.72.2 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3901295729-2401866428-3015012624-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {14DD4B29-F85C-4E4D-9290-D918524CB5E9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {2FC69E8C-0341-4C3C-8608-8BC9958EF123} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {338AF512-D204-4F80-847C-B584505FF384} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {5838E27F-69CA-4CA2-853B-53134D0747AF} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {8899093F-0B7F-43B6-927E-207720247146} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {9978FF19-82D2-4813-95F0-A1077953835B} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {CE14CFCD-4A18-4D72-ADE4-CDF15A2F3D79} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {D0D20547-4FF5-4A48-B76A-1793701A52E7} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {E330D925-E44D-4F6C-8044-7A58E81FA508} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {00DD2D4B-31C4-417B-A172-6AEC47F4F72B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {047BA285-75FC-46E6-BB34-FA179AEFC37A} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {14AD75BB-74D3-4B73-BC63-1B1E7FD5BE86} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {269574AE-999C-4280-B185-BA429AE23E3D} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {63BBBA5D-C0C6-4250-A25E-F5217BF81B11} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {C6AE4BD5-A94F-44B2-8373-BEB6F86AF81C} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {CD189DE3-9C6A-46A5-8CF2-0ACEF22912F1} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {D11F5AD1-C934-4AD6-A93A-89130ECC85A5} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {E671AA39-F7B6-4665-A5C1-2A804F37D625} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Notifications: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> hxxps://www.youtube.com

FireFox:
========
FF DefaultProfile: df7kmm00.default
FF ProfilePath: C:\Users\Filip Marčík\AppData\Roaming\Mozilla\Firefox\Profiles\df7kmm00.default [2019-07-25]
FF Extension: (ETP Search Volume Study) - C:\Users\Filip Marčík\AppData\Roaming\Mozilla\Firefox\Profiles\df7kmm00.default\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-07-20]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-03-29] (BattlEye Innovations e.K. -> )
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [125144 2016-02-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-02-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-11-09] (Intel(R) Software -> Intel Corporation)
R2 FBAgent; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032 2014-08-13] (FarStone Technology -> )
S2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806344 2018-11-01] (ICEpower a/s -> ICEpower)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe [133376 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MEmusvc; C:\Program Files\Microvirt\MEmu\MemuService.exe [269480 2017-05-26] (Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [16340752 2019-03-16] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2015-09-23] (CyberLink Corp. -> CyberLink)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [324168 2018-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer -> TeamViewer GmbH)
R2 Tran_Process_Proc; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024 2014-03-25] (Farstone Technology Inc -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [162048 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [22656 2016-02-23] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusHFilter; C:\WINDOWS\System32\drivers\AsusHFilter.sys [30200 2016-12-22] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-11-09] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-11-09] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-11-09] (Intel(R) Software -> Intel Corporation)
S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] (FarStone Technology -> ) [File not signed]
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R2 memudrv; C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (上海迈微软件科技有限公司 -> Microvirt Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [15553520 2019-03-16] (Mail.Ru LLC -> LLC Mail.Ru)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_9b1341e92276ee7c\nvlddmkm.sys [17213616 2018-10-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek Semiconductor Corp -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [758352 2018-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTWlanE02; C:\WINDOWS\System32\drivers\rtwlane02.sys [9599440 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-08 18:00 - 2019-12-08 18:04 - 000037750 _____ C:\Users\Filip Marčík\Desktop\FRST.txt
2019-12-08 17:46 - 2019-12-08 17:46 - 002263552 _____ (Farbar) C:\Users\Filip Marčík\Desktop\FRST64.exe
2019-12-08 11:45 - 2019-12-08 11:45 - 000005693 ___RH C:\farstone_pe.letter
2019-12-06 10:05 - 2019-12-06 10:05 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-12-06 09:59 - 2019-12-06 09:59 - 000000020 ___SH C:\Users\Filip Marčík\ntuser.ini
2019-12-05 22:39 - 2019-12-08 11:47 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-12-05 22:39 - 2019-12-08 11:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-05 22:39 - 2019-12-05 22:40 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:40 - 000003428 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FA29C794-20E0-4B41-8806-7050159DAA5C}
2019-12-05 22:39 - 2019-12-05 22:40 - 000003414 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6DF17297-FF54-4FA5-8BDD-D9904FF837A2}
2019-12-05 22:39 - 2019-12-05 22:40 - 000003236 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:40 - 000003178 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2019-12-05 22:39 - 2019-12-05 22:40 - 000003088 _____ C:\WINDOWS\system32\Tasks\WpsExternal_20161114022915
2019-12-05 22:39 - 2019-12-05 22:40 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:40 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3901295729-2401866428-3015012624-1006
2019-12-05 22:39 - 2019-12-05 22:40 - 000002920 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3901295729-2401866428-3015012624-1005
2019-12-05 22:39 - 2019-12-05 22:40 - 000002890 _____ C:\WINDOWS\system32\Tasks\ASUS Live Update1
2019-12-05 22:39 - 2019-12-05 22:40 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3901295729-2401866428-3015012624-1001
2019-12-05 22:39 - 2019-12-05 22:39 - 000003330 _____ C:\WINDOWS\system32\Tasks\WpsKtpcntrQingTask_Administrator
2019-12-05 22:39 - 2019-12-05 22:39 - 000003028 _____ C:\WINDOWS\system32\Tasks\Update Checker
2019-12-05 22:39 - 2019-12-05 22:39 - 000003016 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002984 _____ C:\WINDOWS\system32\Tasks\ATK Package 36D18D69AFC3
2019-12-05 22:39 - 2019-12-05 22:39 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002898 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002880 _____ C:\WINDOWS\system32\Tasks\ASUS Live Update2
2019-12-05 22:39 - 2019-12-05 22:39 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3901295729-2401866428-3015012624-1003
2019-12-05 22:39 - 2019-12-05 22:39 - 000002846 _____ C:\WINDOWS\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002626 _____ C:\WINDOWS\system32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002406 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice
2019-12-05 22:39 - 2019-12-05 22:39 - 000002400 _____ C:\WINDOWS\system32\Tasks\ASUS USB Charger Plus
2019-12-05 22:39 - 2019-12-05 22:39 - 000002340 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2019-12-05 22:39 - 2019-12-05 22:39 - 000002274 _____ C:\WINDOWS\system32\Tasks\ATK Package A22126881260
2019-12-05 22:39 - 2019-12-05 22:39 - 000002274 _____ C:\WINDOWS\system32\Tasks\ASUS Splendid ACMON
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Family
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUSTek Computer Inc
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2019-12-05 22:35 - 2019-12-05 22:39 - 000019053 _____ C:\WINDOWS\diagwrn.xml
2019-12-05 22:35 - 2019-12-05 22:39 - 000019053 _____ C:\WINDOWS\diagerr.xml
2019-12-05 22:21 - 2019-12-08 11:49 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-05 22:01 - 2019-12-08 11:50 - 000000000 ____D C:\Users\Filip Marčík
2019-12-05 22:01 - 2019-12-05 22:22 - 000000000 ____D C:\Users\Táta2
2019-12-05 22:01 - 2019-12-05 22:22 - 000000000 ____D C:\Users\Maminka
2019-12-05 22:01 - 2019-12-05 22:18 - 000000000 ____D C:\Users\Ivuška
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Šablony
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Soubory cookie
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Poslední
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Okolní tiskárny
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Okolní síť
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Nabídka Start
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Dokumenty
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Documents\Obrázky
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Documents\Hudba
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Documents\Filmy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\AppData\Local\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Šablony
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Soubory cookie
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Poslední
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Okolní tiskárny
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Okolní síť
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Nabídka Start
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Dokumenty
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Documents\Obrázky
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Documents\Hudba
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Documents\Filmy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\AppData\Local\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Šablony
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Soubory cookie
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Poslední
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Okolní tiskárny
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Okolní síť
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Nabídka Start
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Dokumenty
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Documents\Obrázky
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Documents\Hudba
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Documents\Filmy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\AppData\Local\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Šablony
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Soubory cookie
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Poslední
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Okolní tiskárny
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Okolní síť
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Nabídka Start
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Dokumenty
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Documents\Obrázky
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Documents\Hudba
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Documents\Filmy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\AppData\Local\Data aplikací
2019-12-05 22:01 - 2019-03-19 05:46 - 000001105 _____ C:\Users\Táta2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-05 22:01 - 2019-03-19 05:46 - 000001105 _____ C:\Users\Maminka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-05 22:01 - 2019-03-19 05:46 - 000001105 _____ C:\Users\Ivuška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-05 22:01 - 2019-03-19 05:46 - 000001105 _____ C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-05 21:58 - 2019-12-05 21:58 - 000000000 ____D C:\ProgramData\USOShared
2019-12-05 21:58 - 2016-11-30 07:36 - 000113672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2019-12-05 21:58 - 2016-11-30 07:36 - 000104456 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2019-12-05 21:57 - 2019-06-12 02:29 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-12-05 21:53 - 2019-12-08 17:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-05 21:53 - 2019-12-05 22:12 - 000434856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-05 21:52 - 2019-12-05 22:41 - 000000000 ____D C:\Windows.old
2019-12-05 21:44 - 2019-12-05 21:52 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-12-05 21:41 - 2019-12-05 21:43 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-12-05 21:41 - 2019-12-05 21:41 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\Program Files\MSBuild
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-12-05 21:37 - 2019-03-01 17:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-12-05 21:37 - 2019-03-01 17:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-12-05 21:37 - 2019-03-01 17:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-12-05 21:37 - 2019-02-05 18:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-12-05 21:37 - 2019-02-05 18:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-12-05 21:37 - 2019-02-05 18:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-12-05 21:31 - 2019-12-05 21:31 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-12-05 21:31 - 2019-12-05 21:31 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-12-05 17:45 - 2019-12-06 09:59 - 000000000 ___DC C:\WINDOWS\Panther
2019-12-05 17:18 - 2019-12-05 17:35 - 000000000 ___HD C:\$GetCurrent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-08 18:02 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-08 18:02 - 2018-02-20 20:34 - 000000000 ____D C:\FRST
2019-12-08 18:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-08 17:55 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-08 12:24 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-08 12:21 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-12-08 12:18 - 2017-07-10 17:03 - 000000000 ____D C:\Program Files\Microsoft Office
2019-12-08 12:07 - 2017-12-25 09:10 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\Packages
2019-12-08 12:06 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-08 12:06 - 2019-03-15 17:19 - 000000000 ____D C:\ProgramData\Packages
2019-12-08 11:58 - 2017-12-25 03:29 - 000000000 ____D C:\Program Files\rempl
2019-12-08 11:56 - 2019-03-12 22:57 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\LogMeIn Hamachi
2019-12-08 11:56 - 2018-07-21 15:37 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\AVAST Software
2019-12-08 11:54 - 2019-03-15 21:27 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\GameCenter
2019-12-08 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-12-08 11:50 - 2017-12-24 23:05 - 000000000 __SHD C:\Users\Filip Marčík\IntelGraphicsProfiles
2019-12-08 11:50 - 2017-07-10 16:43 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-08 11:49 - 2019-03-19 12:55 - 000719454 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-08 11:49 - 2019-03-19 12:55 - 000145482 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-06 10:00 - 2017-12-25 09:32 - 000000000 ___RD C:\Users\Filip Marčík\3D Objects
2019-12-06 10:00 - 2017-07-10 16:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-06 09:59 - 2017-12-25 09:31 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\ConnectedDevicesPlatform
2019-12-05 22:41 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-12-05 22:40 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows NT
2019-12-05 22:40 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-12-05 22:39 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-12-05 22:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2019-12-05 22:26 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-12-05 22:24 - 2017-12-25 09:24 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2019-12-05 22:23 - 2017-07-10 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2019-12-05 22:08 - 2019-10-09 13:45 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2019-12-05 22:08 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-05 22:08 - 2019-03-15 21:27 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2019-12-05 22:08 - 2019-01-30 19:56 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2019-12-05 22:08 - 2018-01-06 20:26 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu
2019-12-05 22:08 - 2017-12-25 10:55 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2019-12-05 22:08 - 2017-12-24 23:20 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-05 22:07 - 2017-12-25 17:59 - 000000000 ____D C:\Users\Maminka\AppData\Local\Packages
2019-12-05 22:06 - 2018-01-29 21:33 - 000000000 ____D C:\Users\Táta2\AppData\Local\Packages
2019-12-05 22:03 - 2017-12-25 11:34 - 000000000 ____D C:\Users\Ivuška\AppData\Local\Packages
2019-12-05 22:00 - 2019-03-12 22:56 - 000000000 ____D C:\WINDOWS\system32\DAX3
2019-12-05 22:00 - 2017-07-10 16:46 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-12-05 22:00 - 2017-07-10 16:46 - 000000000 ____D C:\WINDOWS\system32\DAX2
2019-12-05 21:59 - 2017-07-10 16:47 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-12-05 21:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-12-05 21:58 - 2017-07-10 16:42 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-05 21:52 - 2019-04-06 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\spool
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Help
2019-12-05 21:52 - 2019-03-19 05:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-12-05 21:52 - 2019-02-20 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
2019-12-05 21:52 - 2019-01-07 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Family
2019-12-05 21:52 - 2018-10-23 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-12-05 21:52 - 2018-10-04 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-12-05 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-12-05 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-12-05 21:52 - 2018-01-07 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-12-05 21:52 - 2017-12-25 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-12-05 21:52 - 2017-12-25 03:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-05 21:52 - 2017-12-25 03:21 - 000000000 ____D C:\Program Files\UNP
2019-12-05 21:52 - 2017-12-24 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-05 21:52 - 2017-12-24 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2019-12-05 21:52 - 2017-12-24 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2019-12-05 21:52 - 2017-07-10 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2019-12-05 21:52 - 2017-07-10 16:39 - 000000000 ____D C:\Program Files (x86)\Intel
2019-12-05 21:52 - 2017-07-10 16:32 - 000000000 ____D C:\Program Files\Intel
2019-12-05 21:52 - 2016-11-14 03:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office
2019-12-05 21:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-12-05 21:45 - 2019-07-21 18:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-12-05 21:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-12-05 21:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-12-05 21:44 - 2019-07-25 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2019-12-05 21:44 - 2019-06-16 18:46 - 000000000 ____D C:\WINDOWS\Firmware
2019-12-05 21:44 - 2019-03-19 12:57 - 000000000 ____D C:\WINDOWS\OCR
2019-12-05 21:44 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Resources
2019-12-05 21:44 - 2018-08-25 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-12-05 21:44 - 2018-02-22 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2019-12-05 21:44 - 2017-07-10 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FarStone
2019-12-05 21:44 - 2017-07-10 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2019-12-05 21:44 - 2017-07-10 16:46 - 000000000 ____D C:\Program Files\Realtek
2019-12-05 21:38 - 2019-03-19 05:58 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2019-12-05 21:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-12-05 21:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-12-05 21:36 - 2019-03-19 05:56 - 000000000 ____D C:\WINDOWS\Setup
2019-12-05 17:44 - 2017-12-24 23:46 - 000000036 _____ C:\WINDOWS\progress.ini
2019-12-05 17:35 - 2019-10-20 18:59 - 000000000 ____D C:\Windows10Upgrade
2019-11-26 20:42 - 2019-07-22 21:21 - 000000000 ____D C:\Users\Filip Marčík\Desktop\parkour videa sestříhané
2019-11-25 18:00 - 2017-12-25 03:29 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-25 17:41 - 2017-12-24 23:11 - 000000000 ___RD C:\Users\Filip Marčík\OneDrive
2019-11-25 17:39 - 2018-08-06 17:12 - 000000000 ____D C:\Users\Ivuška\AppData\Local\AVAST Software
2019-11-25 17:37 - 2019-03-12 22:57 - 000000000 ____D C:\Users\Ivuška\AppData\Local\LogMeIn Hamachi
2019-11-25 17:34 - 2017-12-25 11:34 - 000000000 __SHD C:\Users\Ivuška\IntelGraphicsProfiles
2019-11-22 19:47 - 2017-12-27 19:14 - 000000000 ___RD C:\Users\Ivuška\OneDrive
2019-11-21 19:08 - 2017-12-27 19:45 - 000000000 ____D C:\Users\Ivuška\AppData\Local\PlaceholderTileLogoFolder
2019-11-20 14:11 - 2018-01-26 08:36 - 000000000 ____D C:\Users\Ivuška\Desktop\Nová složka
2019-11-18 14:58 - 2017-12-25 11:42 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\PlaceholderTileLogoFolder
2019-11-16 21:12 - 2019-07-25 13:44 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Sony

==================== Files in the root of some directories ========

2017-12-24 23:08 - 2018-03-18 14:51 - 000000206 _____ () C:\Users\Filip Marčík\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================









A ještě Addition.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by Filip Marčík (administrator) on DESKTOP-KQGVJSN (ASUSTeK COMPUTER INC. X541UV) (08-12-2019 18:00:38)
Running from C:\Users\Filip Marčík\Desktop
Loaded Profiles: Filip Marčík & Ivuška & Maminka & Táta2 (Available Profiles: Filip Marčík & Ivuška & Maminka & Táta2)
Platform: Windows 10 Home Version 1903 18362.175 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTek Computer Inc. -> ASUSTek Computer Inc) C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(FarStone Technology -> ) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe
(Farstone Technology Inc -> ) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Mail.Ru, LLC -> ) C:\Users\Filip Marčík\AppData\Local\GameCenter\GameCenter.exe
(Mail.Ru, LLC -> ) C:\Users\Filip Marčík\AppData\Local\GameCenter\GameCenter.exe
(McAfee, LLC -> McAfee, LLC.) C:\Users\Filip Marčík\AppData\Local\Temp\MCPR\mccleanup.exe
(McAfee, LLC -> McAfee, LLC.) C:\Users\Filip Marčík\AppData\Local\Temp\MCPR\mccleanup.exe
(McAfee, LLC -> McAfee, LLC.) C:\Users\Filip Marčík\AppData\Local\Temp\MCPR\McClnUI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Filip Marčík\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
(Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.) C:\Program Files\Microvirt\MEmu\MemuService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Realtek Bluetooth Filter ONLY\BTDevMgr.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36058000 2019-12-05] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2541944 2019-05-18] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Run: [GameCenter] => C:\Users\Filip Marčík\AppData\Local\GameCenter\GameCenter.exe [10395776 2019-12-05] (Mail.Ru, LLC -> )
HKU\S-1-5-21-3901295729-2401866428-3015012624-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1005\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BB81A9F-3476-4C0B-9E3F-B34A6A824BAF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {0BBB64D3-9EF8-412D-9FBA-14C35FB62408} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2108216 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {14F7D6E3-5BE4-42FE-AC8C-390B7BB7DC77} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {19849B53-BCBD-445E-9F63-587846EC063A} - System32\Tasks\WpsKtpcntrQingTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exe [1531136 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {204F16B9-8C89-4CB1-A4DF-3A4C9345E5F8} - System32\Tasks\Norton Family\Norton Family Error Analyzer => C:\Program Files (x86)\Norton Family\Engine\3.7.2.37\SymErr.exe
Task: {257D01DE-5354-4A0A-9945-5317D961229C} - System32\Tasks\McAfee Cleanup => C:\Users\Filip Marčík\AppData\Local\Temp\MCPR\mccleanup.exe [688896 2019-06-21] (McAfee, LLC -> McAfee, LLC.) <==== ATTENTION
Task: {2EBFE872-9459-494E-B78C-4369DC2AB788} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
Task: {300C6C10-4734-4CD5-95E8-E94E560C9849} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [File not signed]
Task: {32BC4421-6F4A-42FE-BE4C-C39108A01BA7} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {34A84272-39A2-41E1-9728-B89A3854AE2C} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [File not signed]
Task: {376D87BA-CBA8-4B7F-9E5A-AD73951CAD31} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {3BD92534-B9A6-4C7F-A41C-5A1D199A478A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391104 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {3C64CF9A-8190-488F-9A72-5AC008C28D7D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3FEB29A4-0018-48BE-B031-158541A69766} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {54D45970-EDEC-4E81-AC8D-F954ACEC1D93} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19786024 2016-02-23] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {60EFC32D-BFD4-4BAD-886F-00F65DEA2ECE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2089864 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {684DEB0C-1C4E-422A-BECE-BC9B8BB1E0F1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {75DE6A22-4176-4165-BA9E-DB57516581F2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [964544 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {78607855-4EC6-461B-B1A5-C832A5D86591} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [521152 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8131B922-E991-4A0D-9F43-6748501A8CAF} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54784 2016-02-23] (ASUS) [File not signed]
Task: {969168FC-E07E-4CE0-855A-42993B079FE4} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9DD74553-8723-4F08-B8B2-F7BC6E5C60BA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A3DCAB9C-FCE4-4747-B8CD-A9AD5D709BDF} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [File not signed]
Task: {A8EC45D1-1C10-4387-9DF3-3F6F7809A2CF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AEAEED82-C8E1-488B-9546-D9A57F1A3922} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B7C730AA-2DAA-48A5-BD4E-BA1147DE7E2B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671304 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA741588-964C-496A-9ECF-9FDFC1621F33} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C1669F19-7766-43B9-B9AA-561024F27020} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1864640 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD426258-6747-4F25-864A-53587E6FFD45} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {D81FF288-7101-479D-A50C-96F80DAFDC0C} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1578784 2016-07-07] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) [File not signed]
Task: {D900DB63-0952-42F4-97BC-692BC77054A4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671304 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE77944F-6D67-46D9-ADAE-85815B17BA8E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2108216 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1BF6F52-19A1-4349-A55B-CB0E78E8B23A} - System32\Tasks\WpsExternal_20161114022915 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe [516352 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {F29D077F-90FA-4679-918C-D7DF210DB314} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\WpsExternal_20161114022915.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe
Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exeÃqing 10.1.0.5644 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 79.98.72.27 79.98.72.2 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{99b5710c-532b-4064-baaf-32772c54e8ac}: [DhcpNameServer] 79.98.72.27 79.98.72.2 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3901295729-2401866428-3015012624-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {14DD4B29-F85C-4E4D-9290-D918524CB5E9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {2FC69E8C-0341-4C3C-8608-8BC9958EF123} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {338AF512-D204-4F80-847C-B584505FF384} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {5838E27F-69CA-4CA2-853B-53134D0747AF} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {8899093F-0B7F-43B6-927E-207720247146} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {9978FF19-82D2-4813-95F0-A1077953835B} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {CE14CFCD-4A18-4D72-ADE4-CDF15A2F3D79} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {D0D20547-4FF5-4A48-B76A-1793701A52E7} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {E330D925-E44D-4F6C-8044-7A58E81FA508} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {00DD2D4B-31C4-417B-A172-6AEC47F4F72B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {047BA285-75FC-46E6-BB34-FA179AEFC37A} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {14AD75BB-74D3-4B73-BC63-1B1E7FD5BE86} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {269574AE-999C-4280-B185-BA429AE23E3D} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {63BBBA5D-C0C6-4250-A25E-F5217BF81B11} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {C6AE4BD5-A94F-44B2-8373-BEB6F86AF81C} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {CD189DE3-9C6A-46A5-8CF2-0ACEF22912F1} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {D11F5AD1-C934-4AD6-A93A-89130ECC85A5} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {E671AA39-F7B6-4665-A5C1-2A804F37D625} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Notifications: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> hxxps://www.youtube.com

FireFox:
========
FF DefaultProfile: df7kmm00.default
FF ProfilePath: C:\Users\Filip Marčík\AppData\Roaming\Mozilla\Firefox\Profiles\df7kmm00.default [2019-07-25]
FF Extension: (ETP Search Volume Study) - C:\Users\Filip Marčík\AppData\Roaming\Mozilla\Firefox\Profiles\df7kmm00.default\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-07-20]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-03-29] (BattlEye Innovations e.K. -> )
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [125144 2016-02-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-02-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-11-09] (Intel(R) Software -> Intel Corporation)
R2 FBAgent; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032 2014-08-13] (FarStone Technology -> )
S2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806344 2018-11-01] (ICEpower a/s -> ICEpower)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe [133376 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
R2 MEmusvc; C:\Program Files\Microvirt\MEmu\MemuService.exe [269480 2017-05-26] (Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [16340752 2019-03-16] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2015-09-23] (CyberLink Corp. -> CyberLink)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [324168 2018-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer -> TeamViewer GmbH)
R2 Tran_Process_Proc; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024 2014-03-25] (Farstone Technology Inc -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [162048 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [22656 2016-02-23] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusHFilter; C:\WINDOWS\System32\drivers\AsusHFilter.sys [30200 2016-12-22] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-11-09] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-11-09] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-11-09] (Intel(R) Software -> Intel Corporation)
S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] (FarStone Technology -> ) [File not signed]
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R2 memudrv; C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (上海迈微软件科技有限公司 -> Microvirt Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [15553520 2019-03-16] (Mail.Ru LLC -> LLC Mail.Ru)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_9b1341e92276ee7c\nvlddmkm.sys [17213616 2018-10-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek Semiconductor Corp -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [758352 2018-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTWlanE02; C:\WINDOWS\System32\drivers\rtwlane02.sys [9599440 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-08 18:00 - 2019-12-08 18:04 - 000037750 _____ C:\Users\Filip Marčík\Desktop\FRST.txt
2019-12-08 17:46 - 2019-12-08 17:46 - 002263552 _____ (Farbar) C:\Users\Filip Marčík\Desktop\FRST64.exe
2019-12-08 11:45 - 2019-12-08 11:45 - 000005693 ___RH C:\farstone_pe.letter
2019-12-06 10:05 - 2019-12-06 10:05 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-12-06 09:59 - 2019-12-06 09:59 - 000000020 ___SH C:\Users\Filip Marčík\ntuser.ini
2019-12-05 22:39 - 2019-12-08 11:47 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-12-05 22:39 - 2019-12-08 11:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-05 22:39 - 2019-12-05 22:40 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:40 - 000003428 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FA29C794-20E0-4B41-8806-7050159DAA5C}
2019-12-05 22:39 - 2019-12-05 22:40 - 000003414 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6DF17297-FF54-4FA5-8BDD-D9904FF837A2}
2019-12-05 22:39 - 2019-12-05 22:40 - 000003236 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:40 - 000003178 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2019-12-05 22:39 - 2019-12-05 22:40 - 000003088 _____ C:\WINDOWS\system32\Tasks\WpsExternal_20161114022915
2019-12-05 22:39 - 2019-12-05 22:40 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:40 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3901295729-2401866428-3015012624-1006
2019-12-05 22:39 - 2019-12-05 22:40 - 000002920 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3901295729-2401866428-3015012624-1005
2019-12-05 22:39 - 2019-12-05 22:40 - 000002890 _____ C:\WINDOWS\system32\Tasks\ASUS Live Update1
2019-12-05 22:39 - 2019-12-05 22:40 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3901295729-2401866428-3015012624-1001
2019-12-05 22:39 - 2019-12-05 22:39 - 000003330 _____ C:\WINDOWS\system32\Tasks\WpsKtpcntrQingTask_Administrator
2019-12-05 22:39 - 2019-12-05 22:39 - 000003028 _____ C:\WINDOWS\system32\Tasks\Update Checker
2019-12-05 22:39 - 2019-12-05 22:39 - 000003016 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002984 _____ C:\WINDOWS\system32\Tasks\ATK Package 36D18D69AFC3
2019-12-05 22:39 - 2019-12-05 22:39 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002898 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002880 _____ C:\WINDOWS\system32\Tasks\ASUS Live Update2
2019-12-05 22:39 - 2019-12-05 22:39 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3901295729-2401866428-3015012624-1003
2019-12-05 22:39 - 2019-12-05 22:39 - 000002846 _____ C:\WINDOWS\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002626 _____ C:\WINDOWS\system32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002406 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice
2019-12-05 22:39 - 2019-12-05 22:39 - 000002400 _____ C:\WINDOWS\system32\Tasks\ASUS USB Charger Plus
2019-12-05 22:39 - 2019-12-05 22:39 - 000002340 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2019-12-05 22:39 - 2019-12-05 22:39 - 000002274 _____ C:\WINDOWS\system32\Tasks\ATK Package A22126881260
2019-12-05 22:39 - 2019-12-05 22:39 - 000002274 _____ C:\WINDOWS\system32\Tasks\ASUS Splendid ACMON
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Family
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUSTek Computer Inc
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2019-12-05 22:35 - 2019-12-05 22:39 - 000019053 _____ C:\WINDOWS\diagwrn.xml
2019-12-05 22:35 - 2019-12-05 22:39 - 000019053 _____ C:\WINDOWS\diagerr.xml
2019-12-05 22:21 - 2019-12-08 11:49 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-05 22:01 - 2019-12-08 11:50 - 000000000 ____D C:\Users\Filip Marčík
2019-12-05 22:01 - 2019-12-05 22:22 - 000000000 ____D C:\Users\Táta2
2019-12-05 22:01 - 2019-12-05 22:22 - 000000000 ____D C:\Users\Maminka
2019-12-05 22:01 - 2019-12-05 22:18 - 000000000 ____D C:\Users\Ivuška
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Šablony
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Soubory cookie
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Poslední
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Okolní tiskárny
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Okolní síť
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Nabídka Start
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Dokumenty
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Documents\Obrázky
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Documents\Hudba
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Documents\Filmy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\AppData\Local\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Šablony
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Soubory cookie
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Poslední
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Okolní tiskárny
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Okolní síť
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Nabídka Start
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Dokumenty
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Documents\Obrázky
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Documents\Hudba
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Documents\Filmy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\AppData\Local\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Šablony
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Soubory cookie
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Poslední
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Okolní tiskárny
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Okolní síť
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Nabídka Start
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Dokumenty
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Documents\Obrázky
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Documents\Hudba
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Documents\Filmy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\AppData\Local\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Šablony
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Soubory cookie
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Poslední
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Okolní tiskárny
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Okolní síť
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Nabídka Start
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Dokumenty
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Documents\Obrázky
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Documents\Hudba
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Documents\Filmy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\AppData\Local\Data aplikací
2019-12-05 22:01 - 2019-03-19 05:46 - 000001105 _____ C:\Users\Táta2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-05 22:01 - 2019-03-19 05:46 - 000001105 _____ C:\Users\Maminka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-05 22:01 - 2019-03-19 05:46 - 000001105 _____ C:\Users\Ivuška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-05 22:01 - 2019-03-19 05:46 - 000001105 _____ C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-05 21:58 - 2019-12-05 21:58 - 000000000 ____D C:\ProgramData\USOShared
2019-12-05 21:58 - 2016-11-30 07:36 - 000113672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2019-12-05 21:58 - 2016-11-30 07:36 - 000104456 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2019-12-05 21:57 - 2019-06-12 02:29 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-12-05 21:53 - 2019-12-08 17:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-05 21:53 - 2019-12-05 22:12 - 000434856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-05 21:52 - 2019-12-05 22:41 - 000000000 ____D C:\Windows.old
2019-12-05 21:44 - 2019-12-05 21:52 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-12-05 21:41 - 2019-12-05 21:43 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-12-05 21:41 - 2019-12-05 21:41 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\Program Files\MSBuild
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-12-05 21:37 - 2019-03-01 17:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-12-05 21:37 - 2019-03-01 17:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-12-05 21:37 - 2019-03-01 17:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-12-05 21:37 - 2019-02-05 18:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-12-05 21:37 - 2019-02-05 18:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-12-05 21:37 - 2019-02-05 18:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-12-05 21:31 - 2019-12-05 21:31 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-12-05 21:31 - 2019-12-05 21:31 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-12-05 17:45 - 2019-12-06 09:59 - 000000000 ___DC C:\WINDOWS\Panther
2019-12-05 17:18 - 2019-12-05 17:35 - 000000000 ___HD C:\$GetCurrent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-08 18:02 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-08 18:02 - 2018-02-20 20:34 - 000000000 ____D C:\FRST
2019-12-08 18:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-08 17:55 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-08 12:24 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-08 12:21 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-12-08 12:18 - 2017-07-10 17:03 - 000000000 ____D C:\Program Files\Microsoft Office
2019-12-08 12:07 - 2017-12-25 09:10 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\Packages
2019-12-08 12:06 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-08 12:06 - 2019-03-15 17:19 - 000000000 ____D C:\ProgramData\Packages
2019-12-08 11:58 - 2017-12-25 03:29 - 000000000 ____D C:\Program Files\rempl
2019-12-08 11:56 - 2019-03-12 22:57 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\LogMeIn Hamachi
2019-12-08 11:56 - 2018-07-21 15:37 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\AVAST Software
2019-12-08 11:54 - 2019-03-15 21:27 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\GameCenter
2019-12-08 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-12-08 11:50 - 2017-12-24 23:05 - 000000000 __SHD C:\Users\Filip Marčík\IntelGraphicsProfiles
2019-12-08 11:50 - 2017-07-10 16:43 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-08 11:49 - 2019-03-19 12:55 - 000719454 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-08 11:49 - 2019-03-19 12:55 - 000145482 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-06 10:00 - 2017-12-25 09:32 - 000000000 ___RD C:\Users\Filip Marčík\3D Objects
2019-12-06 10:00 - 2017-07-10 16:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-06 09:59 - 2017-12-25 09:31 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\ConnectedDevicesPlatform
2019-12-05 22:41 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-12-05 22:40 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows NT
2019-12-05 22:40 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-12-05 22:39 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-12-05 22:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2019-12-05 22:26 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-12-05 22:24 - 2017-12-25 09:24 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2019-12-05 22:23 - 2017-07-10 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2019-12-05 22:08 - 2019-10-09 13:45 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2019-12-05 22:08 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-05 22:08 - 2019-03-15 21:27 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2019-12-05 22:08 - 2019-01-30 19:56 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2019-12-05 22:08 - 2018-01-06 20:26 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu
2019-12-05 22:08 - 2017-12-25 10:55 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2019-12-05 22:08 - 2017-12-24 23:20 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-05 22:07 - 2017-12-25 17:59 - 000000000 ____D C:\Users\Maminka\AppData\Local\Packages
2019-12-05 22:06 - 2018-01-29 21:33 - 000000000 ____D C:\Users\Táta2\AppData\Local\Packages
2019-12-05 22:03 - 2017-12-25 11:34 - 000000000 ____D C:\Users\Ivuška\AppData\Local\Packages
2019-12-05 22:00 - 2019-03-12 22:56 - 000000000 ____D C:\WINDOWS\system32\DAX3
2019-12-05 22:00 - 2017-07-10 16:46 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-12-05 22:00 - 2017-07-10 16:46 - 000000000 ____D C:\WINDOWS\system32\DAX2
2019-12-05 21:59 - 2017-07-10 16:47 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-12-05 21:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-12-05 21:58 - 2017-07-10 16:42 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-05 21:52 - 2019-04-06 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\spool
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Help
2019-12-05 21:52 - 2019-03-19 05:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-12-05 21:52 - 2019-02-20 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
2019-12-05 21:52 - 2019-01-07 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Family
2019-12-05 21:52 - 2018-10-23 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-12-05 21:52 - 2018-10-04 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-12-05 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-12-05 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-12-05 21:52 - 2018-01-07 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-12-05 21:52 - 2017-12-25 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-12-05 21:52 - 2017-12-25 03:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-05 21:52 - 2017-12-25 03:21 - 000000000 ____D C:\Program Files\UNP
2019-12-05 21:52 - 2017-12-24 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-05 21:52 - 2017-12-24 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2019-12-05 21:52 - 2017-12-24 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2019-12-05 21:52 - 2017-07-10 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2019-12-05 21:52 - 2017-07-10 16:39 - 000000000 ____D C:\Program Files (x86)\Intel
2019-12-05 21:52 - 2017-07-10 16:32 - 000000000 ____D C:\Program Files\Intel
2019-12-05 21:52 - 2016-11-14 03:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office
2019-12-05 21:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-12-05 21:45 - 2019-07-21 18:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-12-05 21:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-12-05 21:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-12-05 21:44 - 2019-07-25 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2019-12-05 21:44 - 2019-06-16 18:46 - 000000000 ____D C:\WINDOWS\Firmware
2019-12-05 21:44 - 2019-03-19 12:57 - 000000000 ____D C:\WINDOWS\OCR
2019-12-05 21:44 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Resources
2019-12-05 21:44 - 2018-08-25 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-12-05 21:44 - 2018-02-22 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2019-12-05 21:44 - 2017-07-10 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FarStone
2019-12-05 21:44 - 2017-07-10 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2019-12-05 21:44 - 2017-07-10 16:46 - 000000000 ____D C:\Program Files\Realtek
2019-12-05 21:38 - 2019-03-19 05:58 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2019-12-05 21:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-12-05 21:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-12-05 21:36 - 2019-03-19 05:56 - 000000000 ____D C:\WINDOWS\Setup
2019-12-05 17:44 - 2017-12-24 23:46 - 000000036 _____ C:\WINDOWS\progress.ini
2019-12-05 17:35 - 2019-10-20 18:59 - 000000000 ____D C:\Windows10Upgrade
2019-11-26 20:42 - 2019-07-22 21:21 - 000000000 ____D C:\Users\Filip Marčík\Desktop\parkour videa sestříhané
2019-11-25 18:00 - 2017-12-25 03:29 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-25 17:41 - 2017-12-24 23:11 - 000000000 ___RD C:\Users\Filip Marčík\OneDrive
2019-11-25 17:39 - 2018-08-06 17:12 - 000000000 ____D C:\Users\Ivuška\AppData\Local\AVAST Software
2019-11-25 17:37 - 2019-03-12 22:57 - 000000000 ____D C:\Users\Ivuška\AppData\Local\LogMeIn Hamachi
2019-11-25 17:34 - 2017-12-25 11:34 - 000000000 __SHD C:\Users\Ivuška\IntelGraphicsProfiles
2019-11-22 19:47 - 2017-12-27 19:14 - 000000000 ___RD C:\Users\Ivuška\OneDrive
2019-11-21 19:08 - 2017-12-27 19:45 - 000000000 ____D C:\Users\Ivuška\AppData\Local\PlaceholderTileLogoFolder
2019-11-20 14:11 - 2018-01-26 08:36 - 000000000 ____D C:\Users\Ivuška\Desktop\Nová složka
2019-11-18 14:58 - 2017-12-25 11:42 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\PlaceholderTileLogoFolder
2019-11-16 21:12 - 2019-07-25 13:44 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Sony

==================== Files in the root of some directories ========

2017-12-24 23:08 - 2018-03-18 14:51 - 000000206 _____ () C:\Users\Filip Marčík\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Conder
VIP
VIP
Příspěvky: 4400
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Filda
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 19 úno 2018 20:45

Re: Kontrola logu

#3 Příspěvek od Filda »

Ahoj, tak zde je log. Ptalo se mě to, že to našlo asi 6 nějakých předinstalovaných souborů, jestli je chci odstranit. Z nich u 5 byl vydavatel ASUS, tj. výrobce počítače. Tak jsem nechal odstranit ten jeden a těch 5 od ASUSU jsem nechal, protože myslim, že by tam asi měly zůstat...

# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-08-2019
# Duration: 00:00:21
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.CyberLinkService Folder C:\Program Files\CYBERLINK\SHARED FILES\PLUGIN\NEWBLUE


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1242 octets] - [03/05/2018 22:00:34]
AdwCleaner[C00].txt - [1367 octets] - [03/05/2018 22:02:46]
AdwCleaner[S01].txt - [1364 octets] - [27/06/2018 22:28:45]
AdwCleaner[C01].txt - [1550 octets] - [27/06/2018 22:29:34]
AdwCleaner[S02].txt - [5230 octets] - [17/02/2019 11:58:22]
AdwCleaner[C02].txt - [4908 octets] - [17/02/2019 11:59:36]
AdwCleaner[S03].txt - [1616 octets] - [20/07/2019 14:47:12]
AdwCleaner[S04].txt - [4002 octets] - [08/12/2019 21:54:32]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########
Nahoru
Conder
VIP
VIP
Příspěvky: 4400
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu

#4 Příspěvek od Conder »

Ano, AdwCleaner detekuje aj programy predinstalovane vyrobcom notebooku. Zavisi na tebe ci si dane programy chces ponechat alebo ich nepotrebujes.

Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Filda
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 19 úno 2018 20:45

Re: Kontrola logu

#5 Příspěvek od Filda »

Dobrý večer,

přikládám log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2019
Ran by Filip Marčík (administrator) on DESKTOP-KQGVJSN (ASUSTeK COMPUTER INC. X541UV) (10-12-2019 22:53:04)
Running from C:\Users\Filip Marčík\Desktop
Loaded Profiles: Filip Marčík & Ivuška & Maminka & Táta2 (Available Profiles: Filip Marčík & Ivuška & Maminka & Táta2)
Platform: Windows 10 Home Version 1903 18362.175 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.471_none_5f12f35059003107\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5890504 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Run: [World of Tanks] => C:\Games\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36055952 2019-12-09] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2541944 2019-05-18] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Run: [GameCenter] => C:\Users\Filip Marčík\AppData\Local\GameCenter\GameCenter.exe [10395776 2019-12-05] (Mail.Ru, LLC -> )
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1005\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3901295729-2401866428-3015012624-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2019-12-09]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BB81A9F-3476-4C0B-9E3F-B34A6A824BAF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {0BBB64D3-9EF8-412D-9FBA-14C35FB62408} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2108216 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {14F7D6E3-5BE4-42FE-AC8C-390B7BB7DC77} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {19849B53-BCBD-445E-9F63-587846EC063A} - System32\Tasks\WpsKtpcntrQingTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exe [1531136 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {204F16B9-8C89-4CB1-A4DF-3A4C9345E5F8} - System32\Tasks\Norton Family\Norton Family Error Analyzer => C:\Program Files (x86)\Norton Family\Engine\3.7.2.37\SymErr.exe
Task: {2EBFE872-9459-494E-B78C-4369DC2AB788} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [1049608 2017-07-03] (ASUSTek Computer Inc. -> ASUSTek Computer Inc)
Task: {300C6C10-4734-4CD5-95E8-E94E560C9849} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [File not signed]
Task: {32BC4421-6F4A-42FE-BE4C-C39108A01BA7} - System32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
Task: {34A84272-39A2-41E1-9728-B89A3854AE2C} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [File not signed]
Task: {376D87BA-CBA8-4B7F-9E5A-AD73951CAD31} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {3BD92534-B9A6-4C7F-A41C-5A1D199A478A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391104 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {3C64CF9A-8190-488F-9A72-5AC008C28D7D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3FEB29A4-0018-48BE-B031-158541A69766} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {54D45970-EDEC-4E81-AC8D-F954ACEC1D93} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19786024 2016-02-23] (ASUSTeK COMPUTER INC. -> ASUSTek Computer Inc.)
Task: {60EFC32D-BFD4-4BAD-886F-00F65DEA2ECE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2089864 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {684DEB0C-1C4E-422A-BECE-BC9B8BB1E0F1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {75DE6A22-4176-4165-BA9E-DB57516581F2} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [964544 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {78607855-4EC6-461B-B1A5-C832A5D86591} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [521152 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8131B922-E991-4A0D-9F43-6748501A8CAF} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [54784 2016-02-23] (ASUS) [File not signed]
Task: {969168FC-E07E-4CE0-855A-42993B079FE4} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [745920 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9B73C5EC-25A7-47D5-84EE-798C9ED38BFA} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-12-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {9DD74553-8723-4F08-B8B2-F7BC6E5C60BA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A3DCAB9C-FCE4-4747-B8CD-A9AD5D709BDF} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [File not signed]
Task: {A8EC45D1-1C10-4387-9DF3-3F6F7809A2CF} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AEAEED82-C8E1-488B-9546-D9A57F1A3922} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B7C730AA-2DAA-48A5-BD4E-BA1147DE7E2B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671304 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA741588-964C-496A-9ECF-9FDFC1621F33} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C1669F19-7766-43B9-B9AA-561024F27020} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1864640 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD426258-6747-4F25-864A-53587E6FFD45} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {D81FF288-7101-479D-A50C-96F80DAFDC0C} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1578784 2016-07-07] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) [File not signed]
Task: {D900DB63-0952-42F4-97BC-692BC77054A4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671304 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE77944F-6D67-46D9-ADAE-85815B17BA8E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2108216 2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {F1BF6F52-19A1-4349-A55B-CB0E78E8B23A} - System32\Tasks\WpsExternal_20161114022915 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe [516352 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {F29D077F-90FA-4679-918C-D7DF210DB314} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [657856 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\WpsExternal_20161114022915.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe
Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exeÃqing 10.1.0.5644 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 79.98.72.27 79.98.72.2 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{99b5710c-532b-4064-baaf-32772c54e8ac}: [DhcpNameServer] 79.98.72.27 79.98.72.2 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-3901295729-2401866428-3015012624-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
HKU\S-1-5-21-3901295729-2401866428-3015012624-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {14DD4B29-F85C-4E4D-9290-D918524CB5E9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {2FC69E8C-0341-4C3C-8608-8BC9958EF123} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {338AF512-D204-4F80-847C-B584505FF384} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {5838E27F-69CA-4CA2-853B-53134D0747AF} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {8899093F-0B7F-43B6-927E-207720247146} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {9978FF19-82D2-4813-95F0-A1077953835B} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {CE14CFCD-4A18-4D72-ADE4-CDF15A2F3D79} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {D0D20547-4FF5-4A48-B76A-1793701A52E7} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> {E330D925-E44D-4F6C-8044-7A58E81FA508} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {00DD2D4B-31C4-417B-A172-6AEC47F4F72B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {047BA285-75FC-46E6-BB34-FA179AEFC37A} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {14AD75BB-74D3-4B73-BC63-1B1E7FD5BE86} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {269574AE-999C-4280-B185-BA429AE23E3D} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {63BBBA5D-C0C6-4250-A25E-F5217BF81B11} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {C6AE4BD5-A94F-44B2-8373-BEB6F86AF81C} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {CD189DE3-9C6A-46A5-8CF2-0ACEF22912F1} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {D11F5AD1-C934-4AD6-A93A-89130ECC85A5} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3901295729-2401866428-3015012624-1006 -> {E671AA39-F7B6-4665-A5C1-2A804F37D625} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-23] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-23] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Notifications: HKU\S-1-5-21-3901295729-2401866428-3015012624-1001 -> hxxps://www.youtube.com

FireFox:
========
FF DefaultProfile: df7kmm00.default
FF ProfilePath: C:\Users\Filip Marčík\AppData\Roaming\Mozilla\Firefox\Profiles\df7kmm00.default [2019-12-10]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-04-19] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-03-29] (BattlEye Innovations e.K. -> )
S4 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth Filter ONLY\BTDevMgr.exe [125144 2016-02-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S4 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [781440 2019-02-01] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2015-11-09] (Intel(R) Software -> Intel Corporation)
S4 FBAgent; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe [73032 2014-08-13] (FarStone Technology -> )
R4 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806344 2018-11-01] (ICEpower a/s -> ICEpower)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe [133376 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc. -> LogMeIn, Inc.)
S4 MEmusvc; C:\Program Files\Microvirt\MEmu\MemuService.exe [269480 2017-05-26] (Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [16340752 2019-03-16] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2298688 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3171144 2019-02-19] (Electronic Arts, Inc. -> Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2015-09-23] (CyberLink Corp. -> CyberLink)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [324168 2018-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer -> TeamViewer GmbH)
S4 Tran_Process_Proc; C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\DCNTranProc.exe [71024 2014-03-25] (Farstone Technology Inc -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S4 wpscloudsvr; C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [162048 2016-11-14] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [22656 2016-02-23] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusHFilter; C:\WINDOWS\System32\drivers\AsusHFilter.sys [30200 2016-12-22] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55784 2015-11-09] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52200 2015-11-09] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260072 2015-11-09] (Intel(R) Software -> Intel Corporation)
S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] (FarStone Technology -> ) [File not signed]
S3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2018-05-30] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R2 memudrv; C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (上海迈微软件科技有限公司 -> Microvirt Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [15553520 2019-03-16] (Mail.Ru LLC -> LLC Mail.Ru)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_9b1341e92276ee7c\nvlddmkm.sys [17213616 2018-10-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek Semiconductor Corp -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [758352 2018-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTWlanE02; C:\WINDOWS\System32\drivers\rtwlane02.sys [9599440 2018-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-09 21:16 - 2019-12-09 21:16 - 000004012 _____ C:\WINDOWS\system32\Tasks\Avast Cleanup Update
2019-12-09 21:15 - 2019-12-09 21:15 - 000001218 _____ C:\Users\Public\Desktop\Avast Cleanup Premium.lnk
2019-12-09 21:15 - 2019-12-09 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-12-09 21:15 - 2019-12-09 21:15 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2019-12-09 20:15 - 2019-12-09 20:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-08 22:03 - 2019-12-09 20:41 - 000005693 ___RH C:\farstone_pe.letter
2019-12-08 21:52 - 2019-12-08 21:52 - 008218800 _____ (Malwarebytes) C:\Users\Filip Marčík\Desktop\adwcleaner_8.0.0.exe
2019-12-08 18:00 - 2019-12-10 22:56 - 000036225 _____ C:\Users\Filip Marčík\Desktop\FRST.txt
2019-12-08 17:46 - 2019-12-08 17:46 - 002263552 _____ (Farbar) C:\Users\Filip Marčík\Desktop\FRST64.exe
2019-12-06 10:05 - 2019-12-06 10:05 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2019-12-06 09:59 - 2019-12-06 09:59 - 000000020 ___SH C:\Users\Filip Marčík\ntuser.ini
2019-12-05 22:39 - 2019-12-09 20:46 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-12-05 22:39 - 2019-12-09 20:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-05 22:39 - 2019-12-05 22:40 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:40 - 000003428 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FA29C794-20E0-4B41-8806-7050159DAA5C}
2019-12-05 22:39 - 2019-12-05 22:40 - 000003414 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{6DF17297-FF54-4FA5-8BDD-D9904FF837A2}
2019-12-05 22:39 - 2019-12-05 22:40 - 000003236 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:40 - 000003178 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2019-12-05 22:39 - 2019-12-05 22:40 - 000003088 _____ C:\WINDOWS\system32\Tasks\WpsExternal_20161114022915
2019-12-05 22:39 - 2019-12-05 22:40 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:40 - 000002922 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3901295729-2401866428-3015012624-1006
2019-12-05 22:39 - 2019-12-05 22:40 - 000002920 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3901295729-2401866428-3015012624-1005
2019-12-05 22:39 - 2019-12-05 22:40 - 000002890 _____ C:\WINDOWS\system32\Tasks\ASUS Live Update1
2019-12-05 22:39 - 2019-12-05 22:40 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3901295729-2401866428-3015012624-1001
2019-12-05 22:39 - 2019-12-05 22:39 - 000003330 _____ C:\WINDOWS\system32\Tasks\WpsKtpcntrQingTask_Administrator
2019-12-05 22:39 - 2019-12-05 22:39 - 000003028 _____ C:\WINDOWS\system32\Tasks\Update Checker
2019-12-05 22:39 - 2019-12-05 22:39 - 000003016 _____ C:\WINDOWS\system32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002984 _____ C:\WINDOWS\system32\Tasks\ATK Package 36D18D69AFC3
2019-12-05 22:39 - 2019-12-05 22:39 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002898 _____ C:\WINDOWS\system32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002880 _____ C:\WINDOWS\system32\Tasks\ASUS Live Update2
2019-12-05 22:39 - 2019-12-05 22:39 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3901295729-2401866428-3015012624-1003
2019-12-05 22:39 - 2019-12-05 22:39 - 000002846 _____ C:\WINDOWS\system32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002626 _____ C:\WINDOWS\system32\Tasks\Nvbackend_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-12-05 22:39 - 2019-12-05 22:39 - 000002406 _____ C:\WINDOWS\system32\Tasks\RtHDVBg_ListenToDevice
2019-12-05 22:39 - 2019-12-05 22:39 - 000002400 _____ C:\WINDOWS\system32\Tasks\ASUS USB Charger Plus
2019-12-05 22:39 - 2019-12-05 22:39 - 000002340 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2019-12-05 22:39 - 2019-12-05 22:39 - 000002274 _____ C:\WINDOWS\system32\Tasks\ATK Package A22126881260
2019-12-05 22:39 - 2019-12-05 22:39 - 000002274 _____ C:\WINDOWS\system32\Tasks\ASUS Splendid ACMON
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton Family
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUSTek Computer Inc
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUS
2019-12-05 22:35 - 2019-12-05 22:39 - 000019053 _____ C:\WINDOWS\diagwrn.xml
2019-12-05 22:35 - 2019-12-05 22:39 - 000019053 _____ C:\WINDOWS\diagerr.xml
2019-12-05 22:21 - 2019-12-09 20:15 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-05 22:01 - 2019-12-08 18:33 - 000000000 ____D C:\Users\Filip Marčík
2019-12-05 22:01 - 2019-12-05 22:22 - 000000000 ____D C:\Users\Táta2
2019-12-05 22:01 - 2019-12-05 22:22 - 000000000 ____D C:\Users\Maminka
2019-12-05 22:01 - 2019-12-05 22:18 - 000000000 ____D C:\Users\Ivuška
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Šablony
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Soubory cookie
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Poslední
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Okolní tiskárny
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Okolní síť
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Nabídka Start
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Dokumenty
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Documents\Obrázky
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Documents\Hudba
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Documents\Filmy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Táta2\AppData\Local\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Šablony
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Soubory cookie
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Poslední
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Okolní tiskárny
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Okolní síť
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Nabídka Start
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Dokumenty
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Documents\Obrázky
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Documents\Hudba
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Documents\Filmy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Maminka\AppData\Local\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Šablony
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Soubory cookie
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Poslední
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Okolní tiskárny
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Okolní síť
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Nabídka Start
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Dokumenty
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Documents\Obrázky
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Documents\Hudba
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Documents\Filmy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Ivuška\AppData\Local\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Šablony
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Soubory cookie
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Poslední
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Okolní tiskárny
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Okolní síť
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Nabídka Start
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Dokumenty
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Documents\Obrázky
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Documents\Hudba
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Documents\Filmy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\Data aplikací
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-12-05 22:01 - 2019-12-05 22:01 - 000000000 _SHDL C:\Users\Filip Marčík\AppData\Local\Data aplikací
2019-12-05 22:01 - 2019-03-19 05:46 - 000001105 _____ C:\Users\Táta2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-05 22:01 - 2019-03-19 05:46 - 000001105 _____ C:\Users\Maminka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-05 22:01 - 2019-03-19 05:46 - 000001105 _____ C:\Users\Ivuška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-12-05 21:58 - 2019-12-05 21:58 - 000000000 ____D C:\ProgramData\USOShared
2019-12-05 21:58 - 2016-11-30 07:36 - 000113672 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2019-12-05 21:58 - 2016-11-30 07:36 - 000104456 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2019-12-05 21:57 - 2019-06-12 02:29 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2019-12-05 21:53 - 2019-12-10 22:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-05 21:52 - 2019-12-05 22:41 - 000000000 ____D C:\Windows.old
2019-12-05 21:44 - 2019-12-05 21:52 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2019-12-05 21:41 - 2019-12-05 21:43 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2019-12-05 21:41 - 2019-12-05 21:41 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\Program Files\Reference Assemblies
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\Program Files\MSBuild
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2019-12-05 21:38 - 2019-12-05 21:38 - 000000000 ____D C:\Program Files (x86)\MSBuild
2019-12-05 21:37 - 2019-03-01 17:31 - 001166488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2019-12-05 21:37 - 2019-03-01 17:31 - 000124568 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2019-12-05 21:37 - 2019-03-01 17:31 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2019-12-05 21:37 - 2019-02-05 18:41 - 000778912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2019-12-05 21:37 - 2019-02-05 18:41 - 000103072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2019-12-05 21:37 - 2019-02-05 18:41 - 000035592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2019-12-05 21:31 - 2019-12-05 21:31 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-12-05 21:31 - 2019-12-05 21:31 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-12-05 17:45 - 2019-12-09 21:23 - 000000000 ___DC C:\WINDOWS\Panther
2019-12-05 17:18 - 2019-12-05 17:35 - 000000000 ___HD C:\$GetCurrent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-10 22:54 - 2018-02-20 20:34 - 000000000 ____D C:\FRST
2019-12-10 22:51 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-10 22:22 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-10 22:22 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-10 22:21 - 2019-03-15 17:19 - 000000000 ____D C:\ProgramData\Packages
2019-12-10 22:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-10 22:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ServiceState
2019-12-10 22:04 - 2018-07-21 15:37 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\AVAST Software
2019-12-10 22:03 - 2017-12-26 10:01 - 000000000 ____D C:\Users\Filip Marčík\AppData\LocalLow\Mozilla
2019-12-10 22:02 - 2017-12-24 23:05 - 000000000 __SHD C:\Users\Filip Marčík\IntelGraphicsProfiles
2019-12-10 22:01 - 2017-07-10 16:43 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-09 22:11 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-12-09 21:23 - 2019-07-25 13:44 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Sony
2019-12-09 21:23 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-12-09 21:23 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-09 21:22 - 2019-03-15 17:24 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\D3DSCache
2019-12-09 21:22 - 2019-03-12 22:57 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\LogMeIn Hamachi
2019-12-09 21:22 - 2018-01-01 19:52 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\CrashDumps
2019-12-09 21:22 - 2017-12-25 09:59 - 000000000 ____D C:\ProgramData\install_clap
2019-12-09 21:22 - 2017-07-10 16:38 - 000000000 ___HD C:\Intel
2019-12-09 21:22 - 2016-11-14 03:29 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-09 21:17 - 2017-12-24 23:31 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\AVAST Software
2019-12-09 21:15 - 2017-12-24 23:20 - 000000000 ____D C:\ProgramData\AVAST Software
2019-12-09 21:00 - 2017-12-24 23:20 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-09 21:00 - 2017-12-24 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-12-09 21:00 - 2017-12-24 23:19 - 000000000 ____D C:\Program Files\WinRAR
2019-12-09 20:44 - 2019-03-15 21:27 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\GameCenter
2019-12-09 20:40 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-09 20:40 - 2017-12-25 09:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-09 20:38 - 2017-12-25 09:42 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-09 20:15 - 2019-03-19 12:55 - 000719454 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-09 20:15 - 2019-03-19 12:55 - 000145482 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-08 18:32 - 2019-02-16 22:56 - 000000000 ____D C:\Users\Filip Marčík\Desktop\Scan
2019-12-08 12:21 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-12-08 12:18 - 2017-07-10 17:03 - 000000000 ____D C:\Program Files\Microsoft Office
2019-12-08 12:07 - 2017-12-25 09:10 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\Packages
2019-12-08 11:58 - 2017-12-25 03:29 - 000000000 ____D C:\Program Files\rempl
2019-12-08 11:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-12-06 10:00 - 2017-12-25 09:32 - 000000000 ___RD C:\Users\Filip Marčík\3D Objects
2019-12-06 10:00 - 2017-07-10 16:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-06 09:59 - 2017-12-25 09:31 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\ConnectedDevicesPlatform
2019-12-05 22:41 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\USOPrivate
2019-12-05 22:40 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows NT
2019-12-05 22:40 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-12-05 22:39 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-12-05 22:35 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Registration
2019-12-05 22:26 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-12-05 22:24 - 2017-12-25 09:24 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2019-12-05 22:23 - 2017-07-10 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2019-12-05 22:08 - 2019-10-09 13:45 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2019-12-05 22:08 - 2019-03-15 21:27 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2019-12-05 22:08 - 2019-01-30 19:56 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2019-12-05 22:08 - 2018-01-06 20:26 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu
2019-12-05 22:08 - 2017-12-25 10:55 - 000000000 ____D C:\Users\Filip Marčík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2019-12-05 22:07 - 2017-12-25 17:59 - 000000000 ____D C:\Users\Maminka\AppData\Local\Packages
2019-12-05 22:06 - 2018-01-29 21:33 - 000000000 ____D C:\Users\Táta2\AppData\Local\Packages
2019-12-05 22:03 - 2017-12-25 11:34 - 000000000 ____D C:\Users\Ivuška\AppData\Local\Packages
2019-12-05 22:00 - 2019-03-12 22:56 - 000000000 ____D C:\WINDOWS\system32\DAX3
2019-12-05 22:00 - 2017-07-10 16:46 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-12-05 22:00 - 2017-07-10 16:46 - 000000000 ____D C:\WINDOWS\system32\DAX2
2019-12-05 21:59 - 2017-07-10 16:47 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2019-12-05 21:58 - 2017-07-10 16:42 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-05 21:52 - 2019-04-06 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 __RHD C:\Users\Public\Libraries
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\spool
2019-12-05 21:52 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Help
2019-12-05 21:52 - 2019-03-19 05:49 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2019-12-05 21:52 - 2019-02-20 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apex Legends
2019-12-05 21:52 - 2019-01-07 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Family
2019-12-05 21:52 - 2018-10-23 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-12-05 21:52 - 2018-10-04 19:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-12-05 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-12-05 21:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2019-12-05 21:52 - 2018-01-07 20:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-12-05 21:52 - 2017-12-25 09:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2019-12-05 21:52 - 2017-12-25 03:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-05 21:52 - 2017-12-25 03:21 - 000000000 ____D C:\Program Files\UNP
2019-12-05 21:52 - 2017-12-24 23:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2019-12-05 21:52 - 2017-12-24 23:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2019-12-05 21:52 - 2017-07-10 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2019-12-05 21:52 - 2017-07-10 16:39 - 000000000 ____D C:\Program Files (x86)\Intel
2019-12-05 21:52 - 2017-07-10 16:32 - 000000000 ____D C:\Program Files\Intel
2019-12-05 21:52 - 2016-11-14 03:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office
2019-12-05 21:51 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-12-05 21:45 - 2019-07-21 18:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2019-12-05 21:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-12-05 21:45 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-12-05 21:44 - 2019-07-25 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2019-12-05 21:44 - 2019-06-16 18:46 - 000000000 ____D C:\WINDOWS\Firmware
2019-12-05 21:44 - 2019-03-19 12:57 - 000000000 ____D C:\WINDOWS\OCR
2019-12-05 21:44 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Resources
2019-12-05 21:44 - 2018-08-25 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-12-05 21:44 - 2018-02-22 19:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2019-12-05 21:44 - 2017-07-10 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FarStone
2019-12-05 21:44 - 2017-07-10 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2019-12-05 21:44 - 2017-07-10 16:46 - 000000000 ____D C:\Program Files\Realtek
2019-12-05 21:38 - 2019-03-19 05:58 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2019-12-05 21:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2019-12-05 21:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\MUI
2019-12-05 21:36 - 2019-03-19 05:56 - 000000000 ____D C:\WINDOWS\Setup
2019-12-05 17:44 - 2017-12-24 23:46 - 000000036 _____ C:\WINDOWS\progress.ini
2019-12-05 17:35 - 2019-10-20 18:59 - 000000000 ____D C:\Windows10Upgrade
2019-11-26 20:42 - 2019-07-22 21:21 - 000000000 ____D C:\Users\Filip Marčík\Desktop\parkour videa sestříhané
2019-11-25 18:00 - 2017-12-25 03:29 - 128443096 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-11-25 17:41 - 2017-12-24 23:11 - 000000000 ___RD C:\Users\Filip Marčík\OneDrive
2019-11-25 17:39 - 2018-08-06 17:12 - 000000000 ____D C:\Users\Ivuška\AppData\Local\AVAST Software
2019-11-25 17:37 - 2019-03-12 22:57 - 000000000 ____D C:\Users\Ivuška\AppData\Local\LogMeIn Hamachi
2019-11-25 17:34 - 2017-12-25 11:34 - 000000000 __SHD C:\Users\Ivuška\IntelGraphicsProfiles
2019-11-22 19:47 - 2017-12-27 19:14 - 000000000 ___RD C:\Users\Ivuška\OneDrive
2019-11-21 19:08 - 2017-12-27 19:45 - 000000000 ____D C:\Users\Ivuška\AppData\Local\PlaceholderTileLogoFolder
2019-11-20 14:11 - 2018-01-26 08:36 - 000000000 ____D C:\Users\Ivuška\Desktop\Nová složka
2019-11-18 14:58 - 2017-12-25 11:42 - 000000000 ____D C:\Users\Filip Marčík\AppData\Local\PlaceholderTileLogoFolder

==================== Files in the root of some directories ========

2017-12-24 23:08 - 2018-03-18 14:51 - 000000206 _____ () C:\Users\Filip Marčík\AppData\Roaming\sp_data.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
Conder
VIP
VIP
Příspěvky: 4400
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu

#6 Příspěvek od Conder »

Nevlozil si log Addition.txt (ani predtym). Vytvor FRST logy este raz a posli obidva.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Filda
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 19 úno 2018 20:45

Re: Kontrola logu

#7 Příspěvek od Filda »

Ahoj, přikládám Addition.txt, který byl vytvořen spolu s předchozím logem a omlouvám se, že jsem ho nevložil. V předchozím logu ale Addition.txt je, prosím podívej se.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by Filip Marčík (10-12-2019 22:57:39)
Running from C:\Users\Filip Marčík\Desktop
Windows 10 Home Version 1903 18362.175 (X64) (2019-12-05 21:41:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3901295729-2401866428-3015012624-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3901295729-2401866428-3015012624-503 - Limited - Disabled)
Filip Marčík (S-1-5-21-3901295729-2401866428-3015012624-1001 - Administrator - Enabled) => C:\Users\Filip Marčík
Guest (S-1-5-21-3901295729-2401866428-3015012624-501 - Limited - Disabled)
Ivuška (S-1-5-21-3901295729-2401866428-3015012624-1003 - Limited - Enabled) => C:\Users\Ivuška
Maminka (S-1-5-21-3901295729-2401866428-3015012624-1005 - Limited - Enabled) => C:\Users\Maminka
Táta2 (S-1-5-21-3901295729-2401866428-3015012624-1006 - Administrator - Enabled) => C:\Users\Táta2
WDAGUtilityAccount (S-1-5-21-3901295729-2401866428-3015012624-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.3 - Electronic Arts, Inc.)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.5.24 - ASUSTek Computer Inc)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Input Configuration (HKLM-x32\...\{7DDF7571-64BD-4232-9729-20FF10CE6C62}) (Version: 1.0.3 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.9 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.15.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.7 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0043 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.161 - ICEpower a/s)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink PowerDirector 15 (HKLM-x32\...\{FA285575-B543-4E6E-A573-A4F534AC9965}) (Version: 15.0.2026.0 - CyberLink Corp.)
CyberLink PowerDirector 16 (HKLM-x32\...\{EE9EC028-49D2-4349-B0A3-9B2E752A4958}) (Version: 16.0.2524.0 - CyberLink Corp.)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.5 - ASUSTek COMPUTER INC.)
Epic Games Launcher (HKLM-x32\...\{553CD836-D438-469B-B268-700638DFF184}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
MEmu (HKLM-x32\...\MEmu) (Version: 3.6.9.0 - Microvirt Software Technology Co. Ltd.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.12228.20332 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3901295729-2401866428-3015012624-1003\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3901295729-2401866428-3015012624-1005\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3901295729-2401866428-3015012624-1006\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
MY.GAMES GameCenter (HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\GameCenter) (Version: 4.1541 - MY.COM B.V.)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Norton Family (HKLM-x32\...\NSM) (Version: 3.7.2.37 - Symantec Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20332 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20332 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12228.20332 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.34.21025 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.24 - NVIDIA Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.3.886.030716 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10130.27054 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8564 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0286 - REALTEK Semiconductor Corp.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
TotalRecovery Pro (HKLM-x32\...\TotalRecovery) (Version: 10.0.11.2 - FarStone Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{133A2E34-3E09-4A1A-A9AA-F9D8E5417199}) (Version: 2.50.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VEGAS Pro 16.0 (HKLM\...\{0A119E00-A098-11E8-A73C-00155D6302F2}) (Version: 16.0.248 - VEGAS)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.2 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Warface My.Com (HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Warface My.Com) (Version: 1.95 - My.com B.V.)
Wargaming.net Game Center (HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\Wargaming.net Game Center) (Version: 19.2.0.4533 - Wargaming.net)
Windows Driver Package - ASUS (AsusHFilter) HIDClass (12/19/2016 1.0.0.2) (HKLM\...\EEDD19DDF3F0CA7CFA2F4C500D442DD1FEB434F6) (Version: 12/19/2016 1.0.0.2 - ASUS)
Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (03/18/2016 11.0.0.9) (HKLM\...\689E9F7827C3AF1059D6C80D6C7F4EF89E2D7E72) (Version: 03/18/2016 11.0.0.9 - ASUS)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.1.0 - ASUS)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Wondershare Filmora Scrn(Build 2.0.1) (HKLM\...\Wondershare Filmora Scrn_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
World of Tanks (HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
World_of_Warships_NA (HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\WOWS.NA.PRODUCTION) (Version: - Wargaming.net)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 10.1.0.5644 - Kingsoft Corp.)

Packages:
=========
Adblock Plus -> C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.18.0_neutral__d55gg7py3s0m0 [2019-11-21] (eyeo GmbH)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-13] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.151.300.0_x86__kgqvnymyfvs32 [2019-11-13] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.5.1.2_x86__h6adky7gbf63m [2019-11-26] (Gameloft.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-16] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-21] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.5.0.9_x86__h6adky7gbf63m [2019-12-05] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-23] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.13.105.0_x64__8wekyb3d8bbwe [2019-11-21] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-26] (Microsoft Corporation) [MS Ad]
MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2019-06-09] (ASUSTeK COMPUTER INC.) [Startup Task]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe [2019-11-26] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0 [2019-11-26] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-06-18] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxDTCM.dll [2016-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2011-10-22] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2011-10-22] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-12-09 21:15 - 2016-09-12 15:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2019-07-21 11:11 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

2018-12-12 18:38 - 2018-12-12 18:43 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
HKU\S-1-5-21-3901295729-2401866428-3015012624-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3901295729-2401866428-3015012624-1005\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3901295729-2401866428-3015012624-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 79.98.72.27 - 79.98.72.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\StartupApproved\Run: => "Wargaming.net Game Center"
HKU\S-1-5-21-3901295729-2401866428-3015012624-1001\...\StartupApproved\Run: => "GameCenter"
HKU\S-1-5-21-3901295729-2401866428-3015012624-1003\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3901295729-2401866428-3015012624-1003\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3901295729-2401866428-3015012624-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3901295729-2401866428-3015012624-1005\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-3901295729-2401866428-3015012624-1006\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3901295729-2401866428-3015012624-1006\...\StartupApproved\Run: => "OneDriveSetup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8526898F-9F2B-48DE-806D-CC65515F5BD4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E830A59D-369C-459C-A703-D0E93DD65765}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{415694BB-016B-4E15-BBC1-1FB58B172FF7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AF6FD5A5-3614-4E04-A0AC-C2B318F08337}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E1C0E22D-0656-4CF0-BB56-9E4812CBCF1D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8BAE1242-EBAA-4946-B705-DCC457E8EB84}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8F9E90D1-C53C-43F7-8D61-6222B67632AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6BB8BF64-DC4A-49A7-BD20-EECD3AAB51C4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.120.510.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B8813510-A27F-453B-9909-A97DF9DE7C8D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{54E36809-1844-4F47-85AD-4A4B2F048B86}C:\users\filip marčík\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\filip marčík\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{CF2B7087-240C-4D59-A240-6032A0DAAD78}C:\users\filip marčík\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\users\filip marčík\appdata\roaming\.tlauncher\jvms\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{90D88077-47BA-4F34-93E5-5211424813FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{E2219B57-548D-4D0A-B691-F10197059B64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{B1DE825F-4678-46E8-80AE-F7C2EA3E0639}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{93F58291-DE4D-4997-A038-B05B7CE874F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{4C47EEE3-25D3-4C1D-8856-B689E1F2B3E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{07887B66-ACEB-4249-B369-377F3F95A223}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{F4F21EC2-02F5-4884-9D12-FC1293B1C8CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{47A032D7-6F42-4A4D-ABC5-E6F4C947C4DC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [UDP Query User{7E666FF7-EFD8-471A-B3E9-BD58D9EE4A9A}C:\mygames\warface my.com\bin32release\game.exe] => (Block) C:\mygames\warface my.com\bin32release\game.exe (Mail.Ru, LLC -> Crytek GmbH)
FirewallRules: [TCP Query User{09B81B75-458F-4C72-98BF-4BC2F0334BBE}C:\mygames\warface my.com\bin32release\game.exe] => (Block) C:\mygames\warface my.com\bin32release\game.exe (Mail.Ru, LLC -> Crytek GmbH)
FirewallRules: [UDP Query User{68BEA1CB-B372-453C-B584-D499EEA87768}C:\users\filip marčík\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\filip marčík\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{D816F6FF-3ADD-4547-BCC1-A355AEA394C9}C:\users\filip marčík\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\filip marčík\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [{4DD86FB0-22EC-4D24-A4F6-111CE4A92DAE}] => (Allow) C:\Program Files (x86)\FarStone\TotalRecovery Pro\EFB\FBAgent.exe (FarStone Technology -> )
FirewallRules: [{041450A3-AB5B-4054-8573-AF4602F034BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C0717658-6A65-4194-BF75-373085585713}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{23D9C523-3687-4263-8562-1D7E55577FEB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{29C8D9D1-A0FD-43E0-A83A-7C9D36E84DBB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{EA6D6C7C-A29A-4324-BF2E-1F98C6FD41EF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{0E2EE5A1-71F4-47AA-904B-CAE10D510B60}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{B95BA509-E06F-4CA3-AF14-816A07A7135F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{76FD6D1E-998E-4DAD-B486-45AE671C0E0A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B3156DAF-E27B-4088-A262-F58DEFA32F02}C:\games\world_of_tanks\worldoftanks.exe] => (Block) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{110A9A4F-3F32-48BE-A738-A3F4995A1CF4}C:\games\world_of_tanks\worldoftanks.exe] => (Block) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{00E1B5C5-12E7-43F8-95ED-6DC65E5B99C7}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{C4348DAC-DD42-4124-BE8E-E8BA724DD30F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{42576666-EBA0-428E-B092-63F968358D0B}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{4082F437-0B56-408C-A303-2FF93ED82EFD}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{5755D773-9CD9-4F53-A359-DEC1FD7A6D87}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{97A23228-16B0-4321-9F3F-500EF11C7A8E}C:\games\world_of_tanks\wotlauncher.exe] => (Block) C:\games\world_of_tanks\wotlauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{41AC28D6-A04C-4BF0-A292-86AF14873A17}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{AA1610A5-4665-4DF3-9111-FF2612A1EC21}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{F0CDF3D9-EEB4-421A-B986-5635489D9B53}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [UDP Query User{89D41DFF-B940-40A6-86A9-7193F5113BB3}C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_191\bin\javaw.exe
FirewallRules: [{1DFB8835-CAFA-4F6A-B356-23816B0E90A3}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [{A62BE165-21D1-4727-8B36-C4399185127C}] => (Allow) %systemroot%\system32\alg.exe No File
FirewallRules: [TCP Query User{A5A9FCDA-7BBA-488D-8229-AEF8834A3747}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [UDP Query User{C9B1DBA0-690F-45E1-98D6-8CB1F04930CA}C:\program files\epic games\subnautica\subnautica.exe] => (Allow) C:\program files\epic games\subnautica\subnautica.exe () [File not signed]
FirewallRules: [TCP Query User{527A6B7C-055A-4DED-8019-EB08FCADC764}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{60824075-F41F-46D6-910F-739FBB0ADC0E}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{ACA9A63C-1BF0-4FCD-B6F3-5B893CD9B182}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{1E7F14A2-E9AE-4325-8698-28C25F02C357}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{2E3BFAC1-ACBF-4D79-8A72-2B187AD704CA}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)
FirewallRules: [UDP Query User{84E3A221-09CC-4F6D-96AC-61C4C0D76BAE}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (Electronic Arts, Inc. -> Respawn Entertainment)

==================== Restore Points =========================

09-12-2019 21:56:59 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/09/2019 09:26:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: bad_module_info, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000374
Posun chyby: 0x76f6f8cd
ID chybujícího procesu: 0x10c4
Čas spuštění chybující aplikace: 0x01d5aec895ccf4b2
Cesta k chybující aplikaci: bad_module_info
Cesta k chybujícímu modulu: unknown
ID zprávy: 4067531c-d4a2-4429-af15-358138105753
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/09/2019 08:47:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_DoSvc, verze: 10.0.18362.1, časové razítko: 0x32d6c210
Název chybujícího modulu: dosvc.dll, verze: 10.0.18362.1, časové razítko: 0x522e2b4e
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000b4bf1
ID chybujícího procesu: 0x11bc
Čas spuštění chybující aplikace: 0x01d5aec8ed7ef3be
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\dosvc.dll
ID zprávy: a06b3456-0d12-4ee7-92f7-eb6c1e34491a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/08/2019 10:01:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (12/08/2019 07:36:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program XboxApp.exe verze 48.59.1911.13001 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 219c

Čas spuštění: 01d5adf65bb6bd23

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxApp_48.59.13001.0_x64__8wekyb3d8bbwe\XboxApp.exe

ID hlášení: 93b2e10c-8bf5-4891-9d91-0b363aa5be16

Úplný název balíčku s chybou: Microsoft.XboxApp_48.59.13001.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: Microsoft.XboxApp

Typ zablokování: Cross-process

Error: (12/08/2019 06:33:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.18362.1, časové razítko: 0x32d6c210
Název chybujícího modulu: wpnuserservice.dll, verze: 10.0.18362.1, časové razítko: 0xea13e855
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000008596
ID chybujícího procesu: 0x908
Čas spuštění chybující aplikace: 0x01d5adb5534a29c1
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\wpnuserservice.dll
ID zprávy: 23ad768c-e3e8-4852-812c-df78cbdfd59c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/05/2019 10:24:11 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (12/05/2019 10:23:56 PM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (12/05/2019 10:23:55 PM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A


System errors:
=============
Error: (12/09/2019 09:25:55 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (12/09/2019 08:47:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Optimalizace doručení byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (12/09/2019 08:41:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Kingsoft_WPS_UpdateService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/09/2019 08:41:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Kingsoft_WPS_UpdateService bylo dosaženo časového limitu (45000 ms).

Error: (12/09/2019 08:16:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba OneSyncSvc_7900a byla ukončena s následující chybou:
Přístup byl odepřen.

Error: (12/09/2019 08:14:00 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (12/09/2019 08:10:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/09/2019 08:10:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (45000 ms).


CodeIntegrity:
===================================

Date: 2019-12-10 22:04:51.190
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-10 22:04:51.170
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-10 22:04:51.146
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-10 22:04:51.127
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-10 22:04:50.383
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-09 20:47:48.294
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-09 20:47:48.277
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-12-09 20:47:48.246
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X541UV.309 04/17/2019
Motherboard: ASUSTeK COMPUTER INC. X541UV
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 83%
Total physical RAM: 3960.12 MB
Available physical RAM: 641.22 MB
Total Virtual: 6648.12 MB
Available Virtual: 2428.26 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:464.24 GB) (Free:146.64 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{30990de4-8ab8-4f3f-a932-f024fc83d7f4}\ () (Fixed) (Total:0.46 GB) (Free:0.03 GB) NTFS
\\?\Volume{41aca98e-2658-43fb-a84d-b1b8fa77114c}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.44 GB) NTFS
\\?\Volume{0fd48fee-1b92-47b3-ab7b-7bf2eaed2073}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 85B66220)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Conder
VIP
VIP
Příspěvky: 4400
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu

#8 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Users\Filip Marčík\AppData\Local\GameCenter\GameCenter.exe
File: C:\WINDOWS\System32\mracsvc.exe
File: C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys
File: C:\WINDOWS\System32\drivers\mracdrv.sys
Folder: C:\WINDOWS\system32\Tasks\McAfee
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Filda
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 19 úno 2018 20:45

Re: Kontrola logu

#9 Příspěvek od Filda »

Zdravím,

zde je log. Taky se stalo, že obrázek na ploše se zobrazuje jenom z poloviny, na druhé polovině je černá obrazovka.


Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2019
Ran by Filip Marčík (15-12-2019 18:16:12) Run:5
Running from C:\Users\Filip Marčík\Desktop
Loaded Profiles: Filip Marčík & Ivuška & Maminka & Táta2 (Available Profiles: Filip Marčík & Ivuška & Maminka & Táta2)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Users\Filip Marčík\AppData\Local\GameCenter\GameCenter.exe
File: C:\WINDOWS\System32\mracsvc.exe
File: C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys
File: C:\WINDOWS\System32\drivers\mracdrv.sys
Folder: C:\WINDOWS\system32\Tasks\McAfee
2019-12-05 22:39 - 2019-12-05 22:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 587
Average :
Sum : 32482654335
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Users\Filip Marčík\AppData\Local\GameCenter\GameCenter.exe ========================

C:\Users\Filip Marčík\AppData\Local\GameCenter\GameCenter.exe
File is digitally signed
MD5: 38BB99850F490C1E48C2630626F57F98
Creation and modification date: 2019-03-15 21:27 - 2019-12-05 20:48
Size: 010395776
Attributes: ----A
Company Name: Mail.Ru, LLC ->
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/f716f61 ... 575563564/

====== End of File: ======


========================= File: C:\WINDOWS\System32\mracsvc.exe ========================

C:\WINDOWS\System32\mracsvc.exe
File is digitally signed
MD5: 938EB3F9ED0F85DC4F33E52A388E76A8
Creation and modification date: 2019-03-16 08:29 - 2019-03-16 08:29
Size: 016340752
Attributes: ----A
Company Name: Mail.Ru LLC -> LLC Mail.Ru
Internal Name: mracsvc.exe
Original Name: mracsvc.exe
Product: Mail.Ru AntiCheat
Description: Mail.Ru AntiCheat Service
File Version: 2.50.4
Product Version: 2.50.4
Copyright: Copyright (C) 2019 LLC Mail.Ru
VirusTotal: https://www.virustotal.com/file/2350a4d ... 554068070/

====== End of File: ======


========================= File: C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys ========================

C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys
File is digitally signed
MD5: 573F228F046D12EBF33EF85C87DDE074
Creation and modification date: 2018-01-06 20:25 - 2015-11-02 14:11
Size: 000260368
Attributes: ----A
Company Name: 上海迈微软件科技有限公司 -> Microvirt Corporation
Internal Name: MEmuDrv.sys
Original Name: MEmuDrv.sys
Product: MEmu
Description: MemuHyperv Support Driver
File Version: 4.3.20.96996
Product Version: 4.3.20.r96996
Copyright: Copyright (C) 2009-2015 Microvirt Corporation
VirusTotal: https://www.virustotal.com/file/2981bf3 ... 564131372/

====== End of File: ======


========================= File: C:\WINDOWS\System32\drivers\mracdrv.sys ========================

C:\WINDOWS\System32\drivers\mracdrv.sys
File is digitally signed
MD5: 8C3554274A3524A896AA5868B3C58C58
Creation and modification date: 2019-03-16 08:29 - 2019-03-16 08:29
Size: 015553520
Attributes: ----A
Company Name: Mail.Ru LLC -> LLC Mail.Ru
Internal Name: mracdrv.sys
Original Name: mracdrv.sys
Product: Mail.Ru AntiCheat
Description: Mail.Ru AntiCheat Driver
File Version: 2.50.3
Product Version: 2.50.3
Copyright: Copyright (C) 2019 LLC Mail.Ru
VirusTotal: https://www.virustotal.com/file/867a81f ... 551633037/

====== End of File: ======


========================= Folder: C:\WINDOWS\system32\Tasks\McAfee ========================


====== End of Folder: ======

C:\WINDOWS\system32\Tasks\McAfee => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31690680 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 137793824 B
Edge => 153037984 B
Chrome => 0 B
Firefox => 79381162 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 33678 B
NetworkService => 33678 B
Filip Marčík => 104349802 B
Ivuška => 104398576 B
Maminka => 104398576 B
Táta2 => 104398576 B

RecycleBin => 3182569082 B
EmptyTemp: => 3.7 GB temporary data Removed.

================================


The system needed a reboot.
Nahoru
Conder
VIP
VIP
Příspěvky: 4400
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu

#10 Příspěvek od Conder »

:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    DISM.exe /Online /Cleanup-image /Restorehealth
  • Po dokonceni skopiruj a spusti druhy prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt
  • Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC
:arrow: V PC je nainstalovana zastarala verzia Javy (Java 8 Update 191), odporucam odinstalovat. Ak Javu potrebujes, nainstaluj aktualnu verziu z https://java.com/en/download/
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Filda
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 19 úno 2018 20:45

Re: Kontrola logu

#11 Příspěvek od Filda »

Díky. Tak na to první mi to napsalo "successfully completed", takže asi OK. Na to druhé mi to napsalo "Windows Resource Protection did not find any integrity violation", takže asi taky OK. Ale na to třetí se objevilo "The syntax of the command is incorrect". Co mám s tim udělat, dal jsem to normálně copy- paste z předchozího příspěvku.
Nahoru
Conder
VIP
VIP
Příspěvky: 4400
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu

#12 Příspěvek od Conder »

Ten posledny prikaz zrejme nebol skopirovany alebo vlozeny korektne. Ale kedze sa nenasli ziadne chyby, tak tieto logy ani nie je potrebne.

Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Filda
Návštěvník
Návštěvník
Příspěvky: 23
Registrován: 19 úno 2018 20:45

Re: Kontrola logu

#13 Příspěvek od Filda »

Zdravim. OK, díky. Tak na první pohled se zdá, že počítač je možná trochu rychlejší. Ale na té ploše v desktopu pořád zůstala ta polovina obrazovky černá, tak nevim čim to je. Každopádně díky za vyčištění systému. Budu to ještě pozorovat, ale vypadá to o dost líp, s tím stavem předtím se to nedá srovnat. To se nedalo ani takhle normálně psát jak to bylo pomalé.
Nahoru
Conder
VIP
VIP
Příspěvky: 4400
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu

#14 Příspěvek od Conder »

Posli screenshot (snimku obrazovky). Stlac klavesu Print Screen, otvor program Malovani / Skicar, klikni na Prilepit a uloz obrazok. Obrazok nahraj na nejake webove ulozisko a posli odkaz.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“