Zpomaleni ntb

Zpráva

psisko · #1 Příspěvek od **psisko** » 03 kvě 2020 12:20

Dobrý den,
prosím o kontrolu ntb. V posledni době ntb reaguje zpomalene, vse se dlouho nacita.
Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-04-2020
Ran by vjupt (administrator) on LAPTOP-6DDFJ86O (Acer Aspire F5-572G) (03-05-2020 12:50:34)
Running from C:\Users\vjupt\Desktop
Loaded Profiles: vjupt (Available Profiles: vjupt)
Platform: Windows 10 Home Version 1909 18363.778 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> ) C:\OEM\Preload\FubTracking\FubTracking.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Amazon Services LLC -> ) C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxext.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12004.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.772_none_5f13f94c58ff41d3\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <12>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767760 2016-06-15] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2017-09-28] (Acer Incorporated -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-04-30] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\80.1.3901.162\Installer\chrmstp.exe [2020-04-16] (Avast Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07537FF4-D8A3-4013-B45D-80CDBFADC1F7} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {0F5603B6-0512-430E-B547-BC284F6E6F18} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {11E762D0-0E50-4DE3-AD7C-98D72E7BC272} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2017-09-28] (Acer Incorporated -> )
Task: {15D24BFF-4589-4B27-8D29-4F622D78338A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-05] (Google Inc -> Google Inc.)
Task: {1D56D4D8-EBAB-49C5-BC1C-BFCE7E762BA0} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe [1390472 2019-11-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {31C71E3C-7F89-457D-936D-265192C7894F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-04-02] (Avast Software s.r.o. -> AVAST Software)
Task: {3AA54638-DCA8-4E51-982A-4EF0608E252D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-05] (Google Inc -> Google Inc.)
Task: {539F7CBB-2E43-4F31-A606-6C655E2541CC} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384256 2015-05-14] (Acer Incorporated -> Acer Incorporated)
Task: {542F7E44-D78C-44CB-BEF7-4DBF015D61B7} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe)
Task: {5EFB4F5A-1370-4BE1-94A1-F05CC0C7BDDB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {62295E04-C1EE-4F7F-83B4-8E1AB62ADAE2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
Task: {67F4746E-BDC1-49FF-B4F0-AE146E66934F} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {733549E6-EFFD-4392-91C9-AB6D04269455} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [379232 2015-07-09] (Acer Incorporated -> Acer Incorporated)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {7C8632F6-093E-442C-B553-82AC8C340687} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1875592 2020-04-02] (Avast Software s.r.o. -> AVAST Software)
Task: {898A191F-79EB-4FF5-A105-D19C8E791451} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24702832 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40288 2015-07-10] (Acer Incorporated -> )
Task: {963D0548-1350-439C-91DB-3B3E394E6CEE} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {96A93E81-2F43-4366-AA41-44AA3FD1FA4A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {990840B6-1D29-4796-8B6E-5633AB46887E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [3438680 2016-05-24] (AVAST Software a.s. -> AVAST Software)
Task: {9C7EE893-6B1F-43C3-9AFD-7195FF2DD951} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe [2770688 2015-05-14] (Acer Incorporated -> Acer Incorporated)
Task: {9D6FA8F3-35CB-411B-87DB-E2E7BA7E2230} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9E47279C-3D44-4043-A3A1-0A019167D9C8} - System32\Tasks\{C0F5C2F7-8C31-4490-913F-790A62F30216} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {B263C019-53D3-4EFF-93C4-EA08F4BC6B7F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1448320 2020-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEB7C240-9FC5-4F88-AC3F-922F66DB9D18} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {C20A64F1-9968-4FF3-8B77-D0D89D360624} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {CCF6388D-9C33-4D91-AC8D-3940F48E807A} - System32\Tasks\{4DE2080C-9292-45AD-9E1C-6F5FA264C67B} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {D6B7430B-C748-4B44-B5B8-92F7B56AE926} - System32\Tasks\{63C89BE7-0888-4D92-8DB3-F3B407081C3B} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {EA9734B3-58AB-4DEF-B7AA-D0B5C8BD8403} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115448 2020-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {F066A9EA-C853-4E1E-B23D-4FC833E656B9} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {F2AF522D-BFEF-435A-A92B-F529BE64E179} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-15] (Adobe Inc. -> Adobe)
Task: {F55171A9-503E-44CA-876F-7C2BF33B0CFE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {F8CE4526-4B8E-416F-BFAA-49596B8AEE38} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{f27cdc39-d512-4aa2-a483-e2b7c292ee7d}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKU\S-1-5-21-2437870575-3263216539-2584499593-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Program Files (x86)\Amazon\Amazon Assistant\aaMessenger.dll [2018-02-22] (Amazon Services LLC -> )
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-04-21] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Program Files (x86)\Amazon\Amazon Assistant\aaMessenger.dll [2018-02-22] (Amazon Services LLC -> )
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-04-21] (McAfee, LLC -> McAfee, LLC)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-04-10] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\vjupt\Downloads

FireFox:
========
FF DefaultProfile: npxxmynl.default
FF ProfilePath: C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default [2020-05-03]
FF Homepage: Mozilla\Firefox\Profiles\npxxmynl.default -> hxxp://www.centrum.cz/
FF Session Restore: Mozilla\Firefox\Profiles\npxxmynl.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\npxxmynl.default -> hxxp://www.lide.cz; hxxps://www.lide.cz; hxxps://www.damejidlo.cz; hxxps://www.trenyrkarna.cz; hxxps://www.feedo.cz
FF Extension: (Czech (CZ) Language Pack) - C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-04-11]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default\Extensions\sp@avast.com.xpi [2020-05-01]
FF Extension: (Avast Online Security) - C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default\Extensions\wrc@avast.com.xpi [2020-03-17]
FF Extension: (No Name) - C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-01]
FF Extension: (Amazon 1Button App for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb@amazon.com [2020-04-10] [Legacy] [not signed]
FF Extension: (Czech (CZ) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2020-04-10] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default [2020-03-20]
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Prezentace) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29]
CHR Extension: (Dokumenty) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29]
CHR Extension: (Disk Google) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-05]
CHR Extension: (YouTube) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-05]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-11-01]
CHR Extension: (Tabulky) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-03]
CHR Extension: (AdBlock) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (Skype) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-02-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-01]
CHR Extension: (Gmail) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-18]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2018-02-22] (Amazon Services LLC -> )
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\80.1.3901.162\elevation_service.exe [973760 2020-04-02] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10626648 2020-04-10] (Microsoft Corporation -> Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated -> Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [916712 2020-04-21] (McAfee, LLC -> McAfee, LLC)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated -> Acer Incorporated)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [6828424 2019-11-15] (AVAST Software s.r.o. -> AVAST Software)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37856 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206120 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234776 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178968 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60696 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42984 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175920 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [500960 2020-04-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109480 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85056 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851808 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [459408 2020-04-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235696 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-09-05] (AVAST Software a.s. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317280 2020-04-14] (Avast Software s.r.o. -> AVAST Software)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9d2734742a07f3cf\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Qcamain; C:\WINDOWS\System32\drivers\Qcamainx64.sys [2276352 2015-07-10] (Qualcomm Atheros, Inc.) [File not signed]
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [51368 2015-05-11] (Synaptics Incorporated -> Synaptics Incorporated)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [391392 2020-04-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-04-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-03 12:50 - 2020-05-03 12:52 - 000033707 _____ C:\Users\vjupt\Desktop\FRST.txt
2020-05-03 12:43 - 2020-05-03 12:43 - 002283520 _____ (Farbar) C:\Users\vjupt\Desktop\FRST64.exe
2020-04-16 16:27 - 2020-04-16 16:27 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-16 16:27 - 2020-04-16 16:27 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-16 16:27 - 2020-04-16 16:27 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-16 16:27 - 2020-04-16 16:27 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-16 16:27 - 2020-04-16 16:27 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-16 16:27 - 2020-04-16 16:27 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-16 16:27 - 2020-04-16 16:27 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-16 16:27 - 2020-04-16 16:27 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-16 16:27 - 2020-04-16 16:27 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 16:27 - 2020-04-16 16:27 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-16 16:27 - 2020-04-16 16:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-16 16:27 - 2020-04-16 16:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-16 16:27 - 2020-04-16 16:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-16 16:27 - 2020-04-16 16:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-16 16:27 - 2020-04-16 16:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-16 16:27 - 2020-04-16 16:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-16 16:27 - 2020-04-16 16:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-16 16:27 - 2020-04-16 16:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-16 16:27 - 2020-04-16 16:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-16 16:27 - 2020-04-16 16:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-16 16:27 - 2020-04-16 16:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-16 16:26 - 2020-04-16 16:26 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-16 16:26 - 2020-04-16 16:26 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-16 16:26 - 2020-04-16 16:26 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-16 16:26 - 2020-04-16 16:26 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-16 16:26 - 2020-04-16 16:26 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-16 16:26 - 2020-04-16 16:26 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-16 16:26 - 2020-04-16 16:26 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-16 16:26 - 2020-04-16 16:26 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-16 16:26 - 2020-04-16 16:26 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-16 16:04 - 2020-04-16 16:05 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-16 16:04 - 2020-04-16 16:05 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-14 18:11 - 2020-04-20 17:50 - 000500960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-04-14 18:11 - 2020-04-14 18:11 - 000337048 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-04-14 18:11 - 2020-04-14 18:11 - 000235696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-04-14 18:11 - 2020-04-14 18:11 - 000175920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-04-10 18:30 - 2020-04-10 18:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-04-10 11:41 - 2020-04-11 16:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-03 12:51 - 2017-08-22 21:11 - 000000000 ____D C:\FRST
2020-05-03 12:46 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-03 12:01 - 2015-07-16 05:32 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-03 11:59 - 2016-11-18 11:42 - 000000000 ____D C:\Users\vjupt\AppData\LocalLow\Mozilla
2020-05-03 11:58 - 2016-03-23 20:22 - 000000000 __SHD C:\Users\vjupt\IntelGraphicsProfiles
2020-05-03 11:57 - 2020-03-21 18:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-03 11:57 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-05-03 11:57 - 2016-08-26 13:00 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-03 11:56 - 2020-03-21 17:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-02 22:34 - 2020-03-21 18:10 - 000004302 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2020-05-02 22:34 - 2020-03-21 18:10 - 000003852 _____ C:\WINDOWS\system32\Tasks\ACCAgent
2020-05-02 22:34 - 2020-03-21 18:10 - 000003818 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-05-02 22:34 - 2020-03-21 18:10 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-05-02 22:34 - 2020-03-21 18:10 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-02 22:34 - 2020-03-21 18:10 - 000003362 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-05-02 22:34 - 2020-03-21 18:10 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-02 22:34 - 2020-03-21 18:10 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2437870575-3263216539-2584499593-1001
2020-05-02 22:34 - 2020-03-21 18:10 - 000002820 _____ C:\WINDOWS\system32\Tasks\ACC
2020-05-02 22:34 - 2020-03-21 18:10 - 000002760 _____ C:\WINDOWS\system32\Tasks\BacKGroundAgent
2020-05-02 22:34 - 2020-03-21 18:10 - 000002550 _____ C:\WINDOWS\system32\Tasks\abDocsDllLoader
2020-05-02 22:34 - 2020-03-21 18:10 - 000002328 _____ C:\WINDOWS\system32\Tasks\ACCBackgroundApplication
2020-05-02 22:34 - 2020-03-21 18:10 - 000002292 _____ C:\WINDOWS\system32\Tasks\{C0F5C2F7-8C31-4490-913F-790A62F30216}
2020-05-02 22:34 - 2020-03-21 18:10 - 000002292 _____ C:\WINDOWS\system32\Tasks\{63C89BE7-0888-4D92-8DB3-F3B407081C3B}
2020-05-02 22:34 - 2020-03-21 18:10 - 000002292 _____ C:\WINDOWS\system32\Tasks\{4DE2080C-9292-45AD-9E1C-6F5FA264C67B}
2020-05-02 22:34 - 2020-03-21 18:10 - 000002264 _____ C:\WINDOWS\system32\Tasks\Power Button
2020-05-02 22:34 - 2020-03-21 18:10 - 000002222 _____ C:\WINDOWS\system32\Tasks\Power Management
2020-05-02 22:34 - 2020-03-21 18:10 - 000002180 _____ C:\WINDOWS\system32\Tasks\Quick Access
2020-05-02 22:34 - 2020-03-21 18:10 - 000002074 _____ C:\WINDOWS\system32\Tasks\FUBTrackingByPLD
2020-05-02 20:34 - 2020-03-21 18:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-05-02 20:25 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-02 20:25 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-02 20:25 - 2018-04-05 07:57 - 000000000 ____D C:\Users\vjupt\AppData\Local\AVAST Software
2020-05-02 18:29 - 2016-03-29 21:47 - 000000000 ____D C:\Users\vjupt\AppData\Local\CrashDumps
2020-05-01 18:38 - 2020-03-21 18:10 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-04-30 08:27 - 2017-04-05 17:14 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-23 23:31 - 2020-03-21 17:47 - 000000000 ____D C:\Users\vjupt
2020-04-23 20:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-04-18 12:58 - 2015-09-25 13:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-04-17 08:07 - 2020-03-21 17:47 - 000002369 _____ C:\Users\vjupt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-17 08:07 - 2016-03-23 20:27 - 000000000 ___RD C:\Users\vjupt\OneDrive
2020-04-17 08:05 - 2020-03-21 18:00 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-17 08:05 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-04-17 08:05 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-04-17 08:05 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-17 07:57 - 2020-03-21 17:39 - 000531536 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-16 17:39 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-16 17:39 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-16 17:39 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-16 17:39 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-04-16 16:30 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-04-16 15:48 - 2020-03-21 18:10 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-04-16 15:48 - 2020-03-21 18:10 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-04-16 15:48 - 2018-04-05 07:58 - 000002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-04-16 11:34 - 2017-08-21 23:19 - 000459408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-04-15 10:09 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-04-15 10:09 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-14 18:11 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-14 18:11 - 2018-10-10 09:56 - 000042984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-04-14 18:11 - 2017-08-21 23:19 - 000317280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-04-14 18:11 - 2017-08-21 23:19 - 000109480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-04-14 18:11 - 2017-08-21 23:19 - 000085056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-04-14 18:10 - 2019-01-15 10:01 - 000234776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-04-14 18:10 - 2019-01-04 10:49 - 000178968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-04-14 18:10 - 2019-01-04 10:49 - 000060696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-04-14 18:10 - 2019-01-04 10:49 - 000037856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-04-14 18:10 - 2017-11-20 21:54 - 000206120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-04-14 18:10 - 2017-08-21 23:19 - 000851808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-04-14 18:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-04-11 16:10 - 2015-07-16 05:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-04-10 18:30 - 2015-07-16 05:33 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-04-08 11:02 - 2020-03-21 18:10 - 000004294 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2020-04-06 11:00 - 2017-08-21 23:19 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-04-06 11:00 - 2017-08-21 23:19 - 000002080 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-04-06 11:00 - 2017-08-21 23:19 - 000002080 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2020-04-05 09:58 - 2018-06-09 15:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-05 09:57 - 2016-04-09 19:30 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-03 16:15 - 2020-03-29 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-04-03 12:14 - 2020-03-20 13:00 - 000000000 ___DC C:\WINDOWS\Panther

==================== Files in the root of some directories ========

2017-08-21 20:38 - 2017-08-21 20:38 - 000000017 _____ () C:\Users\vjupt\AppData\Local\resmon.resmoncfg
2017-04-11 19:07 - 2017-04-11 19:07 - 000032038 _____ () C:\Users\vjupt\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-04-2020
Ran by vjupt (03-05-2020 12:53:17)
Running from C:\Users\vjupt\Desktop
Windows 10 Home Version 1909 18363.778 (X64) (2020-03-21 16:10:44)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2437870575-3263216539-2584499593-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2437870575-3263216539-2584499593-503 - Limited - Disabled)
Guest (S-1-5-21-2437870575-3263216539-2584499593-501 - Limited - Disabled)
vjupt (S-1-5-21-2437870575-3263216539-2584499593-1001 - Administrator - Enabled) => C:\Users\vjupt
WDAGUtilityAccount (S-1-5-21-2437870575-3263216539-2584499593-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.363 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Aktualizace NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Amazon Assistant (HKLM-x32\...\{0538B1C2-85C1-4ECC-BA77-61F537D81092}) (Version: 10.18.0221 - Amazon) <==== ATTENTION
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 80.1.3901.162 - Autoři prohlížeče Avast Secure Browser)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.8.510 - AVG Technologies)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5427.02 - CyberLink Corp.)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.129 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Heroes Of Might And Magic 5 Sběratelská Edice (HKLM-x32\...\Heroes Of Might And Magic 5 Sběratelská EdiceH5 v1.6, H5hof v2.1, H5toe v3.0) (Version: H5 v1.6, H5hof v2.1, H5toe v3.0 - Ubisoft by Etnik_23)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4599 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
LibreOffice 5.3.6.1 (HKLM-x32\...\{A253D1A0-E992-4275-A420-CD1E84437BDF}) (Version: 5.3.6.1 - The Document Foundation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.92 - McAfee, LLC.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.12624.20466 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2437870575-3263216539-2584499593-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Might and Magic Heroes VII, âĺđńč˙ 1.0.0.3 (HKLM-x32\...\Might and Magic Heroes VII_is1) (Version: 1.0.0.3 - RePack by SEYTER)
Mozilla Firefox 75.0 (x64 en-US) (HKLM\...\Mozilla Firefox 75.0 (x64 en-US)) (Version: 75.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 75.0.0.7398 - Mozilla)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12624.20466 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12624.20442 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Qualcomm Atheros QCA9377 Wireless LAN & Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.043 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Siko Web Kitchen Planner (HKU\S-1-5-21-2437870575-3263216539-2584499593-1001\...\SquareClock_Production_Home_Siko_Web) (Version: - 3DVIA SAS)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-5) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
XnView 1.96.2 (HKLM-x32\...\XnView_is1) (Version: 1.96.2 - Gougelet Pierre-e)
Zaklínač - Rozšířená edice (HKLM-x32\...\{86ACE727-A4F2-4B28-A37D-254D9CC03156}) (Version: 1.5 - CD Projekt Red)

Packages:
=========
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2016-07-07] (Acer Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-03-21] (Autodesk Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-07] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-02] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-29] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-29] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-29] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-16] (MAGIX)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-14] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-28] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2016-02-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-14] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxDTCM.dll [2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-14] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-04-30 17:00 - 2018-04-30 17:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2015-09-25 14:12 - 2016-06-15 03:12 - 001298640 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2015-09-25 14:13 - 2016-06-15 03:12 - 001767760 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\WINDOWS\system32\nvspcap64.dll
2019-11-15 22:48 - 2019-11-15 22:47 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-01-04 10:43 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2437870575-3263216539-2584499593-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2437870575-3263216539-2584499593-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{0AD75BB0-C98D-4AA6-BDF8-20A96279E7DA}C:\users\vjupt\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\vjupt\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [TCP Query User{C0146031-6630-4A59-8E57-3CEB1A3D8AB9}C:\users\vjupt\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\vjupt\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [UDP Query User{F4F46737-C2F3-4285-828E-5A68060D3307}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{746DE2EC-779B-4EE0-B653-A0DDD6AE140F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{319BDEDC-B793-445A-8324-88E17892827D}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe (Limbic Entertainment GmbH -> Ubisoft, Inc.)
FirewallRules: [TCP Query User{639ACB1C-A1EF-4171-BC5A-5798B8D7D55E}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe (Limbic Entertainment GmbH -> Ubisoft, Inc.)
FirewallRules: [{47B53184-8CEC-4B22-8090-8EA0762C7446}] => (Allow) C:\Program Files (x86)\Zaklínač - Rozšířená edice\launcher.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{EDEAA954-E1FF-42A5-85A0-92A817D9FCF0}] => (Allow) C:\Program Files (x86)\Zaklínač - Rozšířená edice\launcher.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{35B4EB35-4F56-44F2-AC8F-F10D54429A41}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{54A2DD8C-99D0-4EE2-B70A-72DAE875E122}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{AD235CA1-537E-4F91-9887-3D968374499D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{2632CC1E-E1D6-472D-B5CC-48E4EB3B1E81}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F6962913-23FA-44A0-892A-952048ED9DC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7E294CBA-869C-4F7F-850A-6DE08F406C78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B60787FC-3F84-4310-9C10-041C42BB829A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{1ADC8FF6-FDD3-484B-9A59-E2564DE705E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe No File
FirewallRules: [{4176D774-E50F-4521-9499-EA577751BB45}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{59D22B4B-2EAE-4582-90C2-BE9680A88D41}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FB6F22F5-9140-4CD6-8254-E7E18C79FBE4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
FirewallRules: [{415A8C21-083C-4A22-8109-1D93E4555DD4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe No File
FirewallRules: [TCP Query User{3999EE38-71E9-4C62-9B82-517913136B5B}C:\users\vjupt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\vjupt\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{4ABD0CD2-FA9C-430B-8B36-63D90FC7EE7F}C:\users\vjupt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\vjupt\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{48266EB6-1F6E-4A03-B69F-353C739B226B}C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe No File
FirewallRules: [UDP Query User{2D785790-1C0F-4A1D-9452-06F1156A1B0F}C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe No File
FirewallRules: [TCP Query User{7B550A86-1AFC-4931-946C-E7F03449043E}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe (Limbic Entertainment GmbH -> Ubisoft, Inc.)
FirewallRules: [UDP Query User{99A5B41A-35FC-4ECA-9509-E26FF54B9B8B}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe (Limbic Entertainment GmbH -> Ubisoft, Inc.)
FirewallRules: [{830A217C-B5C1-4388-9565-280012A8EED2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{93A7E5D9-C898-4ABC-A842-E4D14F78AF54}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F299D580-EDE0-42DF-984A-2D5212B1D3B1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF4D2F38-E55F-4588-B94C-BD017029DA60}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FBA27344-2BE1-4CAF-8913-ECABE18E4FC4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{783CA107-6E47-4A13-A50B-9A2C7DC6D236}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{25DCF8F3-3A8D-4543-97CE-DB39C62A78B6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

16-04-2020 16:03:53 Windows Update
24-04-2020 20:15:46 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/03/2020 12:54:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (24240,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 12:47:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (20360,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 12:34:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17616,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 12:13:51 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (05/03/2020 12:13:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13444,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 12:06:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3500,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/03/2020 12:02:13 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/03/2020 11:56:34 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

System errors:
=============
Error: (05/03/2020 11:56:32 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Na miniportu Qualcomm Atheros QCA9377 Wireless Network Adapter, {f27cdc39-d512-4aa2-a483-e2b7c292ee7d}, došlo k události 71.

Error: (05/03/2020 11:56:32 AM) (Source: Qcamain10x64) (EventID: 5002) (User: )
Description: Qualcomm Atheros QCA9377 Wireless Network Adapter : Bylo zjištěno, že síťový adaptér nepracuje správně.

Error: (05/03/2020 08:48:12 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (05/03/2020 08:48:54 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:17:12, ‎02.‎05.‎2020) bylo neočekávané.

Error: (05/02/2020 07:58:14 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Na miniportu Qualcomm Atheros QCA9377 Wireless Network Adapter, {f27cdc39-d512-4aa2-a483-e2b7c292ee7d}, došlo k události 71.

Error: (05/02/2020 07:58:14 PM) (Source: Qcamain10x64) (EventID: 5002) (User: )
Description: Qualcomm Atheros QCA9377 Wireless Network Adapter : Bylo zjištěno, že síťový adaptér nepracuje správně.

Error: (05/02/2020 01:41:19 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-6DDFJ86O)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/02/2020 01:41:19 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-6DDFJ86O)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

CodeIntegrity:
===================================

Date: 2020-05-03 12:48:47.145
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 12:48:46.910
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 12:48:46.861
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 12:48:46.725
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 12:48:46.619
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 12:48:46.513
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 12:48:46.367
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-03 12:48:46.195
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.03 08/28/2015
Motherboard: Acer Zoro_SL
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 58%
Total physical RAM: 8058.59 MB
Available physical RAM: 3304.87 MB
Total Virtual: 9338.59 MB
Available Virtual: 3662.97 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:770.53 GB) NTFS

\\?\Volume{807055d2-dc7b-4e32-84d0-a68c4a27b3cf}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{4cf6bd25-0c87-45e6-b8da-ea00be3542e0}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0994759A)

Partition: GPT.

==================== End of Addition.txt =======================

#2 Příspěvek od **Conder** » 04 kvě 2020 02:02

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Spustit skenovani a pockaj na dokoncenie
V pripade nalezov nechaj vsetky nalezy oznacene a klikni na Karantena (ak nie su ziadne nalezy, tak na Spustit zakladni opravu)
V pripade, ze sa detekuje aj "predinstalovany software", tieto programy mozes, ale nemusis zmazat (toto nie su skodlive programy, ale iba zbytocnosti)
Potvrd vyzvu, pockaj na dokoncenie a potvrd restartovanie PC
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah skopiruj a vloz do dalsej odpovede

psisko · #3 Příspěvek od **psisko** » 06 kvě 2020 18:10

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-06-2020
# Duration: 00:00:48
# OS: Windows 10 Home
# Scanned: 31802
# Detected: 100

***** [ Services ] *****

PUP.Optional.Assistant Amazon Assistant Service

***** [ Folders ] *****

Adware.pokki C:\Users\Public\App Explorer
PUP.Optional.AmazonAssistant C:\Program Files (x86)\Amazon\Amazon Assistant
PUP.Optional.MYPCTuneUp C:\Users\vjupt\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp

***** [ Files ] *****

Adware.pokki C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
PUP.Optional.Assistant C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk
PUP.Optional.Booking C:\Users\vjupt\Favorites\Booking.com.url
PUP.Optional.Booking C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
PUP.Optional.Booking C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.AVGSecureSearch HKLM\Software\Classes\WtuServer.WtuServerObj
PUP.Optional.AVGSecureSearch HKLM\Software\Classes\WtuServer.WtuServerObj.1
PUP.Optional.Amazon1Button HKCU\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
PUP.Optional.Amazon1Button HKLM\Software\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
PUP.Optional.Amazon1Button HKLM\Software\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
PUP.Optional.Amazon1Button HKLM\Software\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
PUP.Optional.Amazon1Button HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
PUP.Optional.Amazon1Button HKU\.DEFAULT\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKU\S-1-5-18\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.AmazonAssistant HKCU\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\SYSTEM\Setup\FirstBoot\Services\Amazon Assistant Service
PUP.Optional.AmazonAssistant HKLM\Software\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{6B7479D5-C493-40F0-99B6-BFC901980034}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{BFF94CF8-2D3B-4B2F-BB83-3600280AFEBA}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
PUP.Optional.AmazonAssistant HKU\.DEFAULT\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant HKU\S-1-5-18\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.Assistant HKLM\Software\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\Software\Wow6432Node\\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\System\CurrentControlSet\Services\EventLog\Application\Amazon Assistant Service
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\titan.service.amazonbrowserapp.com
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter File C:\Users\Public\Desktop\Acer Care Center.lnk
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91F9D2B6-9405-4B55-8297-BF24C7AD5C78}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91F9D2B6-9405-4B55-8297-BF24C7AD5C78}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD6F702C-470B-4241-8589-E1071B89BA8F}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Preinstalled.AcerDocsOfficeAddIn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DCBF3379-246B-47E1-8173-639B63940838}
Preinstalled.AcerExplorerAgent Folder C:\Program Files\ACER\ACER EXPLORER AGENT
Preinstalled.AcerExplorerAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}
Preinstalled.AcerPortal Folder C:\Program Files (x86)\ACER\ACER PORTAL
Preinstalled.AcerPortal Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER POWER MANAGEMENT
Preinstalled.AcerQuickAccess File C:\Users\vjupt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Quick Access.lnk
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{733549E6-EFFD-4392-91C9-AB6D04269455}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C7EE893-6B1F-43C3-9AFD-7195FF2DD951}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Preinstalled.AcerabDocs File C:\Users\Public\Desktop\abDocs.lnk
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS OFFICE ADDIN
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11E762D0-0E50-4DE3-AD7C-98D72E7BC272}
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
Preinstalled.AcerabDocs Task C:\Windows\System32\Tasks\ABDOCSDLLLOADER
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{539F7CBB-2E43-4F31-A606-6C655E2541CC}
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

#4 Příspěvek od **Conder** » 06 kvě 2020 23:58

Nalezy nechaj zmazat. Programy detekovane ako "predinstalovany software" (Preinstalled Software) mozes nechat alebo ich mozes zmazat (toto nie su skodlive programy, ale skor iba zbytocnosti). Potom posli aj log z mazania.

psisko · #5 Příspěvek od **psisko** » 08 kvě 2020 08:27

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-04-08.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 05-08-2020
# Duration: 00:00:50
# OS: Windows 10 Home
# Scanned: 31802
# Detected: 51

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.AmazonAssistant C:\Program Files (x86)\Amazon\Amazon Assistant

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter File C:\Users\Public\Desktop\Acer Care Center.lnk
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91F9D2B6-9405-4B55-8297-BF24C7AD5C78}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91F9D2B6-9405-4B55-8297-BF24C7AD5C78}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD6F702C-470B-4241-8589-E1071B89BA8F}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Preinstalled.AcerDocsOfficeAddIn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DCBF3379-246B-47E1-8173-639B63940838}
Preinstalled.AcerExplorerAgent Folder C:\Program Files\ACER\ACER EXPLORER AGENT
Preinstalled.AcerExplorerAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}
Preinstalled.AcerPortal Folder C:\Program Files (x86)\ACER\ACER PORTAL
Preinstalled.AcerPortal Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER POWER MANAGEMENT
Preinstalled.AcerQuickAccess File C:\Users\vjupt\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Quick Access.lnk
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{733549E6-EFFD-4392-91C9-AB6D04269455}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C7EE893-6B1F-43C3-9AFD-7195FF2DD951}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Preinstalled.AcerabDocs File C:\Users\Public\Desktop\abDocs.lnk
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS OFFICE ADDIN
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11E762D0-0E50-4DE3-AD7C-98D72E7BC272}
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
Preinstalled.AcerabDocs Task C:\Windows\System32\Tasks\ABDOCSDLLLOADER
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{539F7CBB-2E43-4F31-A606-6C655E2541CC}
Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}

AdwCleaner[S00].txt - [12569 octets] - [06/05/2020 18:57:25]
AdwCleaner[C00].txt - [5820 octets] - [06/05/2020 19:02:35]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

#6 Příspěvek od **Conder** » 08 kvě 2020 23:22

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

psisko · #7 Příspěvek od **psisko** » 09 kvě 2020 15:15

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-05-2020
Ran by vjupt (administrator) on LAPTOP-6DDFJ86O (Acer Aspire F5-572G) (09-05-2020 16:02:12)
Running from C:\Users\vjupt\Desktop
Loaded Profiles: vjupt (Available Profiles: vjupt)
Platform: Windows 10 Home Version 1909 18363.815 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> ) C:\OEM\Preload\FubTracking\FubTracking.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxext.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12005.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe <6>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1767760 2016-06-15] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108728 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2017-09-28] (Acer Incorporated -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-06] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\81.0.3970.92\Installer\chrmstp.exe [2020-05-05] (Avast Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B450ECD-FEDB-415D-B1DA-D6A223C41221} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124760 2020-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F3A273C-7DE1-48CD-9C83-083CE15AB277} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124760 2020-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {11E762D0-0E50-4DE3-AD7C-98D72E7BC272} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2017-09-28] (Acer Incorporated -> )
Task: {15D24BFF-4589-4B27-8D29-4F622D78338A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-05] (Google Inc -> Google Inc.)
Task: {1D56D4D8-EBAB-49C5-BC1C-BFCE7E762BA0} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe [1390472 2019-11-15] (AVAST Software s.r.o. -> AVAST Software)
Task: {3AA54638-DCA8-4E51-982A-4EF0608E252D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-05] (Google Inc -> Google Inc.)
Task: {539F7CBB-2E43-4F31-A606-6C655E2541CC} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384256 2015-05-14] (Acer Incorporated -> Acer Incorporated)
Task: {542F7E44-D78C-44CB-BEF7-4DBF015D61B7} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe)
Task: {62D8B712-45A5-4BDD-B69D-A39FC1ED0869} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1853360 2020-04-08] (Avast Software s.r.o. -> AVAST Software)
Task: {67F4746E-BDC1-49FF-B4F0-AE146E66934F} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {733549E6-EFFD-4392-91C9-AB6D04269455} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [379232 2015-07-09] (Acer Incorporated -> Acer Incorporated)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {784CBED7-F258-478D-A101-4D79B3535D0B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1853360 2020-04-08] (Avast Software s.r.o. -> AVAST Software)
Task: {7CE6EAA7-7195-413F-A6DB-3AF6789ED077} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40288 2015-07-10] (Acer Incorporated -> )
Task: {963D0548-1350-439C-91DB-3B3E394E6CEE} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2017-05-24] (Acer Incorporated -> )
Task: {96A93E81-2F43-4366-AA41-44AA3FD1FA4A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {990840B6-1D29-4796-8B6E-5633AB46887E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [3438680 2016-05-24] (AVAST Software a.s. -> AVAST Software)
Task: {9C7EE893-6B1F-43C3-9AFD-7195FF2DD951} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe [2770688 2015-05-14] (Acer Incorporated -> Acer Incorporated)
Task: {9D6FA8F3-35CB-411B-87DB-E2E7BA7E2230} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9E47279C-3D44-4043-A3A1-0A019167D9C8} - System32\Tasks\{C0F5C2F7-8C31-4490-913F-790A62F30216} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {B263C019-53D3-4EFF-93C4-EA08F4BC6B7F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1429376 2020-05-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {BEB7C240-9FC5-4F88-AC3F-922F66DB9D18} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {C20A64F1-9968-4FF3-8B77-D0D89D360624} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {C503D597-9CD5-4394-8B03-1D119304B481} - System32\Tasks\AdwCleaner_onReboot => C:\Users\vjupt\Desktop\adwcleaner_8.0.4.exe [8196784 2020-05-06] (Malwarebytes Inc -> Malwarebytes)
Task: {C9CD5414-0CE9-4E20-8AEA-EF0EE30E937A} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {CCF6388D-9C33-4D91-AC8D-3940F48E807A} - System32\Tasks\{4DE2080C-9292-45AD-9E1C-6F5FA264C67B} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4645168 2017-05-24] (Acer Incorporated -> )
Task: {D6B7430B-C748-4B44-B5B8-92F7B56AE926} - System32\Tasks\{63C89BE7-0888-4D92-8DB3-F3B407081C3B} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {E2887AFE-B166-4373-B4A4-1AEA5CE86E8D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3339472 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
Task: {E4ADCD38-0298-439D-BAE3-35B003D0965F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23772528 2020-04-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {F066A9EA-C853-4E1E-B23D-4FC833E656B9} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {F2AF522D-BFEF-435A-A92B-F529BE64E179} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-15] (Adobe Inc. -> Adobe)
Task: {F55171A9-503E-44CA-876F-7C2BF33B0CFE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {F8CE4526-4B8E-416F-BFAA-49596B8AEE38} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{f27cdc39-d512-4aa2-a483-e2b7c292ee7d}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKU\S-1-5-21-2437870575-3263216539-2584499593-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-04-21] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-04-21] (McAfee, LLC -> McAfee, LLC)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-05-05] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\vjupt\Downloads

FireFox:
========
FF DefaultProfile: npxxmynl.default
FF ProfilePath: C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default [2020-05-09]
FF Homepage: Mozilla\Firefox\Profiles\npxxmynl.default -> hxxp://www.centrum.cz/
FF Session Restore: Mozilla\Firefox\Profiles\npxxmynl.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\npxxmynl.default -> hxxp://www.lide.cz; hxxps://www.lide.cz; hxxps://www.damejidlo.cz; hxxps://www.trenyrkarna.cz; hxxps://www.feedo.cz
FF Extension: (Czech (CZ) Language Pack) - C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-05-06]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default\Extensions\sp@avast.com.xpi [2020-05-01]
FF Extension: (Avast Online Security) - C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default\Extensions\wrc@avast.com.xpi [2020-03-17]
FF Extension: (No Name) - C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-01]
FF Extension: (Amazon 1Button App for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb@amazon.com [2020-04-10] [Legacy] [not signed]
FF Extension: (Czech (CZ) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2020-04-10] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default [2020-03-20]
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Prezentace) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29]
CHR Extension: (Dokumenty) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29]
CHR Extension: (Disk Google) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-05]
CHR Extension: (YouTube) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-05]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-11-01]
CHR Extension: (Tabulky) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-03]
CHR Extension: (AdBlock) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-18]
CHR Extension: (Skype) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-02-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-01]
CHR Extension: (Gmail) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\vjupt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-18]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6350752 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [348968 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\81.0.3970.92\elevation_service.exe [954600 2020-04-08] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10610544 2020-04-30] (Microsoft Corporation -> Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated -> Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-11] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [916712 2020-04-21] (McAfee, LLC -> McAfee, LLC)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [139952 2020-05-06] (Microsoft Windows -> Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [105840 2020-05-06] (Microsoft Windows -> Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated -> Acer Incorporated)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [6828424 2019-11-15] (AVAST Software s.r.o. -> AVAST Software)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-04-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205880 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234560 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178760 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175704 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [501472 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851592 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460992 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235488 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-09-05] (AVAST Software a.s. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [319120 2020-05-06] (Avast Software s.r.o. -> AVAST Software)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9d2734742a07f3cf\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Qcamain; C:\WINDOWS\System32\drivers\Qcamainx64.sys [2276352 2015-07-10] (Qualcomm Atheros, Inc.) [File not signed]
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [51368 2015-05-11] (Synaptics Incorporated -> Synaptics Incorporated)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [391392 2020-04-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59104 2020-04-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-09 15:59 - 2020-05-09 15:59 - 002283520 _____ (Farbar) C:\Users\vjupt\Desktop\FRST64.exe
2020-05-06 22:08 - 2020-05-06 22:08 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-05-06 19:49 - 2020-05-06 19:49 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 022637056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 019812352 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 018028032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 008013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 007267328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 007011840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 006522840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 006291968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 006079184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 005757872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 004858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 004129424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 003822080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 002799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-05-06 19:49 - 2020-05-06 19:49 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 002259664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 001734144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 001686016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 001667600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 001559040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pla.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 001507328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pla.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-05-06 19:49 - 2020-05-06 19:49 - 001178608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CBDHSvc.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 001077264 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-05-06 19:49 - 2020-05-06 19:49 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000892488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000801832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000783488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-05-06 19:49 - 2020-05-06 19:49 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000673488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000600064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000592944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000568136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000501200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000466344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000325432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-05-06 19:49 - 2020-05-06 19:49 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000211472 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000139952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityRuntime.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000124504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000105840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000089544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2020-05-06 19:49 - 2020-05-06 19:49 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\plasrv.exe
2020-05-06 19:49 - 2020-05-06 19:49 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-05-06 19:49 - 2020-05-06 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-05-06 19:49 - 2020-05-06 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-05-06 19:49 - 2020-05-06 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-05-06 19:49 - 2020-05-06 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-05-06 19:49 - 2020-05-06 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-05-06 19:49 - 2020-05-06 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-05-06 19:49 - 2020-05-06 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-05-06 19:49 - 2020-05-06 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-05-06 19:49 - 2020-05-06 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-05-06 19:49 - 2020-05-06 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-05-06 19:49 - 2020-05-06 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-05-06 19:49 - 2020-05-06 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-05-06 19:48 - 2020-05-06 19:48 - 014819328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 007257816 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 006434304 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 005109760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 004565456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 003974376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 003805696 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 003747328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 003655168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 003371416 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 002774088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 002769000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 002087168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 001999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 001934824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 001835008 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 001406464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 001393968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 001154656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 001023128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000891544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000847168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2020-05-06 19:48 - 2020-05-06 19:48 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000683848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000676072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000673296 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-05-06 19:48 - 2020-05-06 19:48 - 000639400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000543824 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000513024 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-05-06 19:48 - 2020-05-06 19:48 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000375520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000278080 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 000142760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingExperienceMEM.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadWamExtension.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000107616 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000102216 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000073024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000066832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 000058696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2020-05-06 19:48 - 2020-05-06 19:48 - 000050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudNotifications.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2020-05-06 19:48 - 2020-05-06 19:48 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-05-06 19:48 - 2020-05-06 19:48 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 017791488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 007899528 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 004624880 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-05-06 19:47 - 2020-05-06 19:47 - 004009472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 004005376 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 003727872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-05-06 19:47 - 2020-05-06 19:47 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 003587392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-05-06 19:47 - 2020-05-06 19:47 - 002461696 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 002289152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 002255136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 002150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 001943040 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 001635840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 001497600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-05-06 19:47 - 2020-05-06 19:47 - 001413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-05-06 19:47 - 2020-05-06 19:47 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000999616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000979264 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000945192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000920576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000915208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000874312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-05-06 19:47 - 2020-05-06 19:47 - 000824832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000637480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-05-06 19:47 - 2020-05-06 19:47 - 000631608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2020-05-06 19:47 - 2020-05-06 19:47 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-05-06 19:47 - 2020-05-06 19:47 - 000589400 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2020-05-06 19:47 - 2020-05-06 19:47 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-05-06 19:47 - 2020-05-06 19:47 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-05-06 19:47 - 2020-05-06 19:47 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000460408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-05-06 19:47 - 2020-05-06 19:47 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-05-06 19:47 - 2020-05-06 19:47 - 000415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-05-06 19:47 - 2020-05-06 19:47 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-05-06 19:47 - 2020-05-06 19:47 - 000250696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-05-06 19:47 - 2020-05-06 19:47 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-05-06 19:47 - 2020-05-06 19:47 - 000152416 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000147776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadWamExtension.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-05-06 19:47 - 2020-05-06 19:47 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-05-06 19:47 - 2020-05-06 19:47 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2020-05-06 19:47 - 2020-05-06 19:47 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000088352 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-05-06 19:47 - 2020-05-06 19:47 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000069704 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000060432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2020-05-06 19:47 - 2020-05-06 19:47 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-05-06 19:47 - 2020-05-06 19:47 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-05-06 19:47 - 2020-05-06 19:47 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-05-06 19:47 - 2020-05-06 19:47 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-05-06 19:14 - 2020-05-06 19:13 - 000337560 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-05-06 19:14 - 2020-05-06 19:13 - 000235488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-05-06 19:14 - 2020-05-06 19:13 - 000175704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-05-06 19:02 - 2020-05-08 11:10 - 000002344 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2020-05-06 18:55 - 2020-05-06 19:02 - 000000000 ____D C:\AdwCleaner
2020-05-06 18:54 - 2020-05-06 18:54 - 008196784 _____ (Malwarebytes) C:\Users\vjupt\Desktop\adwcleaner_8.0.4.exe
2020-05-06 09:37 - 2020-05-06 09:37 - 000066829 _____ C:\Users\vjupt\Downloads\197507028_Juptnerova_Veronika.pdf
2020-05-06 09:35 - 2020-05-06 09:35 - 000072739 _____ C:\Users\vjupt\Desktop\Prihlaska_Smrz_Petr.pdf
2020-05-06 09:35 - 2020-05-06 09:35 - 000067679 _____ C:\Users\vjupt\Downloads\197507033_Juptnerova_Ella.pdf
2020-05-03 12:53 - 2020-05-03 12:55 - 000036291 _____ C:\Users\vjupt\Desktop\Addition.txt
2020-05-03 12:50 - 2020-05-09 16:04 - 000033614 _____ C:\Users\vjupt\Desktop\FRST.txt
2020-04-16 16:27 - 2020-04-16 16:27 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-16 16:27 - 2020-04-16 16:27 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-16 16:27 - 2020-04-16 16:27 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-16 16:27 - 2020-04-16 16:27 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 16:27 - 2020-04-16 16:27 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-16 16:27 - 2020-04-16 16:27 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-16 16:26 - 2020-04-16 16:26 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-16 16:26 - 2020-04-16 16:26 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-16 16:26 - 2020-04-16 16:26 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 16:26 - 2020-04-16 16:26 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-16 16:26 - 2020-04-16 16:26 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-16 16:04 - 2020-04-16 16:05 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-16 16:04 - 2020-04-16 16:05 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-04-14 18:11 - 2020-05-06 19:13 - 000501472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-04-10 11:41 - 2020-05-08 09:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-09 16:03 - 2017-08-22 21:11 - 000000000 ____D C:\FRST
2020-05-09 15:57 - 2018-04-05 07:57 - 000000000 ____D C:\Users\vjupt\AppData\Local\AVAST Software
2020-05-09 15:56 - 2016-11-18 11:42 - 000000000 ____D C:\Users\vjupt\AppData\LocalLow\Mozilla
2020-05-09 15:55 - 2016-03-23 20:22 - 000000000 __SHD C:\Users\vjupt\IntelGraphicsProfiles
2020-05-09 15:45 - 2020-03-21 17:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-09 15:45 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-09 15:45 - 2016-08-26 13:00 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-09 13:30 - 2015-07-16 05:32 - 000000000 ____D C:\ProgramData\AVAST Software
2020-05-09 12:27 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-09 12:27 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-09 12:24 - 2015-09-25 13:47 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-05-09 12:13 - 2020-03-21 18:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-08 11:10 - 2020-03-21 18:10 - 000004302 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2020-05-08 11:10 - 2020-03-21 18:10 - 000003852 _____ C:\WINDOWS\system32\Tasks\ACCAgent
2020-05-08 11:10 - 2020-03-21 18:10 - 000003818 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-05-08 11:10 - 2020-03-21 18:10 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-05-08 11:10 - 2020-03-21 18:10 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-05-08 11:10 - 2020-03-21 18:10 - 000003362 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-05-08 11:10 - 2020-03-21 18:10 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-05-08 11:10 - 2020-03-21 18:10 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2437870575-3263216539-2584499593-1001
2020-05-08 11:10 - 2020-03-21 18:10 - 000002820 _____ C:\WINDOWS\system32\Tasks\ACC
2020-05-08 11:10 - 2020-03-21 18:10 - 000002760 _____ C:\WINDOWS\system32\Tasks\BacKGroundAgent
2020-05-08 11:10 - 2020-03-21 18:10 - 000002550 _____ C:\WINDOWS\system32\Tasks\abDocsDllLoader
2020-05-08 11:10 - 2020-03-21 18:10 - 000002328 _____ C:\WINDOWS\system32\Tasks\ACCBackgroundApplication
2020-05-08 11:10 - 2020-03-21 18:10 - 000002292 _____ C:\WINDOWS\system32\Tasks\{C0F5C2F7-8C31-4490-913F-790A62F30216}
2020-05-08 11:10 - 2020-03-21 18:10 - 000002292 _____ C:\WINDOWS\system32\Tasks\{63C89BE7-0888-4D92-8DB3-F3B407081C3B}
2020-05-08 11:10 - 2020-03-21 18:10 - 000002292 _____ C:\WINDOWS\system32\Tasks\{4DE2080C-9292-45AD-9E1C-6F5FA264C67B}
2020-05-08 11:10 - 2020-03-21 18:10 - 000002264 _____ C:\WINDOWS\system32\Tasks\Power Button
2020-05-08 11:10 - 2020-03-21 18:10 - 000002222 _____ C:\WINDOWS\system32\Tasks\Power Management
2020-05-08 11:10 - 2020-03-21 18:10 - 000002180 _____ C:\WINDOWS\system32\Tasks\Quick Access
2020-05-08 11:10 - 2020-03-21 18:10 - 000002074 _____ C:\WINDOWS\system32\Tasks\FUBTrackingByPLD
2020-05-08 11:10 - 2020-03-21 18:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-05-08 09:18 - 2015-07-16 05:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-05-08 09:17 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-05-08 09:17 - 2018-02-26 18:29 - 000000000 ____D C:\Program Files (x86)\Amazon
2020-05-06 22:08 - 2015-07-16 05:33 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-05-06 20:18 - 2016-04-03 18:26 - 000000000 ___RD C:\Users\vjupt\3D Objects
2020-05-06 20:18 - 2016-02-13 15:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-05-06 20:09 - 2020-03-21 18:00 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-06 20:09 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-05-06 20:09 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-05-06 20:09 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-06 20:05 - 2020-03-21 17:39 - 000531536 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-05-06 20:03 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-05-06 20:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-05-06 20:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-05-06 20:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-05-06 20:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-05-06 20:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-05-06 20:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-05-06 20:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-05-06 20:03 - 2019-03-19 06:52 - 000000000 ____D C:\PerfLogs
2020-05-06 19:59 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-06 19:14 - 2020-03-21 18:10 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-05-06 19:14 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-05-06 19:13 - 2019-01-15 10:01 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-05-06 19:13 - 2019-01-04 10:49 - 000178760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-05-06 19:13 - 2019-01-04 10:49 - 000060480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-05-06 19:13 - 2019-01-04 10:49 - 000037136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-05-06 19:13 - 2018-10-10 09:56 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-05-06 19:13 - 2017-11-20 21:54 - 000205880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-05-06 19:13 - 2017-08-21 23:19 - 000851592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-05-06 19:13 - 2017-08-21 23:19 - 000460992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-05-06 19:13 - 2017-08-21 23:19 - 000319120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-05-06 19:13 - 2017-08-21 23:19 - 000109272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-05-06 19:13 - 2017-08-21 23:19 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-05-06 08:51 - 2017-04-05 17:14 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-05 08:39 - 2020-03-21 18:10 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2020-05-05 08:39 - 2020-03-21 18:10 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2020-05-05 08:39 - 2018-04-05 07:58 - 000002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-05-04 09:08 - 2016-03-29 21:47 - 000000000 ____D C:\Users\vjupt\AppData\Local\CrashDumps
2020-04-23 23:31 - 2020-03-21 17:47 - 000000000 ____D C:\Users\vjupt
2020-04-23 20:19 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-04-17 08:07 - 2020-03-21 17:47 - 000002369 _____ C:\Users\vjupt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-17 08:07 - 2016-03-23 20:27 - 000000000 ___RD C:\Users\vjupt\OneDrive
2020-04-16 17:39 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-15 10:09 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-04-15 10:09 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-14 18:03 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories ========

2017-08-21 20:38 - 2017-08-21 20:38 - 000000017 _____ () C:\Users\vjupt\AppData\Local\resmon.resmoncfg
2017-04-11 19:07 - 2017-04-11 19:07 - 000032038 _____ () C:\Users\vjupt\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2020
Ran by vjupt (09-05-2020 16:05:58)
Running from C:\Users\vjupt\Desktop
Windows 10 Home Version 1909 18363.815 (X64) (2020-03-21 16:10:44)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2437870575-3263216539-2584499593-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2437870575-3263216539-2584499593-503 - Limited - Disabled)
Guest (S-1-5-21-2437870575-3263216539-2584499593-501 - Limited - Disabled)
vjupt (S-1-5-21-2437870575-3263216539-2584499593-1001 - Administrator - Enabled) => C:\Users\vjupt
WDAGUtilityAccount (S-1-5-21-2437870575-3263216539-2584499593-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2002 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3029 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.363 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Aktualizace NVIDIA 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Amazon Assistant (HKLM-x32\...\{0538B1C2-85C1-4ECC-BA77-61F537D81092}) (Version: 10.18.0221 - Amazon) <==== ATTENTION
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.05 - NVIDIA Corporation) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.3.2405 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 81.0.3970.92 - Autoři prohlížeče Avast Secure Browser)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.8.510 - AVG Technologies)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5427.02 - CyberLink Corp.)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Heroes Of Might And Magic 5 Sběratelská Edice (HKLM-x32\...\Heroes Of Might And Magic 5 Sběratelská EdiceH5 v1.6, H5hof v2.1, H5toe v3.0) (Version: H5 v1.6, H5hof v2.1, H5toe v3.0 - Ubisoft by Etnik_23)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4599 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
LibreOffice 5.3.6.1 (HKLM-x32\...\{A253D1A0-E992-4275-A420-CD1E84437BDF}) (Version: 5.3.6.1 - The Document Foundation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.92 - McAfee, LLC.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.12730.20250 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2437870575-3263216539-2584499593-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Might and Magic Heroes VII, âĺđńč˙ 1.0.0.3 (HKLM-x32\...\Might and Magic Heroes VII_is1) (Version: 1.0.0.3 - RePack by SEYTER)
Mozilla Firefox 76.0 (x64 en-US) (HKLM\...\Mozilla Firefox 76.0 (x64 en-US)) (Version: 76.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 76.0.0.7424 - Mozilla)
NVIDIA GeForce Experience 2.11.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12730.20250 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 382.05 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Qualcomm Atheros QCA9377 Wireless LAN & Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.043 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.1 - NVIDIA Corporation) Hidden
Siko Web Kitchen Planner (HKU\S-1-5-21-2437870575-3263216539-2584499593-1001\...\SquareClock_Production_Home_Siko_Web) (Version: - 3DVIA SAS)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-5) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
XnView 1.96.2 (HKLM-x32\...\XnView_is1) (Version: 1.96.2 - Gougelet Pierre-e)
Zaklínač - Rozšířená edice (HKLM-x32\...\{86ACE727-A4F2-4B28-A37D-254D9CC03156}) (Version: 1.5 - CD Projekt Red)

Packages:
=========
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2016-07-07] (Acer Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2020-03-21] (Autodesk Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-07] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-02] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-29] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-29] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-29] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-16] (MAGIX)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-06] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-28] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2016-02-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_aa3a0bcfbcf24a1b\igfxDTCM.dll [2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-05-06] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-04-30 17:00 - 2018-04-30 17:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2015-09-25 14:12 - 2016-06-15 03:12 - 001298640 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2019-11-15 22:48 - 2019-11-15 22:47 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2019-01-04 10:43 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2437870575-3263216539-2584499593-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2437870575-3263216539-2584499593-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{0AD75BB0-C98D-4AA6-BDF8-20A96279E7DA}C:\users\vjupt\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\vjupt\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [TCP Query User{C0146031-6630-4A59-8E57-3CEB1A3D8AB9}C:\users\vjupt\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\vjupt\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [UDP Query User{F4F46737-C2F3-4285-828E-5A68060D3307}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{746DE2EC-779B-4EE0-B653-A0DDD6AE140F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{319BDEDC-B793-445A-8324-88E17892827D}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe (Limbic Entertainment GmbH -> Ubisoft, Inc.)
FirewallRules: [TCP Query User{639ACB1C-A1EF-4171-BC5A-5798B8D7D55E}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe (Limbic Entertainment GmbH -> Ubisoft, Inc.)
FirewallRules: [{47B53184-8CEC-4B22-8090-8EA0762C7446}] => (Allow) C:\Program Files (x86)\Zaklínač - Rozšířená edice\launcher.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{EDEAA954-E1FF-42A5-85A0-92A817D9FCF0}] => (Allow) C:\Program Files (x86)\Zaklínač - Rozšířená edice\launcher.exe (CD Projekt RED Sp. z o.o. -> CD Projekt Red)
FirewallRules: [{35B4EB35-4F56-44F2-AC8F-F10D54429A41}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{54A2DD8C-99D0-4EE2-B70A-72DAE875E122}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{AD235CA1-537E-4F91-9887-3D968374499D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{2632CC1E-E1D6-472D-B5CC-48E4EB3B1E81}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F6962913-23FA-44A0-892A-952048ED9DC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7E294CBA-869C-4F7F-850A-6DE08F406C78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B60787FC-3F84-4310-9C10-041C42BB829A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{1ADC8FF6-FDD3-484B-9A59-E2564DE705E0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe => No File
FirewallRules: [{4176D774-E50F-4521-9499-EA577751BB45}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{59D22B4B-2EAE-4582-90C2-BE9680A88D41}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FB6F22F5-9140-4CD6-8254-E7E18C79FBE4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File
FirewallRules: [{415A8C21-083C-4A22-8109-1D93E4555DD4}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe => No File
FirewallRules: [TCP Query User{3999EE38-71E9-4C62-9B82-517913136B5B}C:\users\vjupt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\vjupt\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{4ABD0CD2-FA9C-430B-8B36-63D90FC7EE7F}C:\users\vjupt\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\vjupt\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{48266EB6-1F6E-4A03-B69F-353C739B226B}C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
FirewallRules: [UDP Query User{2D785790-1C0F-4A1D-9452-06F1156A1B0F}C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
FirewallRules: [TCP Query User{7B550A86-1AFC-4931-946C-E7F03449043E}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe (Limbic Entertainment GmbH -> Ubisoft, Inc.)
FirewallRules: [UDP Query User{99A5B41A-35FC-4ECA-9509-E26FF54B9B8B}C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe (Limbic Entertainment GmbH -> Ubisoft, Inc.)
FirewallRules: [{830A217C-B5C1-4388-9565-280012A8EED2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{93A7E5D9-C898-4ABC-A842-E4D14F78AF54}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F299D580-EDE0-42DF-984A-2D5212B1D3B1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF4D2F38-E55F-4588-B94C-BD017029DA60}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FBA27344-2BE1-4CAF-8913-ECABE18E4FC4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{016FC75F-E564-4388-B2A7-C3CD30A289B2}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F70108D5-D7C5-4DA4-ABD3-2138D5074341}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

16-04-2020 16:03:53 Windows Update
24-04-2020 20:15:46 Naplánovaný kontrolní bod
06-05-2020 19:15:39 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/09/2020 04:04:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19428,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/09/2020 04:02:14 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/09/2020 03:16:25 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/09/2020 03:02:07 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/09/2020 02:16:25 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/09/2020 02:11:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (26912,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/09/2020 02:02:07 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/09/2020 01:48:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (22768,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

System errors:
=============
Error: (05/09/2020 01:24:49 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-6DDFJ86O)
Description: Server Microsoft.Windows.Photos_2020.19111.24110.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/09/2020 12:20:14 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (05/09/2020 12:13:23 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (10:38:35, ‎08.‎05.‎2020) bylo neočekávané.

Error: (05/09/2020 12:12:48 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (05/08/2020 09:17:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Quick Access Local Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/08/2020 09:17:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (05/08/2020 09:17:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ePower Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/08/2020 09:17:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

CodeIntegrity:
===================================

Date: 2020-05-09 16:01:27.864
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-05-09 15:39:58.010
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-09 15:39:57.941
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-09 15:39:57.842
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-09 15:39:57.748
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-09 15:39:57.612
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-09 15:39:57.437
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-09 15:39:57.392
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.03 08/28/2015
Motherboard: Acer Zoro_SL
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 50%
Total physical RAM: 8058.59 MB
Available physical RAM: 4027.75 MB
Total Virtual: 9466.59 MB
Available Virtual: 5311.18 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:763.87 GB) NTFS

\\?\Volume{807055d2-dc7b-4e32-84d0-a68c4a27b3cf}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{4cf6bd25-0c87-45e6-b8da-ea00be3542e0}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0994759A)

Partition: GPT.

==================== End of Addition.txt =======================

#8 Příspěvek od **Conder** » 11 kvě 2020 00:16

Pardon za zdrzanie

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\WINDOWS\system32\nvspcap64.dll
File: C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
File: C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb@amazon.com
File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
File: C:\WINDOWS\System32\drivers\Qcamainx64.sys
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0538B1C2-85C1-4ECC-BA77-61F537D81092}

FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {9D6FA8F3-35CB-411B-87DB-E2E7BA7E2230} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C20A64F1-9968-4FF3-8B77-D0D89D360624} - \CCleanerSkipUAC -> No File <==== ATTENTION
HKU\S-1-5-21-2437870575-3263216539-2584499593-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
FF Extension: (Amazon 1Button App for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb@amazon.com [2020-04-10] [Legacy] [not signed]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
FirewallRules: [TCP Query User{48266EB6-1F6E-4A03-B69F-353C739B226B}C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
FirewallRules: [UDP Query User{2D785790-1C0F-4A1D-9452-06F1156A1B0F}C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
C:\Program Files (x86)\Amazon\Amazon Assistant
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0538B1C2-85C1-4ECC-BA77-61F537D81092}

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

psisko · #9 Příspěvek od **psisko** » 16 kvě 2020 09:12

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by vjupt (16-05-2020 09:58:21) Run:2
Running from C:\Users\vjupt\Desktop
Loaded Profiles: vjupt
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\WINDOWS\system32\nvspcap64.dll
File: C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
File: C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb@amazon.com
File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
File: C:\WINDOWS\System32\drivers\Qcamainx64.sys
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0538B1C2-85C1-4ECC-BA77-61F537D81092}

FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {9D6FA8F3-35CB-411B-87DB-E2E7BA7E2230} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C20A64F1-9968-4FF3-8B77-D0D89D360624} - \CCleanerSkipUAC -> No File <==== ATTENTION
HKU\S-1-5-21-2437870575-3263216539-2584499593-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
FF Extension: (Amazon 1Button App for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb@amazon.com [2020-04-10] [Legacy] [not signed]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [TCP Query User{48266EB6-1F6E-4A03-B69F-353C739B226B}C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
FirewallRules: [UDP Query User{2D785790-1C0F-4A1D-9452-06F1156A1B0F}C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe] => (Allow) C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe => No File
C:\Program Files (x86)\Amazon\Amazon Assistant
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0538B1C2-85C1-4ECC-BA77-61F537D81092}

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 206
Average :
Sum : 544655505
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

========================= File: C:\WINDOWS\system32\nvspcap64.dll ========================

C:\WINDOWS\system32\nvspcap64.dll
File not signed
MD5: A3825B02EC2175CDA3823E5D484B382E
Creation and modification date: 2015-09-25 14:13 - 2016-06-15 03:12
Size: 001767760
Attributes: ----A
Company Name: NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation
Internal Name: nvspcap
Original Name: nvspcap.dll
Product: NVIDIA GeForce Experience
Description: NVIDIA Capture Server Proxy
File Version: 2.11.4.1
Product Version: 2.11.4.1
Copyright: (C) NVIDIA Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/90ab50f ... 585164959/

====== End of File: ======

========================= File: C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ========================

C:\Users\vjupt\AppData\Roaming\Mozilla\Firefox\Profiles\npxxmynl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
File not signed
MD5: E9367FD223AD6370B5443F1D2B29FF99
Creation and modification date: 2016-11-14 21:40 - 2020-04-01 13:43
Size: 001600188
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/944277b ... 589563513/

====== End of File: ======

========================= File: C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb@amazon.com ========================

C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb@amazon.com
File not signed
MD5: <==== ATTENTION (zero byte File/Folder)
Creation and modification date: 2020-05-10 12:41 - 2020-05-10 12:41
Size: 000000000
Attributes: ----D
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0-byte

====== End of File: ======

========================= File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe ========================

C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
File not signed
MD5: 8213094EA736A9C575AB0E22AD09B0BA
Creation and modification date: 2015-05-19 18:11 - 2015-05-19 18:11
Size: 000335872
Attributes: ----A
Company Name: Intel Corporation
Internal Name: isa.exe
Original Name: isa.exe
Product: Intel(R) Security Assist
Description: Intel(R) Security Assist
File Version: 1.0.0.532
Product Version: 1.0.0.532
Copyright: Copyright © 2014
VirusTotal: https://www.virustotal.com/file/12670a4 ... 589433521/

====== End of File: ======

========================= File: C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe ========================

C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
File not signed
MD5: 1DFC3CCA51785254C5604238BB1A5467
Creation and modification date: 2015-05-19 18:11 - 2015-05-19 18:11
Size: 000007680
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/31451a9 ... 588521794/

====== End of File: ======

========================= File: C:\WINDOWS\System32\drivers\Qcamainx64.sys ========================

C:\WINDOWS\System32\drivers\Qcamainx64.sys
File not signed
MD5: D76F885983B04E8BE2D1BDEF118A097E
Creation and modification date: 2015-07-10 12:59 - 2015-07-10 12:59
Size: 002276352
Attributes: ----A
Company Name: Qualcomm Atheros, Inc.
Internal Name: ATHR.SYS
Original Name: ATHR.SYS
Product: Driver for Qualcomm Atheros QCA61x4 Network Adapter
Description: Qualcomm Atheros Extensible Wireless LAN device driver
File Version: 4.0.0.115
Product Version: 4.0.0.115
Copyright: Copyright (C) 2001-2014 Qualcomm Atheros, Inc.
VirusTotal: 0

====== End of File: ======

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0538B1C2-85C1-4ECC-BA77-61F537D81092}]
"AuthorizedCDFPrefix"=""
"Comments"=""
"Contact"=""
"DisplayVersion"="10.18.0221"
"HelpLink"=""
"HelpTelephone"=""
"InstallDate"="20180226"
"InstallLocation"=""
"InstallSource"="C:\WINDOWS\TEMP\"
"NoRemove"="1"
"NoRepair"="1"
"Publisher"="Amazon"
"Readme"=""
"Size"=""
"EstimatedSize"="2608"
"URLInfoAbout"=""
"URLUpdateInfo"=""
"VersionMajor"="10"
"VersionMinor"="18"
"WindowsInstaller"="1"
"Version"="168952029"
"Language"="1033"
"DisplayName"="Amazon Assistant"

=== End of ExportKey ===
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D6FA8F3-35CB-411B-87DB-E2E7BA7E2230}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D6FA8F3-35CB-411B-87DB-E2E7BA7E2230}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C20A64F1-9968-4FF3-8B77-D0D89D360624}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C20A64F1-9968-4FF3-8B77-D0D89D360624}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
HKU\S-1-5-21-2437870575-3263216539-2584499593-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb@amazon.com => moved successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{48266EB6-1F6E-4A03-B69F-353C739B226B}C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2D785790-1C0F-4A1D-9452-06F1156A1B0F}C:\program files (x86)\r.g. mechanics\might and magic heroes vii\binaries\win64\mmh7game-win64-shipping.exe" => removed successfully
"C:\Program Files (x86)\Amazon\Amazon Assistant" => not found
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0538B1C2-85C1-4ECC-BA77-61F537D81092} => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 120997582 B
Java, Flash, Steam htmlcache => 9212 B
Windows/system/drivers => 0 B
Edge => 117625486 B
Chrome => 496243449 B
Firefox => 1161738601 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 237894 B
NetworkService => 284958 B
vjupt => 104159253 B

RecycleBin => 202519143 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 10:04:18 ====

#10 Příspěvek od **Conder** » 16 kvě 2020 23:01

Odporucam aktualizovat ovladace NVIDIA, nakolko nainstalovana verzia je stara uz vyse 3 roky. Aktualnu verziu pre tvoju graficku kartu a system stiahnes z https://nvidia.com/drivers

Spusti kontrolu integrity systemovych suborov:

Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca

Skopiruj a spusti prikaz:

Kód: Vybrat vše

DISM.exe /Online /Cleanup-image /Restorehealth

Po dokonceni skopiruj a spusti druhy prikaz:
Kód: Vybrat vše
```
sfc /scannow
```

Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

Kód: Vybrat vše

findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt

Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
Restartuj PC a napis ako sa chova PC

psisko · #11 Příspěvek od **psisko** » 22 kvě 2020 23:25

Ovladace nvidie jsou pro dany typ ntb nejaktualnejsi... i kdyz 3 roky stare.

Nabehnuti prihlasovaci obrazovky do windows nejakou dobu trva (cca 5s), ale potom samotne prihlaseni a nabehnouti windows je rychle.

Pocitove si myslim ze ke nejakemu zrychleni doslo.

#12 Příspěvek od **Conder** » 24 kvě 2020 17:01

Vyzera to OK. Su s PC este nejake problemy?

psisko · #13 Příspěvek od **psisko** » 24 kvě 2020 18:09

Zatim dalsi problemy nejsou, takze je to vse.
Dekuji za pomoc.

#14 Příspěvek od **Conder** » 24 kvě 2020 20:02

Tak este upraceme po pouzitych nastrojoch:

Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
Uloz na plochu a spusti
Nechaj oznacenu moznost "Remove disinfection tools"
Klikni na "Run"

psisko · #15 Příspěvek od **psisko** » 26 kvě 2020 18:26

Hotovo, vse smazano.

Jeste jednou dekuji.

VIRY.CZ

Zpomaleni ntb

Zpomaleni ntb

Re: Zpomaleni ntb

Re: Zpomaleni ntb

Re: Zpomaleni ntb

Re: Zpomaleni ntb

Re: Zpomaleni ntb

Re: Zpomaleni ntb

Re: Zpomaleni ntb

Re: Zpomaleni ntb

Re: Zpomaleni ntb

Re: Zpomaleni ntb

Re: Zpomaleni ntb

Re: Zpomaleni ntb

Re: Zpomaleni ntb

Re: Zpomaleni ntb