Vytížení procesoru v klidu na 100%

[Iskr]

Dobrý den, při noteboku v klidu se vytěžuje procesor na 100% po pohnutí myší nebo otevření noteboku se okamžitě sníží vytížení na normální hodnotu tj. 1-3%.
Můžete mi prosím pomoci? Děkuji.


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Ivo (16-12-2020 22:17:01)
Running from C:\Users\Ivo\Desktop
Windows 10 Home Version 20H2 19042.685 (X64) (2020-10-08 22:31:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2884157376-2232874990-821542724-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2884157376-2232874990-821542724-503 - Limited - Disabled)
Guest (S-1-5-21-2884157376-2232874990-821542724-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2884157376-2232874990-821542724-1002 - Limited - Enabled)
Ivo (S-1-5-21-2884157376-2232874990-821542724-1000 - Administrator - Enabled) => C:\Users\Ivo
WDAGUtilityAccount (S-1-5-21-2884157376-2232874990-821542724-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.22 - Adobe Systems)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.9.2437 - Avast Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Deezer 4.17.1 (HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\{67490f87-0893-5593-ae76-b1e5d0acd13f}) (Version: 4.17.1 - Deezer)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Excel (HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
HP Support Assistant (HKLM-x32\...\{1E14ACF0-1480-4467-A73D-67C4FD35A5F4}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{A0310A3B-73AB-4E81-ABB6-8D4CEF8C0AA6}) (Version: 12.18.34.21 - HP Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MKVToolNix 51.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 51.0.0 - Moritz Bunkus)
Mozilla Firefox 83.0 (x64 cs) (HKLM\...\Mozilla Firefox 83.0 (x64 cs)) (Version: 83.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
Outlook (HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
Registry First Aid 11 (HKLM\...\RFA11_is1) (Version: 11.3.0 - RoseCitySoftware)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Word (HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2884157376-2232874990-821542724-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Ivo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2884157376-2232874990-821542724-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Ivo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Loaded Modules (Whitelisted) =============

2012-09-23 20:44 - 2012-09-23 20:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2020-12-12 06:56 - 2020-12-12 06:56 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\A4.Foundation\299bf2e4e23af02175445e6a26f183b3\A4.Foundation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\a24c26eba4ea3ddce65e74fa4668e293\AEM.Actions.CCAA.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\b1c480fea6a1f23d52c3e56efa0e3568\AEM.Plugin.EEU.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\ab84ec371d67664b2b3835984aa2dce2\AEM.Plugin.Hotkeys.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\067d1b4cc2a05184c6e0a89aaee60af6\AEM.Plugin.DPPE.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\f535d9aad773e6d356547f8e5efc5a55\AEM.Plugin.Source.Kit.Server.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\20e43f89b55b6c6d58c04b22890cbbc3\AEM.Plugin.WinMessages.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\2cb21aaa54b1116e4ceda042a9d4ce1e\AEM.Plugin.REG.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\a0c3b8ce9c35481a6521f517227bbbe2\AEM.Plugin.GD.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\6cfd22563e0e2c727f094a3de46cf569\AEM.Server.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\8e824043be59343847600763c50d6229\AEM.Server.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Foundation\8b0dfc591b480594610bbaa94430d4db\APM.Foundation.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\4f9523253033d141734969c0866c932c\ATICCCom.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\af1df7a28635d8dc2019da4ad419ebaa\CCC.Implementation.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\cd69cd6c682b5af8e5d39cf83d69e86b\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\c473afacd64a10cb325e6c9ac524f824\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\1de0b258089f746ad04d1233cf969b29\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\dd5cc863637abdfb436e9ceaee87b61a\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\119e8f5a6e9313af4844f1cb23d04601\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\bf72cdb8017728ac2915993a05842fee\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\7d0c76fec9fac2df51435a2a0f823cde\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\7ee8d68f2500cbf06d0e1339d0509d76\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\ea99ad5efa6b77f631f17f3f6514113d\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\b25d1017d66178bbb77c5038da1e5327\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000365056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\e51ade072914adc16c9cc1a4eb929b0b\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\d8be2b25b0caf7f3d2433074ff98e9bb\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\5c996f5c11ac17ef06f84931ef195935\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\528e8766b99ec47ea476e036a210492b\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000449536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\65cd434862baef10fc07bd43d6d2167e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\7f049fbbcaafea4d4220a3b532b5c57b\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\ebccb64be88b1b07b48f2652531555a7\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\d52f956e96982557fc647f907c8b6ba8\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\59f37443a686efbf0c52772f1db24e0e\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\7b74f226074a5fac1e09e0def576b8c4\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\3e009bed5e4d5046f36f132a1b75aa95\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\e62039c5f426da0d2aa0415ba6806c9e\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000096256 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4f2f79c#\44975e3ee24433a1e9af1a654e25d48e\CLI.Aspect.CrossFireX.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\24a2cc20fd43f0a9ca86f44040cb1067\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\711a19b2cdab61f725d7b781b2b2978e\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\44b63310c195cfc86fdc7b385b24d1af\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\2597fa5cfc6bbd186558dd3ddb3875f3\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\0e5e46fe8262765fc01f531393cea826\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\1b793612380f60d287e5c5f86122e89c\CLI.Caste.A4.Runtime.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\0f047cf9e2239851a811b935d7b109d0\CLI.Caste.A4.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\1ac15d58e991bba3119174c4cacbd430\CLI.Caste.A4.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\756be47d421c14309af0c8d9dddc6a29\CLI.Caste.Fuel.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\237f6779fe63e0a2c1d282dcaae5138d\CLI.Caste.Fuel.Runtime.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\0b593db358de3dccf526e300e41ec80b\CLI.Caste.Fuel.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\a5e2e36025e5e42aeff913bbda1aa6d6\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 001555456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\90403123119c49c266bf1258a7b5a427\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\c3db145be9238bed851ff93311846c1e\CLI.Caste.Graphics.Dashboard.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\67666baee565c9b0f6a67df38462c2f3\CLI.Caste.HydraVision.Runtime.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\be62787dd2bab6bbe758bb473b72c8e4\CLI.Caste.HydraVision.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\afe6578340859949a1f8c04b3ec1a950\CLI.Caste.HydraVision.Dashboard.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\0552c276520bab46992e3d931c858708\CLI.Caste.Platform.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\753c0337e60bbef84ae2e4d415b423f7\CLI.Caste.Platform.Runtime.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\2b493f8b9b0a19c02d3185fd55a06479\CLI.Caste.Platform.Dashboard.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\0619ae2c3e8cc53377fbecef51f243ed\CLI.Component.Runtime.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\c518078f056b4bfe362824a0c2eb6a1d\CLI.Component.Systemtray.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\a5d4f7bc274570e961d31ef54ab7a5b6\CLI.Component.Dashboard.ProfileManager2.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\780c8bd8339ff2def14b0207cd808a3b\CLI.Component.Runtime.Shared.Private.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\c2b5ee81f835f248ac92e192a11b37f2\CLI.Component.Runtime.Extension.EEU.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\af1109fbe4d7fc6179633ab8d88da5e7\CLI.Component.Dashboard.Shared.Private.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\6b3ed4c60de00ed811251fa44d4ba20d\CLI.Component.Client.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\007e57a69242e84ff334564a788165c0\CLI.Component.Dashboard.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000495104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Component.Eeu\bd601c8af027275ad0aa1623c49e12bf\CLI.Component.Eeu.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\a0a2b615cdc294c7d3af29f42d6f3369\CLI.Foundation.Private.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\4e50f43f222133081bca51d4ec374497\CLI.Foundation.XManifest.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\bcdee5c6fe25466f8c29767f6b2b1294\CLI.Foundation.CoreAudioAPI.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 001079808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\7ae69decea6a4aa96956ffd2f2a3c7c7\CLI.Foundation.Client.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\0d8463856ff1e00efd68259f58d6728c\CLI.Foundation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\5d12a5ba7cfcf92e2bdedb9c65064c74\DEM.Foundation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\5658790b6d8ee4f840d1ca57866316ce\DEM.Graphics.I0601.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\dfa1099aca23fc47444238db01432d1e\DEM.Graphics.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\7224c4f48b25b446a37e68bf70496628\Fuel.Foundation.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\a78770c1aa6c2dab44748ff83862ffd8\LOG.Foundation.Implementation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\bb140c3f749aad3e194c37b732486584\LOG.Foundation.Private.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\941a6700366b94ec64b62cc506f95d74\LOG.Foundation.Implementation.Private.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\8bffc8512084e42bddfb1d3d77870062\LOG.Foundation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\c718fcd8c25b703ccad4cb802f9c7dca\MOM.Foundation.ni.dll
2020-12-12 06:59 - 2020-12-12 06:59 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\942416935b21cacc907f56d100506704\MOM.Implementation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\ae9a13269043d55e4140d5868270661d\NEWAEM.Foundation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\79c00831b1c30bf18fb586d85535361d\ADL.Foundation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Server\11725f354a5e8c6ce052906bd4a8e5e8\APM.Server.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000783872 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.79734f7a#\afe147c6208bc23f2a925029af109475\CLI.Aspect.PowerXpress.Graphics.Runtime.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000357888 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b3da5a8f#\37acbd45f67c3cc7e678f66a363091f5\CLI.Aspect.PowerXpress.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000595456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4846ba2#\56881ab2c6fcc6c32f4e6ff58191142a\CLI.Aspect.PowerXpress.Graphics.Dashboard.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\e186c12376d44c5b6a15c283351ab6dd\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\fbe1091865f44020e04b0a581e5b965c\CLI.Component.Client.Shared.Private.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\e6ebbe99ad169505a7b1614029784799\CLI.Component.Runtime.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\9f85e53cf5df5a8956d5924c1641875a\CLI.Component.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000011264 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0702\b412bf450c79457c9c6e02719fef3a99\DEM.Graphics.I0702.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\5252f14189e3677767b454164fb541cf\DEM.Graphics.I0709.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000009728 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0710\8eeed39b8e461125c3b64ec004190ba5\DEM.Graphics.I0710.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\5e93aedbce33eb9d7f84de52de38623c\DEM.Graphics.I0712.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\aa9984e9a16523bb1fd71b855c687aa6\DEM.Graphics.I0804.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000009728 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0901\2fe32ec8719bc5e139d20434f117fd6f\DEM.Graphics.I0901.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\58c6e0a82fa1629f5583fd56b7323d3c\DEM.Graphics.I0906.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\4fe945ea0f126bb4dccba474e3ee74dd\DEM.Graphics.I1010.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\850f9ba397907bdd65f8b39b38d30802\Localization.Foundation.Private.ni.dll
2020-12-12 06:59 - 2020-12-12 06:59 - 000244736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\df9086090f8f6de10c94d705341b97b2\ResourceManagement.Foundation.Implementation.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\efe86db00af2e0b19c8260888e88ed76\ResourceManagement.Foundation.Private.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\a802237af3bb77d74574a5a45b0f1093\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\4a7c17df5f87f28d7f3bf2f2aee0ca6c\CLI.Caste.Graphics.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 003268096 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\38fb846f3a344f93b10dfd7394da66e1\CLI.Caste.Graphics.Runtime.ni.dll
2011-01-06 20:07 - 2011-01-06 20:07 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
2020-10-08 23:25 - 2020-10-08 23:25 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
2020-12-12 06:57 - 2020-12-12 06:57 - 000335360 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\4f0fd874313da401477c46c3cec85dc9\Microsoft.WindowsAPICodePack.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 002546688 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\afcccd3abf9b676c4caf03c205a9fc45\Microsoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-05-13 07:28 - 2020-05-13 07:28 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2884157376-2232874990-821542724-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AthBtTray"
HKLM\...\StartupApproved\Run: => "rfagent"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{84D9F034-45F2-4A09-8C3C-22BD87319052}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C0282EE2-8654-4C8A-BF12-F925724307AC}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4216625A-9EFE-48CB-B77E-2B8702CCCEDF}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6A9BC8A0-9421-44DC-B383-8D6AE0067C54}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{37812F76-1CD2-4AD6-8DCE-11EA69AE8DAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{AEF6C2D7-167C-45F0-ADB5-D1EEC05EC023}C:\users\ivo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{1509E5A0-698B-41EC-BDD4-3DE580B26B1D}C:\users\ivo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{B8E0B32D-BDC9-4A2E-9250-15150F0062BB}] => (Allow) C:\Users\Ivo\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{6E3B8E04-4684-49C3-9C27-788EE67D3299}] => (Allow) C:\Users\Ivo\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{44192D8B-4434-4218-B208-3E409504F6F8}C:\users\ivo\appdata\local\programs\deezer-desktop\deezer.exe] => (Allow) C:\users\ivo\appdata\local\programs\deezer-desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [UDP Query User{F7BA1E34-3BCC-4E85-B495-DB95F62420A3}C:\users\ivo\appdata\local\programs\deezer-desktop\deezer.exe] => (Allow) C:\users\ivo\appdata\local\programs\deezer-desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [{E9BA7A60-4503-440F-A9EF-B2D65A8CEEAB}] => (Block) C:\users\ivo\appdata\local\programs\deezer-desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [{2EF0ED40-A8B1-48D5-A1E0-6EA64D82455E}] => (Block) C:\users\ivo\appdata\local\programs\deezer-desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [{EEAB5AD5-F264-4813-B339-F6E3DC03BFD6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D1FC2ED8-46D0-4370-9FCF-F937326016A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1A65AC61-850A-45F4-B496-C712294E44C8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8854D2DD-C935-4466-8136-430828FD1438}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.87.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

01-12-2020 17:56:08 Naplánovaný kontrolní bod
10-12-2020 17:59:41 Naplánovaný kontrolní bod
11-12-2020 23:23:09 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/12/2020 12:38:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SpywareTerminator.exe verze 3.0.1.112 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: b20

Čas spuštění: 01d6d0740fff567e

Čas ukončení: 33

Cesta k aplikaci: C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe

ID hlášení: 1b93fd8c-17c1-4fcf-8a95-aa743a448615

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/12/2020 11:16:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro E:\windows\avastSS.scr se nezdařilo.
Závislé sestavení Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/12/2020 08:44:28 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HP_TOOLS (G:), protože: Tato operace není v tomto systému souborů podporována. (0x89000020)

Error: (12/12/2020 08:44:28 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HP_RECOVERY (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/12/2020 08:44:26 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/12/2020 08:41:23 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na SYSTEM (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/12/2020 06:56:08 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na SYSTEM (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/10/2020 05:35:19 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007


System errors:
=============
Error: (12/16/2020 06:37:01 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/15/2020 10:53:52 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/15/2020 01:00:20 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/15/2020 01:00:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:39:08, ‎15.‎12.‎2020) bylo neočekávané.

Error: (12/15/2020 12:39:02 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/14/2020 09:58:59 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/13/2020 06:22:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Spyware Terminator 2015 Realtime Shield Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/13/2020 06:15:15 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.


CodeIntegrity:
===================================

Date: 2020-12-16 22:12:23.2790000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-16 22:04:24.1520000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-16 22:04:23.9400000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-16 22:04:23.8390000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-16 22:04:23.6140000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-16 22:01:57.4030000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-16 22:01:57.3090000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-16 22:01:57.1830000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Hewlett-Packard 68SRR Ver. F.40 03/12/2013
Motherboard: Hewlett-Packard 167C
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 53%
Total physical RAM: 8126.36 MB
Available physical RAM: 3763.36 MB
Total Virtual: 8126.36 MB
Available Virtual: 3900.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:953.12 GB) (Free:807.6 GB) NTFS
Drive d: (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:676.77 GB) (Free:197.68 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_RECOVERY) (Fixed) (Total:16.57 GB) (Free:2.49 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.1 GB) FAT32

\\?\Volume{fbb94c43-3ead-11e9-8f0d-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{e785f085-0000-0000-0000-e04dee000000}\ () (Fixed) (Total:0.65 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: E785F085)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=953.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=666 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: D0B5D163)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=676.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End of Addition.txt =======================



==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117344 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [rfagent] => C:\Program Files\RFA 11\rfagent64.exe [3847696 2019-03-25] (Rose City Software -> RoseCitySoftware)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Ivo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Ivo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\RunOnce: [Uninstall 20.169.0823.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ivo\AppData\Local\Microsoft\OneDrive\20.169.0823.0008\amd64"
HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\RunOnce: [Uninstall 20.169.0823.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Ivo\AppData\Local\Microsoft\OneDrive\20.169.0823.0008"
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {034A72C3-4CBF-4E2D-B7FB-E577435E2F9B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {07EED79E-E376-4D72-9E4F-8562488734A2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10172379-A741-4E76-886A-675C28945FD5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {10302755-5114-4690-BCCC-86EE4175FCE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {10EF1FA5-30DA-440E-8501-B181CA26183E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {183406E6-E1F5-4FF3-8CA7-9E281B18824D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4617832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {1D665A80-1BE2-47C0-BEC5-403FC16EB045} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1E3802E5-A275-4812-B1EA-C376150599D9} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {1F3DA1B4-5E7E-4A1D-BF70-E03740CE29FA} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {2AC17D49-4C05-46B3-B431-FEB654873828} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {41F5BDF8-9D0C-4DF7-8C1F-C94755B7BB80} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [348504 2020-11-06] (HP Inc. -> HP Inc.)
Task: {4239DD9B-B1DE-43E8-85D2-5D35310DE5FA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {4485563F-4E90-49B3-8251-86D9A79FC901} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {466DB817-08BA-4641-9965-D3B2F15C407F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {48698ACD-CFC5-45DA-B663-2A72F2E2DB35} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {50F6FB88-226B-4ADE-9895-7863D9D8D202} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {53DFBF5D-4CF8-41DD-B306-3085AB8FD065} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {55889FC6-85D5-48D5-8417-D630F8E0C9C8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-21] (Avast Software s.r.o. -> Avast Software)
Task: {595952AA-5FBC-4313-B252-5419BC6CC600} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6982BC91-9CBA-401A-88CD-B95B0DB27F6F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {6ACE76A3-3F4E-4EB4-99ED-6A08BA3473E9} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {6E33370E-68E4-42F3-ABEE-9DDFF2708A36} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {7598C19A-7C96-4BD5-9AC0-8551F9325461} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {78B9BA8D-C3A4-48AF-9ABD-07F6DFA13623} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7C37EE7D-3705-4001-ACF6-27036F53C6DB} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7E27AB6D-9F7A-4A89-8DAC-10F8E6C4EA5C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7F0291CE-DDB6-47FA-A4EC-96B25E2DA49D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {86F669D4-E926-41DB-BE83-C352828A2575} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {973000D9-FF7A-4004-8B3D-659A731162DE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9B924B57-B642-47E3-B712-E8B9F6F51036} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {A0814C89-E0E2-4F84-99AB-248476B21B79} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A5B3CA88-2726-4DB6-B9B4-515E247AD569} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B8CE5952-DB19-446F-8FA4-461BA9228CBF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C9DC574C-5264-44F7-AFDA-7155235851C5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CA34D836-7A8F-42DF-9B86-3A0C0FFAC739} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D3413FB4-3B4A-4944-B71C-7F9064D1E3DF} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {D5C4DFE0-9C1E-4290-85CB-1E564A7B5343} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {DF5219B0-59AB-4342-9AE4-2F785E20378B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {E2322AA3-4F7D-4168-AB06-2618217CCA18} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {E640B51B-C7DC-4162-9FE3-9B5BE9C3F4AD} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2018-12-10] (HP Inc. -> HP Inc.)
Task: {E8B59696-9DE1-466E-A750-4F52DD340875} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-09-10] (LENOVO -> Lenovo)
Task: {F0268B6F-7153-4753-A75A-1D51134671E3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F58A056B-FD3B-457F-907C-A88F95A5BF12} - System32\Tasks\Agent Activation Runtime\S-1-5-21-2884157376-2232874990-821542724-1000 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-12-11] (Microsoft Windows -> )
Task: {F71FCC6F-2776-4E33-87E4-FDAFBEC6CD63} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7E42B135-83A3-4449-A563-B228DF2EA2C1}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7E42B135-83A3-4449-A563-B228DF2EA2C1}: [DhcpNameServer] 192.168.1.1

Edge:
======
DownloadDir: C:\Users\Ivo\Downloads
Edge Profile: C:\Users\Ivo\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-16]
Edge Extension: (Outlook) - C:\Users\Ivo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-17]
Edge Extension: (Word) - C:\Users\Ivo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-17]
Edge Extension: (Excel) - C:\Users\Ivo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-17]
Edge Extension: (PowerPoint) - C:\Users\Ivo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-17]

FireFox:
========
FF DefaultProfile: s5tui7ka.default
FF ProfilePath: C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default [2020-12-16]
FF Notifications: Mozilla\Firefox\Profiles\s5tui7ka.default -> hxxps://www.deezer.com; hxxps://www.exasoft.cz; hxxps://www.slevomat.cz
FF Extension: (Tampermonkey) - C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\Extensions\firefox@tampermonkey.net.xpi [2020-11-04]
FF Extension: (uBlock Origin) - C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\Extensions\uBlock0@raymondhill.net.xpi [2020-11-23]
FF Extension: (Anonymous - I am free) - C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\Extensions\{283b426b-78c2-48cf-8cd7-8d3fa4dc101f}.xpi [2019-05-13]
FF Extension: (fractal summer colors) - C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\Extensions\{4d723626-21f9-4179-b157-5fd7094ba414}.xpi [2019-05-14]
FF Extension: (Plná Peněženka Lištička Lite) - C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\Extensions\{85d8e8cc-273a-4845-a75b-4b44377c703c}.xpi [2020-10-31]
FF SearchPlugin: C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\searchplugins\novinkycz.xml [2015-10-06]
FF SearchPlugin: C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\searchplugins\sfd.xml [2015-08-15]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2019-03-15] [Legacy]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-08-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-07-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
U2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
U2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
U3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8454552 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros Communications Inc. -> Atheros) [File not signed]
U2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [365648 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [3096160 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U3 COMSysApp; C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [21312 2020-10-15] (Microsoft Windows -> Microsoft Corporation)
U3 COMSysApp; C:\WINDOWS\SysWOW64\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [19256 2020-10-15] (Microsoft Windows -> Microsoft Corporation)
U3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
U2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
U2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-16] (Malwarebytes Inc -> Malwarebytes)
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206408 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332368 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97352 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16816 2020-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
U1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176744 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521752 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U3 aswNetNd6; C:\WINDOWS\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-21] (AVAST Software s.r.o. -> AVAST Software)
U1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326416 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
U3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
U3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
U3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
U0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
U3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-16] (Malwarebytes Inc -> Malwarebytes)
U3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-16 22:15 - 2020-12-16 22:15 - 000021407 _____ C:\Users\Ivo\Desktop\FRST.txt
2020-12-16 22:14 - 2020-12-16 22:15 - 000000000 ____D C:\FRST
2020-12-16 22:12 - 2020-12-16 22:12 - 002286592 _____ (Farbar) C:\Users\Ivo\Desktop\FRST64.exe
2020-12-16 22:01 - 2020-12-16 22:01 - 000000000 ____D C:\Users\Ivo\AppData\Local\mbam
2020-12-16 22:00 - 2020-12-16 22:00 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-16 22:00 - 2020-12-16 22:00 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-16 22:00 - 2020-12-16 22:00 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-16 22:00 - 2020-12-16 22:00 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-16 22:00 - 2020-12-16 22:00 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-16 22:00 - 2020-12-16 22:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-16 22:00 - 2020-12-16 22:00 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-16 21:59 - 2020-12-16 21:59 - 002086424 _____ (Malwarebytes) C:\Users\Ivo\Desktop\MBSetup.exe
2020-12-15 22:59 - 2020-12-16 20:29 - 000002017 _____ C:\Users\Ivo\Desktop\Cibulový chléb.txt
2020-12-11 23:36 - 2020-12-11 23:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-11 23:36 - 2020-12-11 23:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-11 23:36 - 2020-12-11 23:36 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-11 23:36 - 2020-12-11 23:36 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 23:36 - 2020-12-11 23:36 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-11 23:36 - 2020-12-11 23:36 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-11 23:36 - 2020-12-11 23:36 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-11 23:36 - 2020-12-11 23:36 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-11 23:36 - 2020-12-11 23:36 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-11 23:36 - 2020-12-11 23:36 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-11 23:36 - 2020-12-11 23:36 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-11 23:36 - 2020-12-11 23:36 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-11 23:35 - 2020-12-11 23:35 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-11 23:35 - 2020-12-11 23:35 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-11 23:35 - 2020-12-11 23:35 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-11 23:35 - 2020-12-11 23:35 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 23:35 - 2020-12-11 23:35 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-11 23:35 - 2020-12-11 23:35 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-11 23:35 - 2020-12-11 23:35 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-11 23:35 - 2020-12-11 23:35 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-11 23:35 - 2020-12-11 23:35 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-11 23:35 - 2020-12-11 23:35 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-10 22:57 - 2020-12-10 23:49 - 000002635 _____ C:\Users\Ivo\Desktop\ŠÉFŮV CHLEBA.txt
2020-12-10 21:29 - 2020-12-12 10:17 - 000002076 _____ C:\Users\Ivo\Desktop\TOASTOVÝ CHLEBA.txt
2020-12-05 21:45 - 2020-12-12 14:00 - 000001420 _____ C:\Users\Ivo\Desktop\Chléb Kubík.txt
2020-11-28 21:49 - 2020-11-28 21:49 - 000001509 _____ C:\Users\Ivo\Desktop\mkvtoolnix-gui.exe – zástupce.lnk
2020-11-28 21:49 - 2020-11-28 21:49 - 000000000 ____D C:\Users\Ivo\AppData\Local\bunkus.org
2020-11-28 21:48 - 2020-11-28 21:48 - 019151904 _____ (Moritz Bunkus) C:\Users\Ivo\Desktop\mkvtoolnix-64-bit-51.0.0-setup.exe
2020-11-28 21:48 - 2020-11-28 21:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2020-11-28 21:48 - 2020-11-28 21:48 - 000000000 ____D C:\Program Files\MKVToolNix
2020-11-27 16:59 - 2020-11-27 16:59 - 000339552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-11-27 16:59 - 2020-11-27 16:59 - 000217336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-11-22 18:12 - 2020-11-22 18:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-16 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-16 22:06 - 2019-03-04 20:19 - 000000000 ____D C:\Users\Ivo\AppData\LocalLow\Mozilla
2020-12-16 22:01 - 2019-03-05 01:11 - 000007631 _____ C:\Users\Ivo\AppData\Local\resmon.resmoncfg
2020-12-16 22:00 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-16 21:38 - 2020-10-08 23:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-16 19:46 - 2020-10-08 23:31 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2884157376-2232874990-821542724-1000
2020-12-16 19:46 - 2020-10-08 23:24 - 000002391 _____ C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-16 19:46 - 2020-05-03 19:18 - 000000000 ___RD C:\Users\Ivo\OneDrive
2020-12-16 18:52 - 2019-03-04 22:08 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-16 18:41 - 2020-10-08 23:31 - 001841760 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-16 18:41 - 2019-12-07 15:41 - 000752106 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-16 18:41 - 2019-12-07 15:41 - 000162644 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-16 18:41 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-16 18:38 - 2019-10-03 11:44 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-12-16 18:37 - 2020-10-08 23:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-16 01:03 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-15 23:22 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-15 23:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-15 13:06 - 2020-10-08 23:24 - 000000000 ____D C:\Users\Ivo
2020-12-15 13:06 - 2019-03-10 19:17 - 000000000 ____D C:\Users\Ivo\AppData\Roaming\uTorrent
2020-12-14 22:01 - 2020-10-08 23:31 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-13 18:19 - 2019-03-04 20:35 - 000000000 ____D C:\Program Files (x86)\HP
2020-12-12 20:38 - 2020-06-04 21:57 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-12 14:29 - 2020-10-09 08:20 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d69dc2556e07cb
2020-12-12 14:29 - 2020-10-08 23:31 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-12 14:29 - 2020-10-08 23:31 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-12 14:29 - 2020-10-08 23:31 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-12-12 14:29 - 2020-10-08 23:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-12-11 23:55 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-11 23:51 - 2020-10-08 23:23 - 000452624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-11 20:30 - 2019-03-04 22:13 - 000000000 ____D C:\Users\Ivo\AppData\Local\AVAST Software
2020-12-06 16:51 - 2020-05-03 19:13 - 000000000 ____D C:\Users\Ivo\AppData\Local\PlaceholderTileLogoFolder
2020-12-06 11:15 - 2020-05-03 19:10 - 000000000 ____D C:\Users\Ivo\AppData\Local\Packages
2020-12-05 23:38 - 2019-03-30 21:53 - 000000000 ____D C:\Users\Ivo\AppData\Local\ElevatedDiagnostics
2020-11-27 16:59 - 2020-10-27 08:37 - 000176744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-11-27 16:59 - 2020-05-04 19:55 - 000016816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-11-27 16:59 - 2020-04-21 04:00 - 000521752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000851608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000469832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000332368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000326416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000206408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000109280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000097352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000037152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-11-23 19:30 - 2020-04-07 22:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-23 19:30 - 2019-03-04 20:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-22 18:12 - 2019-03-04 20:19 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk

==================== Files in the root of some directories ========

2020-05-03 20:50 - 2020-05-03 20:57 - 000003970 _____ () C:\Users\Ivo\AppData\Roaming\System Monitor II_CPU0_Settings.ini
2020-05-03 21:03 - 2020-05-03 21:03 - 000000115 _____ () C:\Users\Ivo\AppData\Roaming\System Monitor II_UptimeRecord.ini
2020-05-03 21:07 - 2020-05-03 21:07 - 000000389 _____ () C:\Users\Ivo\AppData\Roaming\Top Process Monitor_Settings.ini
2019-03-28 21:23 - 2019-03-28 21:23 - 000000000 _____ () C:\Users\Ivo\AppData\Local\oobelibMkey.log
2019-03-05 01:11 - 2020-12-16 22:01 - 000007631 _____ () C:\Users\Ivo\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Conder]

Ahoj

To 100 % vytazanie CPU je vidno cez spravcu uloh?

Urob v Malwarebytes uplny sken (v PC by uz mal byt nainstalovany):

• Otvor Malwarebytes a klikni na "Vyhledavac"
• Klikni na "Pokrocile kontroly" a potom na "Nastavit kontrolu"
• Vpravo oznac vsetky disky v PC a vlavo oznac moznost "Skenovani na rootkity"
• Klikni na "Sken" a pockaj na dokoncenie
• Po dokonceni klikni na "Zobrazit zpravu" -> "Export" -> "Kopirovat do schranky"
• Skopirovany log vloz do dalsej odpovede

[Iskr]

Teď nejsem na tom počítači takže Sken přez Malware bytes příp. až odpoledne.
Včera jsem vyfotil správce úloh při vytížení a asi to dělá program RuntimeBroker.exe viz foto.

IMG_20201216_232559.jpg (59.58 KiB) Zobrazeno 1336 x

[Iskr]

Ahoj,
Malwarebytes skenuje soubory již 11hodin.
Je to v pořádku?

[Iskr]

Tak konečně konec.Uf
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 17.12.20
Čas skenování: 23:52
Logovací soubor: 9052286c-40ba-11eb-b6ed-e4115b4669bc.json

-Informace o softwaru-
Verze: 4.3.0.98
Verze komponentů: 1.0.1130
Aktualizovat verzi balíku komponent: 1.0.34469
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 19041.685)
CPU: x64
Systém souborů: NTFS
Uživatel: Ivo-Hp\Ivo

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 871650
Zjištěné hrozby: 8
Hrozby umístěné do karantény: 0
Uplynulý čas: 11 hod, 38 min, 50 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 8
HackTool.Agent, C:\PROGRAM FILES (X86)\ADOBE\ACROBAT 11.0\ACROBAT\AMTEMU.V0.9.1-PAINTER.EXE, Žádná uživatelská akce, 55, 448498, 1.0.34469, 930091A70F50A3E32F811AA4, dds, 01032280, A209B88B9B2CF7339BE0AC5126417875, C2F6D462A20F92B97C49C3AF19872FC4DF6AABD4F66F4B8B298A1303881422F6
PUP.Optional.WirelessNetworkTool, E:\USERS\IVO\DESKTOP\WIRELESSNETVIEW.EXE, Žádná uživatelská akce, 7558, 299476, 1.0.34469, , ame, , 176E902BE9D5FFA93F3D0DA98A6C70F0, 5C60F4600569A3BD86FE73A323C77EB6CB73B1CC1275C53E7FC92A8D1B675418
HackTool.Agent, E:\PROGRAM FILES (X86)\ADOBE\ACROBAT 11.0\ACROBAT\AMTEMU.V0.9.1-PAINTER.EXE, Žádná uživatelská akce, 55, 448498, 1.0.34469, 930091A70F50A3E32F811AA4, dds, 01032280, A209B88B9B2CF7339BE0AC5126417875, C2F6D462A20F92B97C49C3AF19872FC4DF6AABD4F66F4B8B298A1303881422F6
RiskWare.Tool.HCK, E:\DOWNLOADS\PROGRAMY\ADOBE ACROBAT XI PRO 11.0.22 FINAL + CRACK\ADOBE ACROBAT XI PRO 11.0.22 FINAL + CRACK\ADOBE ACROBAT XI PRO 11.0.22 FINAL + CRACK [WWW.TECH-TOOLS.ME]\CRACK\ADOBE CC 2015 UNIVERSAL PATCHER 1.5\ADOBE.SNR.PATCH-PAINTER.EXE, Žádná uživatelská akce, 1027, 69152, 1.0.34469, 0000000000000000000003EB, dds, 01032280, 0D9B7ABE952D6C1DC24750BF47969132, 9EC96E0FACF95D1A08D4761AFF436DAC8318ABD008C7284A4A22347069E8284D
HackTool.Agent, E:\DOWNLOADS\PROGRAMY\ADOBE ACROBAT XI PRO 11.0.22 FINAL + CRACK\ADOBE ACROBAT XI PRO 11.0.22 FINAL + CRACK\ADOBE ACROBAT XI PRO 11.0.22 FINAL + CRACK [WWW.TECH-TOOLS.ME]\CRACK\AMTEMU.V0.9.1.WIN-PAINTER\AMTEMU.V0.9.1-PAINTER.EXE, Žádná uživatelská akce, 55, 448498, 1.0.34469, 930091A70F50A3E32F811AA4, dds, 01032280, A209B88B9B2CF7339BE0AC5126417875, C2F6D462A20F92B97C49C3AF19872FC4DF6AABD4F66F4B8B298A1303881422F6
HackTool.Patcher, E:\DOWNLOADS\PROGRAMY\ADOBE ACROBAT XI PRO 11.0.22 FINAL + CRACK\ADOBE ACROBAT XI PRO 11.0.22 FINAL + CRACK\ADOBE ACROBAT XI PRO 11.0.22 FINAL + CRACK [WWW.TECH-TOOLS.ME]\CRACK\ADOBE.SNR.PATCH.V2.0-PAINTER.ZIP, Žádná uživatelská akce, 2900, 473286, 1.0.34469, 0000000000000000000003EB, dds, 01032280, 0CF0907EA199909CA9C86DE3097FFD21, 7B0BDEDD52B08BBED1DF72F13F333A556286AA6B0E9804422477994A245A4FE6
Malware.AI.226547811, E:\DOWNLOADS\PROGRAMY\ADOBE ACROBAT XI PRO 11.0.22 FINAL + CRACK\ADOBE ACROBAT XI PRO 11.0.22 FINAL + CRACK\ADOBE ACROBAT XI PRO 11.0.22 FINAL + CRACK [WWW.TECH-TOOLS.ME]\CRACK\ADOBE_ACROBAT_PRO_DC_V2015_MULTI-XFORCE.RAR, Žádná uživatelská akce, 1000000, 0, 1.0.34469, 595128D9185524E40D80D863, dds, 01032280, 0D3C899A63F721859E9B9D8D1B1031E1, 163F7E03A28DDD35CF852B2712AEFAA07B460A53C022863006966948F108102B
HackTool.FilePatch, E:\DOWNLOADS\X-BOX\IOBIT DRIVER BOOSTER PRO V3.5.0.788 (CZ,SK)\PATCH\IOBIT DRIVER BOOSTER PRO PATCH.EXE, Žádná uživatelská akce, 2697, 281135, 1.0.34469, , ame, , 4C7B5EFD4FBB95A6C6A3914EBFE917F5, 72805192997CA99F476B972BE7EBD9F809EB9E6CF1BFA173CCA48AFF497A5D98

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[Conder]

Poprosim o obidva nove logy z FRST.

[Iskr]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Ivo (administrator) on IVO-HP (Hewlett-Packard HP ProBook 4530s) (20-12-2020 12:09:13)
Running from C:\Users\Ivo\Desktop
Loaded Profiles: Ivo
Platform: Windows 10 Home Version 20H2 19042.685 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Atheros Communications Inc. -> Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2011.11613.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117344 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [rfagent] => C:\Program Files\RFA 11\rfagent64.exe [3847696 2019-03-25] (Rose City Software -> RoseCitySoftware)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {034A72C3-4CBF-4E2D-B7FB-E577435E2F9B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {07EED79E-E376-4D72-9E4F-8562488734A2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10172379-A741-4E76-886A-675C28945FD5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {10302755-5114-4690-BCCC-86EE4175FCE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {10EF1FA5-30DA-440E-8501-B181CA26183E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {183406E6-E1F5-4FF3-8CA7-9E281B18824D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4617832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
Task: {1D665A80-1BE2-47C0-BEC5-403FC16EB045} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1E3802E5-A275-4812-B1EA-C376150599D9} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {1F3DA1B4-5E7E-4A1D-BF70-E03740CE29FA} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {2AC17D49-4C05-46B3-B431-FEB654873828} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {41F5BDF8-9D0C-4DF7-8C1F-C94755B7BB80} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [348504 2020-11-06] (HP Inc. -> HP Inc.)
Task: {4239DD9B-B1DE-43E8-85D2-5D35310DE5FA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {4485563F-4E90-49B3-8251-86D9A79FC901} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {466DB817-08BA-4641-9965-D3B2F15C407F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {48698ACD-CFC5-45DA-B663-2A72F2E2DB35} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {50F6FB88-226B-4ADE-9895-7863D9D8D202} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {53DFBF5D-4CF8-41DD-B306-3085AB8FD065} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {55889FC6-85D5-48D5-8417-D630F8E0C9C8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-21] (Avast Software s.r.o. -> Avast Software)
Task: {595952AA-5FBC-4313-B252-5419BC6CC600} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6982BC91-9CBA-401A-88CD-B95B0DB27F6F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {6E33370E-68E4-42F3-ABEE-9DDFF2708A36} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {7598C19A-7C96-4BD5-9AC0-8551F9325461} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {78B9BA8D-C3A4-48AF-9ABD-07F6DFA13623} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7C37EE7D-3705-4001-ACF6-27036F53C6DB} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {7D578380-34A5-4DC5-8EF1-3277A03E03F8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-18] (Mozilla Corporation -> Mozilla Foundation)
Task: {7E27AB6D-9F7A-4A89-8DAC-10F8E6C4EA5C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7F0291CE-DDB6-47FA-A4EC-96B25E2DA49D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {86F669D4-E926-41DB-BE83-C352828A2575} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {973000D9-FF7A-4004-8B3D-659A731162DE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9B924B57-B642-47E3-B712-E8B9F6F51036} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {A0814C89-E0E2-4F84-99AB-248476B21B79} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A5B3CA88-2726-4DB6-B9B4-515E247AD569} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B8CE5952-DB19-446F-8FA4-461BA9228CBF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C9DC574C-5264-44F7-AFDA-7155235851C5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CA34D836-7A8F-42DF-9B86-3A0C0FFAC739} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D3413FB4-3B4A-4944-B71C-7F9064D1E3DF} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {D5C4DFE0-9C1E-4290-85CB-1E564A7B5343} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {DF5219B0-59AB-4342-9AE4-2F785E20378B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {E2322AA3-4F7D-4168-AB06-2618217CCA18} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {E640B51B-C7DC-4162-9FE3-9B5BE9C3F4AD} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2018-12-10] (HP Inc. -> HP Inc.)
Task: {E8B59696-9DE1-466E-A750-4F52DD340875} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-09-10] (LENOVO -> Lenovo)
Task: {F0268B6F-7153-4753-A75A-1D51134671E3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F58A056B-FD3B-457F-907C-A88F95A5BF12} - System32\Tasks\Agent Activation Runtime\S-1-5-21-2884157376-2232874990-821542724-1000 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-12-11] (Microsoft Windows -> )
Task: {F71FCC6F-2776-4E33-87E4-FDAFBEC6CD63} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7E42B135-83A3-4449-A563-B228DF2EA2C1}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7E42B135-83A3-4449-A563-B228DF2EA2C1}: [DhcpNameServer] 192.168.1.1

Edge:
======
DownloadDir: C:\Users\Ivo\Downloads
Edge Profile: C:\Users\Ivo\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-20]
Edge Extension: (Outlook) - C:\Users\Ivo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-17]
Edge Extension: (Word) - C:\Users\Ivo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-17]
Edge Extension: (Excel) - C:\Users\Ivo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-17]
Edge Extension: (PowerPoint) - C:\Users\Ivo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-17]

FireFox:
========
FF DefaultProfile: s5tui7ka.default
FF ProfilePath: C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default [2020-12-20]
FF Notifications: Mozilla\Firefox\Profiles\s5tui7ka.default -> hxxps://www.deezer.com; hxxps://www.exasoft.cz; hxxps://www.slevomat.cz
FF Extension: (Tampermonkey) - C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\Extensions\firefox@tampermonkey.net.xpi [2020-11-04]
FF Extension: (uBlock Origin) - C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\Extensions\uBlock0@raymondhill.net.xpi [2020-11-23]
FF Extension: (Anonymous - I am free) - C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\Extensions\{283b426b-78c2-48cf-8cd7-8d3fa4dc101f}.xpi [2019-05-13]
FF Extension: (fractal summer colors) - C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\Extensions\{4d723626-21f9-4179-b157-5fd7094ba414}.xpi [2019-05-14]
FF Extension: (Plná Peněženka Lištička Lite) - C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\Extensions\{85d8e8cc-273a-4845-a75b-4b44377c703c}.xpi [2020-10-31]
FF SearchPlugin: C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\searchplugins\novinkycz.xml [2015-10-06]
FF SearchPlugin: C:\Users\Ivo\AppData\Roaming\Mozilla\Firefox\Profiles\s5tui7ka.default\searchplugins\sfd.xml [2015-08-15]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2019-03-15] [Legacy]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-08-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-07-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8454552 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros Communications Inc. -> Atheros) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [365648 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [3096160 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-16] (Malwarebytes Inc -> Malwarebytes)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37152 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206408 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332368 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97352 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16816 2020-11-27] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42784 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176744 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521752 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 aswNetNd6; C:\WINDOWS\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-21] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109280 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84856 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851608 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469832 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326416 2020-11-27] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-12-16] (Malwarebytes Corporation -> Malwarebytes)
R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-17] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2020-12-20] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2020-12-20] (Malwarebytes Inc -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2020-12-20] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-20 10:45 - 2020-12-20 11:22 - 000002362 _____ C:\Users\Ivo\Desktop\Žitná cihla se špaldou a semínky.txt
2020-12-20 10:43 - 2020-12-20 10:43 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-12-20 10:42 - 2020-12-20 10:42 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-12-20 10:42 - 2020-12-20 10:42 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-12-18 06:26 - 2020-12-18 06:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-17 21:27 - 2020-12-17 21:29 - 021418998 _____ C:\Users\Ivo\Desktop\Nový rastrový obrázek.bmp
2020-12-17 19:49 - 2020-12-20 10:51 - 000000000 ____D C:\Users\Ivo\AppData\LocalLow\IGDump
2020-12-17 19:35 - 2020-12-17 19:35 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-16 22:17 - 2020-12-16 22:18 - 000055620 _____ C:\Users\Ivo\Desktop\Addition.txt
2020-12-16 22:15 - 2020-12-20 12:09 - 000025116 _____ C:\Users\Ivo\Desktop\FRST.txt
2020-12-16 22:14 - 2020-12-20 12:09 - 000000000 ____D C:\FRST
2020-12-16 22:12 - 2020-12-16 22:12 - 002286592 _____ (Farbar) C:\Users\Ivo\Desktop\FRST64.exe
2020-12-16 22:01 - 2020-12-16 22:01 - 000000000 ____D C:\Users\Ivo\AppData\Local\mbam
2020-12-16 22:00 - 2020-12-16 22:00 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-16 22:00 - 2020-12-16 22:00 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-16 22:00 - 2020-12-16 22:00 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-16 22:00 - 2020-12-16 22:00 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-16 22:00 - 2020-12-16 22:00 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-16 22:00 - 2020-12-16 22:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-16 22:00 - 2020-12-16 22:00 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-15 22:59 - 2020-12-18 19:41 - 000001980 _____ C:\Users\Ivo\Desktop\Cibulový chléb.txt
2020-12-11 23:36 - 2020-12-11 23:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-11 23:36 - 2020-12-11 23:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-11 23:36 - 2020-12-11 23:36 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-11 23:36 - 2020-12-11 23:36 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 23:36 - 2020-12-11 23:36 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-11 23:36 - 2020-12-11 23:36 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-11 23:36 - 2020-12-11 23:36 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-11 23:36 - 2020-12-11 23:36 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-11 23:36 - 2020-12-11 23:36 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-11 23:36 - 2020-12-11 23:36 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-11 23:36 - 2020-12-11 23:36 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-11 23:36 - 2020-12-11 23:36 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-11 23:35 - 2020-12-11 23:35 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-11 23:35 - 2020-12-11 23:35 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-11 23:35 - 2020-12-11 23:35 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-11 23:35 - 2020-12-11 23:35 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-11 23:35 - 2020-12-11 23:35 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-11 23:35 - 2020-12-11 23:35 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-11 23:35 - 2020-12-11 23:35 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-11 23:35 - 2020-12-11 23:35 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-11 23:35 - 2020-12-11 23:35 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-11 23:35 - 2020-12-11 23:35 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-10 22:57 - 2020-12-10 23:49 - 000002635 _____ C:\Users\Ivo\Desktop\ŠÉFŮV CHLEBA.txt
2020-12-10 21:29 - 2020-12-12 10:17 - 000002076 _____ C:\Users\Ivo\Desktop\TOASTOVÝ CHLEBA.txt
2020-12-05 21:45 - 2020-12-12 14:00 - 000001420 _____ C:\Users\Ivo\Desktop\Chléb Kubík.txt
2020-11-28 21:49 - 2020-11-28 21:49 - 000001509 _____ C:\Users\Ivo\Desktop\mkvtoolnix-gui.exe – zástupce.lnk
2020-11-28 21:49 - 2020-11-28 21:49 - 000000000 ____D C:\Users\Ivo\AppData\Local\bunkus.org
2020-11-28 21:48 - 2020-11-28 21:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2020-11-28 21:48 - 2020-11-28 21:48 - 000000000 ____D C:\Program Files\MKVToolNix
2020-11-27 16:59 - 2020-11-27 16:59 - 000339552 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-11-27 16:59 - 2020-11-27 16:59 - 000217336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-20 12:00 - 2020-10-08 23:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-20 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-20 11:14 - 2019-03-04 22:13 - 000000000 ____D C:\Users\Ivo\AppData\Local\AVAST Software
2020-12-20 10:50 - 2020-10-08 23:31 - 001841760 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-20 10:50 - 2019-12-07 15:41 - 000752106 _____ C:\WINDOWS\system32\perfh005.dat
2020-12-20 10:50 - 2019-12-07 15:41 - 000162644 _____ C:\WINDOWS\system32\perfc005.dat
2020-12-20 10:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-20 10:44 - 2019-03-04 22:08 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-20 10:43 - 2019-03-04 20:19 - 000000000 ____D C:\Users\Ivo\AppData\LocalLow\Mozilla
2020-12-20 10:42 - 2020-10-08 23:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-19 22:58 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-19 22:56 - 2020-04-07 22:45 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-19 22:56 - 2019-03-04 20:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-19 22:54 - 2020-05-04 23:51 - 000000000 ____D C:\Users\Ivo\AppData\Local\CrashDumps
2020-12-19 22:54 - 2019-03-10 19:17 - 000000000 ____D C:\Users\Ivo\AppData\Roaming\uTorrent
2020-12-19 22:36 - 2019-10-03 11:44 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-12-19 16:38 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-19 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-19 09:36 - 2020-06-04 21:57 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-18 23:25 - 2020-10-09 08:20 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d69dc2556e07cb
2020-12-18 23:25 - 2020-10-08 23:31 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-18 23:25 - 2020-10-08 23:31 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-18 23:25 - 2020-10-08 23:31 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2884157376-2232874990-821542724-1000
2020-12-18 23:25 - 2020-10-08 23:31 - 000002612 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2020-12-18 23:25 - 2020-10-08 23:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-12-18 06:26 - 2019-03-04 20:19 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-16 22:01 - 2019-03-05 01:11 - 000007631 _____ C:\Users\Ivo\AppData\Local\resmon.resmoncfg
2020-12-16 22:00 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-16 19:46 - 2020-10-08 23:24 - 000002391 _____ C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-16 19:46 - 2020-05-03 19:18 - 000000000 ___RD C:\Users\Ivo\OneDrive
2020-12-15 13:06 - 2020-10-08 23:24 - 000000000 ____D C:\Users\Ivo
2020-12-14 22:01 - 2020-10-08 23:31 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-13 18:19 - 2019-03-04 20:35 - 000000000 ____D C:\Program Files (x86)\HP
2020-12-11 23:55 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-11 23:51 - 2020-10-08 23:23 - 000452624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-11 23:50 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-06 16:51 - 2020-05-03 19:13 - 000000000 ____D C:\Users\Ivo\AppData\Local\PlaceholderTileLogoFolder
2020-12-06 11:15 - 2020-05-03 19:10 - 000000000 ____D C:\Users\Ivo\AppData\Local\Packages
2020-12-05 23:38 - 2019-03-30 21:53 - 000000000 ____D C:\Users\Ivo\AppData\Local\ElevatedDiagnostics
2020-11-27 16:59 - 2020-10-27 08:37 - 000176744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-11-27 16:59 - 2020-05-04 19:55 - 000016816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-11-27 16:59 - 2020-04-21 04:00 - 000521752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000851608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000469832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000332368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000326416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000206408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000109280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000097352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000084856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000042784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-11-27 16:59 - 2019-03-04 22:11 - 000037152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys

==================== Files in the root of some directories ========

2020-05-03 20:50 - 2020-05-03 20:57 - 000003970 _____ () C:\Users\Ivo\AppData\Roaming\System Monitor II_CPU0_Settings.ini
2020-05-03 21:03 - 2020-05-03 21:03 - 000000115 _____ () C:\Users\Ivo\AppData\Roaming\System Monitor II_UptimeRecord.ini
2020-05-03 21:07 - 2020-05-03 21:07 - 000000389 _____ () C:\Users\Ivo\AppData\Roaming\Top Process Monitor_Settings.ini
2019-03-28 21:23 - 2019-03-28 21:23 - 000000000 _____ () C:\Users\Ivo\AppData\Local\oobelibMkey.log
2019-03-05 01:11 - 2020-12-16 22:01 - 000007631 _____ () C:\Users\Ivo\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Ivo (20-12-2020 12:11:02)
Running from C:\Users\Ivo\Desktop
Windows 10 Home Version 20H2 19042.685 (X64) (2020-10-08 22:31:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2884157376-2232874990-821542724-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2884157376-2232874990-821542724-503 - Limited - Disabled)
Guest (S-1-5-21-2884157376-2232874990-821542724-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2884157376-2232874990-821542724-1002 - Limited - Enabled)
Ivo (S-1-5-21-2884157376-2232874990-821542724-1000 - Administrator - Enabled) => C:\Users\Ivo
WDAGUtilityAccount (S-1-5-21-2884157376-2232874990-821542724-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.22 - Adobe Systems)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.9.2437 - Avast Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Deezer 4.17.1 (HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\{67490f87-0893-5593-ae76-b1e5d0acd13f}) (Version: 4.17.1 - Deezer)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Excel (HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
HP Support Assistant (HKLM-x32\...\{1E14ACF0-1480-4467-A73D-67C4FD35A5F4}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{A0310A3B-73AB-4E81-ABB6-8D4CEF8C0AA6}) (Version: 12.18.34.21 - HP Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MKVToolNix 51.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 51.0.0 - Moritz Bunkus)
Mozilla Firefox 84.0 (x64 cs) (HKLM\...\Mozilla Firefox 84.0 (x64 cs)) (Version: 84.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
Outlook (HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
Registry First Aid 11 (HKLM\...\RFA11_is1) (Version: 11.3.0 - RoseCitySoftware)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.36.0 - Renesas Electronics Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Word (HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-05-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2884157376-2232874990-821542724-1000_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Ivo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) [File not signed]
CustomCLSID: HKU\S-1-5-21-2884157376-2232874990-821542724-1000_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Ivo\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) [File not signed]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-11-27] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-12-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\Ivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Loaded Modules (Whitelisted) =============

2012-09-23 20:44 - 2012-09-23 20:44 - 000010240 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2020-12-12 06:56 - 2020-12-12 06:56 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\A4.Foundation\299bf2e4e23af02175445e6a26f183b3\A4.Foundation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\a24c26eba4ea3ddce65e74fa4668e293\AEM.Actions.CCAA.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\b1c480fea6a1f23d52c3e56efa0e3568\AEM.Plugin.EEU.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\ab84ec371d67664b2b3835984aa2dce2\AEM.Plugin.Hotkeys.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\067d1b4cc2a05184c6e0a89aaee60af6\AEM.Plugin.DPPE.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\f535d9aad773e6d356547f8e5efc5a55\AEM.Plugin.Source.Kit.Server.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\20e43f89b55b6c6d58c04b22890cbbc3\AEM.Plugin.WinMessages.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\2cb21aaa54b1116e4ceda042a9d4ce1e\AEM.Plugin.REG.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\a0c3b8ce9c35481a6521f517227bbbe2\AEM.Plugin.GD.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\6cfd22563e0e2c727f094a3de46cf569\AEM.Server.Shared.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\8e824043be59343847600763c50d6229\AEM.Server.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Foundation\8b0dfc591b480594610bbaa94430d4db\APM.Foundation.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\4f9523253033d141734969c0866c932c\ATICCCom.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\af1df7a28635d8dc2019da4ad419ebaa\CCC.Implementation.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000154112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\cd69cd6c682b5af8e5d39cf83d69e86b\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\c473afacd64a10cb325e6c9ac524f824\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\1de0b258089f746ad04d1233cf969b29\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\dd5cc863637abdfb436e9ceaee87b61a\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\119e8f5a6e9313af4844f1cb23d04601\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\bf72cdb8017728ac2915993a05842fee\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\7d0c76fec9fac2df51435a2a0f823cde\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\7ee8d68f2500cbf06d0e1339d0509d76\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\ea99ad5efa6b77f631f17f3f6514113d\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\b25d1017d66178bbb77c5038da1e5327\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000365056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\e51ade072914adc16c9cc1a4eb929b0b\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\d8be2b25b0caf7f3d2433074ff98e9bb\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\5c996f5c11ac17ef06f84931ef195935\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\528e8766b99ec47ea476e036a210492b\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000449536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\65cd434862baef10fc07bd43d6d2167e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\7f049fbbcaafea4d4220a3b532b5c57b\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\ebccb64be88b1b07b48f2652531555a7\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\d52f956e96982557fc647f907c8b6ba8\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\59f37443a686efbf0c52772f1db24e0e\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\7b74f226074a5fac1e09e0def576b8c4\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\3e009bed5e4d5046f36f132a1b75aa95\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\e62039c5f426da0d2aa0415ba6806c9e\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000096256 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4f2f79c#\44975e3ee24433a1e9af1a654e25d48e\CLI.Aspect.CrossFireX.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\24a2cc20fd43f0a9ca86f44040cb1067\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\711a19b2cdab61f725d7b781b2b2978e\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\44b63310c195cfc86fdc7b385b24d1af\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\2597fa5cfc6bbd186558dd3ddb3875f3\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\0e5e46fe8262765fc01f531393cea826\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\1b793612380f60d287e5c5f86122e89c\CLI.Caste.A4.Runtime.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\0f047cf9e2239851a811b935d7b109d0\CLI.Caste.A4.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\1ac15d58e991bba3119174c4cacbd430\CLI.Caste.A4.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\756be47d421c14309af0c8d9dddc6a29\CLI.Caste.Fuel.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\237f6779fe63e0a2c1d282dcaae5138d\CLI.Caste.Fuel.Runtime.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\0b593db358de3dccf526e300e41ec80b\CLI.Caste.Fuel.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\a5e2e36025e5e42aeff913bbda1aa6d6\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 001555456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\90403123119c49c266bf1258a7b5a427\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\c3db145be9238bed851ff93311846c1e\CLI.Caste.Graphics.Dashboard.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\67666baee565c9b0f6a67df38462c2f3\CLI.Caste.HydraVision.Runtime.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\be62787dd2bab6bbe758bb473b72c8e4\CLI.Caste.HydraVision.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\afe6578340859949a1f8c04b3ec1a950\CLI.Caste.HydraVision.Dashboard.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\0552c276520bab46992e3d931c858708\CLI.Caste.Platform.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\753c0337e60bbef84ae2e4d415b423f7\CLI.Caste.Platform.Runtime.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\2b493f8b9b0a19c02d3185fd55a06479\CLI.Caste.Platform.Dashboard.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\0619ae2c3e8cc53377fbecef51f243ed\CLI.Component.Runtime.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\c518078f056b4bfe362824a0c2eb6a1d\CLI.Component.Systemtray.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\a5d4f7bc274570e961d31ef54ab7a5b6\CLI.Component.Dashboard.ProfileManager2.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\780c8bd8339ff2def14b0207cd808a3b\CLI.Component.Runtime.Shared.Private.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\c2b5ee81f835f248ac92e192a11b37f2\CLI.Component.Runtime.Extension.EEU.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\af1109fbe4d7fc6179633ab8d88da5e7\CLI.Component.Dashboard.Shared.Private.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\6b3ed4c60de00ed811251fa44d4ba20d\CLI.Component.Client.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\007e57a69242e84ff334564a788165c0\CLI.Component.Dashboard.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000495104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Component.Eeu\bd601c8af027275ad0aa1623c49e12bf\CLI.Component.Eeu.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\a0a2b615cdc294c7d3af29f42d6f3369\CLI.Foundation.Private.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\4e50f43f222133081bca51d4ec374497\CLI.Foundation.XManifest.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\bcdee5c6fe25466f8c29767f6b2b1294\CLI.Foundation.CoreAudioAPI.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 001079808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\7ae69decea6a4aa96956ffd2f2a3c7c7\CLI.Foundation.Client.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\0d8463856ff1e00efd68259f58d6728c\CLI.Foundation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\5d12a5ba7cfcf92e2bdedb9c65064c74\DEM.Foundation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\5658790b6d8ee4f840d1ca57866316ce\DEM.Graphics.I0601.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\dfa1099aca23fc47444238db01432d1e\DEM.Graphics.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\7224c4f48b25b446a37e68bf70496628\Fuel.Foundation.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\a78770c1aa6c2dab44748ff83862ffd8\LOG.Foundation.Implementation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\bb140c3f749aad3e194c37b732486584\LOG.Foundation.Private.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\941a6700366b94ec64b62cc506f95d74\LOG.Foundation.Implementation.Private.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\8bffc8512084e42bddfb1d3d77870062\LOG.Foundation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\c718fcd8c25b703ccad4cb802f9c7dca\MOM.Foundation.ni.dll
2020-12-12 06:59 - 2020-12-12 06:59 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\942416935b21cacc907f56d100506704\MOM.Implementation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\ae9a13269043d55e4140d5868270661d\NEWAEM.Foundation.ni.dll
2015-11-04 15:40 - 2015-11-04 15:40 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\79c00831b1c30bf18fb586d85535361d\ADL.Foundation.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Server\11725f354a5e8c6ce052906bd4a8e5e8\APM.Server.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000783872 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.79734f7a#\afe147c6208bc23f2a925029af109475\CLI.Aspect.PowerXpress.Graphics.Runtime.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000357888 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b3da5a8f#\37acbd45f67c3cc7e678f66a363091f5\CLI.Aspect.PowerXpress.Graphics.Shared.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000595456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d4846ba2#\56881ab2c6fcc6c32f4e6ff58191142a\CLI.Aspect.PowerXpress.Graphics.Dashboard.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\e186c12376d44c5b6a15c283351ab6dd\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\fbe1091865f44020e04b0a581e5b965c\CLI.Component.Client.Shared.Private.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\e6ebbe99ad169505a7b1614029784799\CLI.Component.Runtime.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\9f85e53cf5df5a8956d5924c1641875a\CLI.Component.Dashboard.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000011264 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0702\b412bf450c79457c9c6e02719fef3a99\DEM.Graphics.I0702.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\5252f14189e3677767b454164fb541cf\DEM.Graphics.I0709.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000009728 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0710\8eeed39b8e461125c3b64ec004190ba5\DEM.Graphics.I0710.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\5e93aedbce33eb9d7f84de52de38623c\DEM.Graphics.I0712.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\aa9984e9a16523bb1fd71b855c687aa6\DEM.Graphics.I0804.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000009728 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0901\2fe32ec8719bc5e139d20434f117fd6f\DEM.Graphics.I0901.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\58c6e0a82fa1629f5583fd56b7323d3c\DEM.Graphics.I0906.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\4fe945ea0f126bb4dccba474e3ee74dd\DEM.Graphics.I1010.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\850f9ba397907bdd65f8b39b38d30802\Localization.Foundation.Private.ni.dll
2020-12-12 06:59 - 2020-12-12 06:59 - 000244736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\df9086090f8f6de10c94d705341b97b2\ResourceManagement.Foundation.Implementation.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\efe86db00af2e0b19c8260888e88ed76\ResourceManagement.Foundation.Private.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\a802237af3bb77d74574a5a45b0f1093\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2020-12-12 06:56 - 2020-12-12 06:56 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\4a7c17df5f87f28d7f3bf2f2aee0ca6c\CLI.Caste.Graphics.Shared.ni.dll
2020-12-12 06:58 - 2020-12-12 06:58 - 003268096 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\38fb846f3a344f93b10dfd7394da66e1\CLI.Caste.Graphics.Runtime.ni.dll
2011-01-06 20:07 - 2011-01-06 20:07 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
2020-10-08 23:25 - 2020-10-08 23:25 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL
2020-12-12 06:57 - 2020-12-12 06:57 - 000335360 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\4f0fd874313da401477c46c3cec85dc9\Microsoft.WindowsAPICodePack.ni.dll
2020-12-12 06:57 - 2020-12-12 06:57 - 002546688 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\afcccd3abf9b676c4caf03c205a9fc45\Microsoft.WindowsAPICodePack.Shell.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-06] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2017-07-26] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2017-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-05-13 07:28 - 2020-05-13 07:28 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2884157376-2232874990-821542724-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AthBtTray"
HKLM\...\StartupApproved\Run: => "rfagent"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKU\S-1-5-21-2884157376-2232874990-821542724-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{84D9F034-45F2-4A09-8C3C-22BD87319052}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C0282EE2-8654-4C8A-BF12-F925724307AC}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4216625A-9EFE-48CB-B77E-2B8702CCCEDF}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6A9BC8A0-9421-44DC-B383-8D6AE0067C54}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{37812F76-1CD2-4AD6-8DCE-11EA69AE8DAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{AEF6C2D7-167C-45F0-ADB5-D1EEC05EC023}C:\users\ivo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{1509E5A0-698B-41EC-BDD4-3DE580B26B1D}C:\users\ivo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\ivo\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{B8E0B32D-BDC9-4A2E-9250-15150F0062BB}] => (Allow) C:\Users\Ivo\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{6E3B8E04-4684-49C3-9C27-788EE67D3299}] => (Allow) C:\Users\Ivo\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{44192D8B-4434-4218-B208-3E409504F6F8}C:\users\ivo\appdata\local\programs\deezer-desktop\deezer.exe] => (Allow) C:\users\ivo\appdata\local\programs\deezer-desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [UDP Query User{F7BA1E34-3BCC-4E85-B495-DB95F62420A3}C:\users\ivo\appdata\local\programs\deezer-desktop\deezer.exe] => (Allow) C:\users\ivo\appdata\local\programs\deezer-desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [{E9BA7A60-4503-440F-A9EF-B2D65A8CEEAB}] => (Block) C:\users\ivo\appdata\local\programs\deezer-desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [{2EF0ED40-A8B1-48D5-A1E0-6EA64D82455E}] => (Block) C:\users\ivo\appdata\local\programs\deezer-desktop\deezer.exe (Deezer -> Deezer)
FirewallRules: [{17A56CCD-F824-48E0-A1F5-C7086FD338A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5752A40-0776-40F3-855B-DCAABCBBEF4D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AB7E805A-1F61-4513-B6F4-4F89B0345C53}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{96CA762B-5484-4C21-96A7-4E0CC06361FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

01-12-2020 17:56:08 Naplánovaný kontrolní bod
10-12-2020 17:59:41 Naplánovaný kontrolní bod
11-12-2020 23:23:09 Instalační služba modulů systému Windows
18-12-2020 23:45:22 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/19/2020 10:54:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.685, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0xaa8
Čas spuštění chybující aplikace: 0x01d6d56d6d1e0d96
Cesta k chybující aplikaci: C:\Users\Ivo\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: c04207a1-a776-492c-83ac-9dee0d2f2376
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/19/2020 01:56:53 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HP_TOOLS (G:), protože: Tato operace není v tomto systému souborů podporována. (0x89000020)

Error: (12/19/2020 01:56:52 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HP_RECOVERY (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/19/2020 01:56:51 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (E:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/19/2020 01:35:11 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na SYSTEM (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (12/12/2020 12:38:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SpywareTerminator.exe verze 3.0.1.112 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: b20

Čas spuštění: 01d6d0740fff567e

Čas ukončení: 33

Cesta k aplikaci: C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe

ID hlášení: 1b93fd8c-17c1-4fcf-8a95-aa743a448615

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (12/12/2020 11:16:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro E:\windows\avastSS.scr se nezdařilo.
Závislé sestavení Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/12/2020 08:44:28 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na HP_TOOLS (G:), protože: Tato operace není v tomto systému souborů podporována. (0x89000020)


System errors:
=============
Error: (12/20/2020 10:42:23 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/19/2020 10:56:45 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/17/2020 07:34:52 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/16/2020 06:37:01 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/15/2020 10:53:52 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/15/2020 01:00:20 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (12/15/2020 01:00:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:39:08, ‎15.‎12.‎2020) bylo neočekávané.

Error: (12/15/2020 12:39:02 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.


CodeIntegrity:
===================================

Date: 2020-12-20 11:42:44.4910000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-12-20 11:28:25.6880000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-20 11:28:25.6690000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-20 11:28:25.6330000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-20 10:43:44.2040000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-20 10:43:44.1610000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-20 10:43:44.1170000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-12-20 10:43:44.0510000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Hewlett-Packard 68SRR Ver. F.40 03/12/2013
Motherboard: Hewlett-Packard 167C
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 56%
Total physical RAM: 8126.36 MB
Available physical RAM: 3508.13 MB
Total Virtual: 8126.36 MB
Available Virtual: 3510.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:953.12 GB) (Free:805.08 GB) NTFS
Drive d: (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: () (Fixed) (Total:676.77 GB) (Free:179.18 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_RECOVERY) (Fixed) (Total:16.57 GB) (Free:2.49 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.1 GB) FAT32

\\?\Volume{fbb94c43-3ead-11e9-8f0d-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{e785f085-0000-0000-0000-e04dee000000}\ () (Fixed) (Total:0.65 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 953.9 GB) (Disk ID: E785F085)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=953.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=666 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: D0B5D163)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=676.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End of Addition.txt =======================

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  ExportKey: HKLM\SOFTWARE\Policies\Mozilla\Firefox
  ExportKey: HKLM\SOFTWARE\Policies\Google
  ExportKey: HKLM\System\CurrentControlSet\Services\idsvc
  
  GroupPolicy: Restriction ? <==== ATTENTION
  Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
  Task: {034A72C3-4CBF-4E2D-B7FB-E577435E2F9B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
  Task: {07EED79E-E376-4D72-9E4F-8562488734A2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
  Task: {10172379-A741-4E76-886A-675C28945FD5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {1F3DA1B4-5E7E-4A1D-BF70-E03740CE29FA} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
  Task: {2AC17D49-4C05-46B3-B431-FEB654873828} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {4239DD9B-B1DE-43E8-85D2-5D35310DE5FA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
  Task: {4485563F-4E90-49B3-8251-86D9A79FC901} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
  Task: {466DB817-08BA-4641-9965-D3B2F15C407F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {50F6FB88-226B-4ADE-9895-7863D9D8D202} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
  Task: {53DFBF5D-4CF8-41DD-B306-3085AB8FD065} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {7598C19A-7C96-4BD5-9AC0-8551F9325461} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {78B9BA8D-C3A4-48AF-9ABD-07F6DFA13623} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {7E27AB6D-9F7A-4A89-8DAC-10F8E6C4EA5C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
  Task: {7F0291CE-DDB6-47FA-A4EC-96B25E2DA49D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {973000D9-FF7A-4004-8B3D-659A731162DE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {9B924B57-B642-47E3-B712-E8B9F6F51036} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
  Task: {A0814C89-E0E2-4F84-99AB-248476B21B79} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {A5B3CA88-2726-4DB6-B9B4-515E247AD569} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {B8CE5952-DB19-446F-8FA4-461BA9228CBF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {C9DC574C-5264-44F7-AFDA-7155235851C5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {CA34D836-7A8F-42DF-9B86-3A0C0FFAC739} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
  Task: {D3413FB4-3B4A-4944-B71C-7F9064D1E3DF} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
  Task: {DF5219B0-59AB-4342-9AE4-2F785E20378B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
  Task: {F0268B6F-7153-4753-A75A-1D51134671E3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
  Task: {F71FCC6F-2776-4E33-87E4-FDAFBEC6CD63} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
  U3 idsvc; no ImagePath
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[Iskr]

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Ivo (21-12-2020 15:16:36) Run:1
Running from C:\Users\Ivo\Desktop
Loaded Profiles: Ivo
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
ExportKey: HKLM\SOFTWARE\Policies\Mozilla\Firefox
ExportKey: HKLM\SOFTWARE\Policies\Google
ExportKey: HKLM\System\CurrentControlSet\Services\idsvc

GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {034A72C3-4CBF-4E2D-B7FB-E577435E2F9B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {07EED79E-E376-4D72-9E4F-8562488734A2} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {10172379-A741-4E76-886A-675C28945FD5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1F3DA1B4-5E7E-4A1D-BF70-E03740CE29FA} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {2AC17D49-4C05-46B3-B431-FEB654873828} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4239DD9B-B1DE-43E8-85D2-5D35310DE5FA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {4485563F-4E90-49B3-8251-86D9A79FC901} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {466DB817-08BA-4641-9965-D3B2F15C407F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {50F6FB88-226B-4ADE-9895-7863D9D8D202} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {53DFBF5D-4CF8-41DD-B306-3085AB8FD065} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7598C19A-7C96-4BD5-9AC0-8551F9325461} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {78B9BA8D-C3A4-48AF-9ABD-07F6DFA13623} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7E27AB6D-9F7A-4A89-8DAC-10F8E6C4EA5C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7F0291CE-DDB6-47FA-A4EC-96B25E2DA49D} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {973000D9-FF7A-4004-8B3D-659A731162DE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9B924B57-B642-47E3-B712-E8B9F6F51036} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {A0814C89-E0E2-4F84-99AB-248476B21B79} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A5B3CA88-2726-4DB6-B9B4-515E247AD569} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8CE5952-DB19-446F-8FA4-461BA9228CBF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C9DC574C-5264-44F7-AFDA-7155235851C5} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CA34D836-7A8F-42DF-9B86-3A0C0FFAC739} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D3413FB4-3B4A-4944-B71C-7F9064D1E3DF} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {DF5219B0-59AB-4342-9AE4-2F785E20378B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {F0268B6F-7153-4753-A75A-1D51134671E3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F71FCC6F-2776-4E33-87E4-FDAFBEC6CD63} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
U3 idsvc; no ImagePath

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 390
Average :
Sum : 1691649249
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

================== ExportKey: ===================

[HKLM\SOFTWARE\Policies\Mozilla\Firefox]
[HKLM\SOFTWARE\Policies\Mozilla\Firefox\Certificates]
"ImportEnterpriseRoots"="1"

=== End of ExportKey ===
================== ExportKey: ===================

[HKLM\SOFTWARE\Policies\Google]
[HKLM\SOFTWARE\Policies\Google\Chrome]

=== End of ExportKey ===
================== ExportKey: ===================

[HKLM\System\CurrentControlSet\Services\idsvc]
"FailureActions"="840300000000000000000000030000001400000001000000c0d4010001000000e09304000000000000000000"
"Start"="3"

=== End of ExportKey ===
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{034A72C3-4CBF-4E2D-B7FB-E577435E2F9B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{034A72C3-4CBF-4E2D-B7FB-E577435E2F9B}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07EED79E-E376-4D72-9E4F-8562488734A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07EED79E-E376-4D72-9E4F-8562488734A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10172379-A741-4E76-886A-675C28945FD5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10172379-A741-4E76-886A-675C28945FD5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F3DA1B4-5E7E-4A1D-BF70-E03740CE29FA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F3DA1B4-5E7E-4A1D-BF70-E03740CE29FA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AC17D49-4C05-46B3-B431-FEB654873828}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AC17D49-4C05-46B3-B431-FEB654873828}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4239DD9B-B1DE-43E8-85D2-5D35310DE5FA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4239DD9B-B1DE-43E8-85D2-5D35310DE5FA}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4485563F-4E90-49B3-8251-86D9A79FC901}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4485563F-4E90-49B3-8251-86D9A79FC901}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{466DB817-08BA-4641-9965-D3B2F15C407F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{466DB817-08BA-4641-9965-D3B2F15C407F}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50F6FB88-226B-4ADE-9895-7863D9D8D202}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50F6FB88-226B-4ADE-9895-7863D9D8D202}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\SqlLiteRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53DFBF5D-4CF8-41DD-B306-3085AB8FD065}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53DFBF5D-4CF8-41DD-B306-3085AB8FD065}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7598C19A-7C96-4BD5-9AC0-8551F9325461}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7598C19A-7C96-4BD5-9AC0-8551F9325461}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78B9BA8D-C3A4-48AF-9ABD-07F6DFA13623}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78B9BA8D-C3A4-48AF-9ABD-07F6DFA13623}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E27AB6D-9F7A-4A89-8DAC-10F8E6C4EA5C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E27AB6D-9F7A-4A89-8DAC-10F8E6C4EA5C}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F0291CE-DDB6-47FA-A4EC-96B25E2DA49D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F0291CE-DDB6-47FA-A4EC-96B25E2DA49D}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ActivateWindowsSearch" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{973000D9-FF7A-4004-8B3D-659A731162DE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{973000D9-FF7A-4004-8B3D-659A731162DE}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\DispatchRecoveryTasks" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B924B57-B642-47E3-B712-E8B9F6F51036}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B924B57-B642-47E3-B712-E8B9F6F51036}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\End Of Support\Notify2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0814C89-E0E2-4F84-99AB-248476B21B79}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0814C89-E0E2-4F84-99AB-248476B21B79}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5B3CA88-2726-4DB6-B9B4-515E247AD569}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5B3CA88-2726-4DB6-B9B4-515E247AD569}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8CE5952-DB19-446F-8FA4-461BA9228CBF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8CE5952-DB19-446F-8FA4-461BA9228CBF}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C9DC574C-5264-44F7-AFDA-7155235851C5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9DC574C-5264-44F7-AFDA-7155235851C5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA34D836-7A8F-42DF-9B86-3A0C0FFAC739}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA34D836-7A8F-42DF-9B86-3A0C0FFAC739}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D3413FB4-3B4A-4944-B71C-7F9064D1E3DF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3413FB4-3B4A-4944-B71C-7F9064D1E3DF}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\End Of Support\Notify1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF5219B0-59AB-4342-9AE4-2F785E20378B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF5219B0-59AB-4342-9AE4-2F785E20378B}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F0268B6F-7153-4753-A75A-1D51134671E3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0268B6F-7153-4753-A75A-1D51134671E3}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F71FCC6F-2776-4E33-87E4-FDAFBEC6CD63}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F71FCC6F-2776-4E33-87E4-FDAFBEC6CD63}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 555322737 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 321342319 B
Edge => 2804927 B
Chrome => 0 B
Firefox => 563412337 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 208770 B
NetworkService => 208770 B
Ivo => 42774679 B

RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:17:53 ====

[Conder]

Plocha ma cca 1.5 GB. Odporucam presunut vsetky subory a zlozky z plochy do dokumentov a na ploche nechat iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Spusti kontrolu integrity systemovych suborov:

• Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
• Skopiruj a spusti prikaz:

  Kód: Vybrat vše

  DISM.exe /Online /Cleanup-image /Restorehealth

• Po dokonceni skopiruj a spusti druhy prikaz:

  Kód: Vybrat vše

  sfc /scannow

• Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

  Kód: Vybrat vše

  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt

• Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
• Restartuj PC a napis ako sa chova PC

[Iskr]

Fixlog.rar

(2.76 KiB) Staženo 52 x

[Iskr]

dism.rar

(63.72 KiB) Staženo 47 x

[Iskr]

Bohužel žádná změna stále vytížení CPU na plno viz fotka. Jen jsem zjistil že když ukončím proces RuntimeBroker.exe tak je potom klid po restartu je ale vše při starém. Fakt by mě zajimalo kterou aplikací se ten RuntimeBroker aktivuje a pohnutím myši nebo jakoukoli klávesou se vytížení CPU zníží na minimum.

Sledování prostředků.jpg (78.74 KiB) Zobrazeno 1253 x

[Conder]

V PC su spustene 2 antivirusove programy sucasne - Avast aj realna ochrana v Malwarebytes. Odporucam jeden vypnut.

Dalej skus nasledovne: otvor start -> Nastavenia -> System -> Oznamenia a akcie -> zrus moznost "Zobrazovat tipy, triky a navrhy pri pouzivani Windowsu" -> restartuj PC a vyskusaj, ci nastala zmena

Prejavuje sa to vytazenie CPU aj zvysenymi otackami ventilatora alebo teplotami?

[Iskr]

Bohužel po restartu žádná změna. Ano při vytížení jede ventilátor naplno a CPU topí.