Prosím o kontrolu logu opakovaně kritická chyba modrá obr
Napsal: 21 pro 2019 11:56
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2019
Ran by JZ (administrator) on JZ-PC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (21-12-2019 11:56:31)
Running from C:\Users\JZ\Downloads
Loaded Profiles: JZ & DefaultAppPool (Available Profiles: oem & JZ & DefaultAppPool)
Platform: Windows 10 Home Version 1903 18362.418 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acronis, Inc -> ) C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
(Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Users\JZ\Portable apps\PortableApps\totalcmd 8.x 64 bit\TOTALCMD64.EXE
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TrueCrypt Foundation -> TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [140568 2008-03-06] (Acronis, Inc -> Acronis)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803976 2016-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5123216 2012-06-08] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2615688 2008-03-06] (Acronis, Inc -> Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [910744 2008-03-06] (Acronis, Inc -> Acronis)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\...\Run: [TrueCrypt] => C:\Program Files\TrueCrypt\TrueCrypt.exe [1488312 2016-01-24] (TrueCrypt Foundation -> TrueCrypt Foundation)
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\...\Run: [Spybot-S&D Cleaning] => C:\Users\JZ\Portable apps\PortableApps\SpybotPortable\App\Spybot\SDCleaner.exe [7388488 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\...\Run: [AvastBrowserAutoLaunch_D1090998FFC75E8B371CF405D6DD316D] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\...\Run: [GoogleChromeAutoLaunch_6FFAB35E81609EE8D3943CD0A4622957] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1704944 2019-12-14] (Google LLC -> Google LLC)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2152.121\Installer\chrmstp.exe [2019-11-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Lsa: [Authentication Packages] relog_ap msv1_0
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0091D8C2-56A4-4706-9F2A-786049289F0D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {03BAAF96-692F-417B-A41C-D66A408AB527} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0F1FB08F-18A5-4D9A-B997-4E83190107F2} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {1946967F-DF98-4BBA-89C9-75A1DA19B3C8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1A57D447-D9D9-42E4-B18B-F2F0594607A1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {1CA276AA-9475-48F1-8360-70589C820312} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-07-26] (AVAST Software s.r.o. -> AVAST Software)
Task: {1F9D7B68-4BF5-42E3-BACF-AD445A5F72BA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {200F0DF8-0BED-4367-B9BE-0F9BD43C3EFF} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1138320 2018-01-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {23998F29-6278-4CFE-AC75-69BDD680C65E} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {28993864-D6B2-4992-9D96-1524912F58CA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {315812EF-79EB-4FC7-857C-0A939D2ACBEF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {340F0B46-6A55-4504-8E4E-69092022E15A} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {3C98A270-EC79-4F97-AD55-88725A876A4C} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-07-26] (AVAST Software s.r.o. -> AVAST Software)
Task: {3D0C9D78-61CB-4435-A5D0-97A3F5B0173D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [336952 2019-09-27] (Adobe Inc. -> Adobe)
Task: {3DB81B8F-9282-441B-8487-9368CEF0360A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {3E6722EE-7285-4638-9135-A8489592906C} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {4012AACA-0BD1-49E7-BA3A-FF516867B40F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4103378D-0736-4581-9BF2-298951882145} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {43A42E61-0446-4F48-A444-B7C821F8E9C8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {462A3458-3615-482F-A30A-BB937C7D03E7} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {471398B8-D4E7-45A4-B37D-7BB784D5CB6F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {49B2CD80-FD31-4E93-AD02-FB6C79570DAF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {4F46257A-8547-4B6D-B209-40EDFD002369} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {56D83433-BF6C-441A-8AC8-1F529282861D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5EBB7D0A-BADA-4A16-99BD-A7BAD8C37D17} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {60EC0E6B-74A5-44A5-AFF1-D8A0395123C0} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {630C8751-F9BD-418D-A136-0EBD7EFFC106} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {66550BF9-D7A0-4CD9-9D53-746CE9021F79} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6E2BA973-4206-419B-94B5-A89898A49219} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-11] (Google Inc -> Google Inc.)
Task: {716B8088-3773-402E-A6FF-285B00638D4E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {722BC1B9-603B-4612-977D-ED8B32437EEB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {74458F35-5396-4E6E-9158-82E865B2FC4C} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {7732F590-0BBE-48ED-98F7-5B3248152FCD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {78BE7DF3-BA93-4794-BB61-35662E7EE29F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {79224657-542B-4B18-A068-8EBEEF0155B8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7E0DE717-4F44-49E9-83C2-EEE08D40055F} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe [147232 2017-12-11] (IObit Information Technology -> IObit)
Task: {814A7409-FE32-49EB-9DF6-6315CF420493} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {83E5DF5C-887C-4FA1-99DE-7D3D833B203B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8ECF746F-572B-4063-97FE-DCBA3021EC3E} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Task: {982D1C34-783A-4394-9297-EA93CCFC821D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {993A31EE-68ED-4232-8A91-BD0C9E051D1E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A5868B22-465F-4310-A98D-D7627AEFC544} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B178B0EC-9D5F-4A5F-B2F0-1246A8E826C7} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B3DCADB1-4D0E-42C6-80C1-840606829363} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B488BFC3-716C-4648-84CB-86030A0C3ED5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B5873A0D-344A-465C-AE3E-1C26069C8276} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {B6244F12-E8B1-4EF5-80C7-55F78E2D181B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B720956D-63ED-4F72-B84C-3920CE390C04} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8B4141D-2A6F-4596-8B7C-5FB5B21DABD0} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {B8D632E3-BC09-42EB-AC36-AD4EB465918F} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {BF5D75DE-3D02-4346-9B2D-8FBEE9AC4FFD} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {C0B7FEF2-B13D-4FC2-93A7-F6E838251C4C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C6DC22CD-AB1B-416B-85DC-DB938B95D3AA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C8B2EC4A-69DC-4A0B-BBA3-A6FCF8ACECDA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-11] (Google Inc -> Google Inc.)
Task: {C8DC14CB-D08B-44B4-91D8-BFB0F1429C84} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C9652AD4-E33F-4417-A704-AD87B3A5D50B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CF0AF4A8-74DD-4F2E-8260-AEE8BC83159F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: {D4381B46-7ED0-4BE2-91E5-E7DB70EC76D0} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4234452935-3148851518-3890960206-1002 => C:\Users\JZ\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-09-16] (Mega Limited -> Mega Limited)
Task: {DB3EC9AA-576B-425B-86DE-3496EE45C4D7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E2ED593C-C57B-4BB0-9649-8998E46F6C2C} - System32\Tasks\Driver Booster SkipUAC (JZ) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe [6058784 2018-01-11] (IObit Information Technology -> IObit)
Task: {E40DFFBE-9A1C-4F4E-BB81-5314D26CF52A} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [20776 2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {EB642C6C-21C9-452F-87A8-33304E347616} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {EDFDEC02-EBC2-4D6E-8363-30341AE2C50A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F04C1F21-808C-4895-BD1E-E28C7C99DFF8} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F2DF97D7-A95C-45CF-A5ED-61E0CD89AB9D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {F57789E6-8E16-4C9C-B3F4-08E92D4E46FE} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{b88e070f-043b-4173-8aa0-392e326e7bce}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nmd.msn.com/
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nmd.msn.com
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.tsbohemia.cz
SearchScopes: HKLM -> DefaultScope {FAF2E14B-5187-462C-AC8C-8900AF346889} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {FAF2E14B-5187-462C-AC8C-8900AF346889} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {4D4B34D2-79F9-4023-8C17-5DAA8F3FA04A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {4D4B34D2-79F9-4023-8C17-5DAA8F3FA04A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {FAF2E14B-5187-462C-AC8C-8900AF346889} URL =
SearchScopes: HKU\.DEFAULT -> {FAF2E14B-5187-462C-AC8C-8900AF346889} URL =
SearchScopes: HKU\S-1-5-21-4234452935-3148851518-3890960206-1002 -> DefaultScope {FAF2E14B-5187-462C-AC8C-8900AF346889} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-4234452935-3148851518-3890960206-1002 -> {3D2CBF5E-DC7F-41B8-8D74-BEA3063941EF} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4234452935-3148851518-3890960206-1002 -> {FAF2E14B-5187-462C-AC8C-8900AF346889} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll [2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-25] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-4234452935-3148851518-3890960206-1002 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll [2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 71xgxrmn.default-1555913718160
FF ProfilePath: C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\71xgxrmn.default-1555913718160 [2019-12-21]
FF Notifications: Mozilla\Firefox\Profiles\71xgxrmn.default-1555913718160 -> hxxps://www.facebook.com; hxxps://www.tipli.cz; hxxps://www.youtube.com
FF Extension: (Tipli do prohlížeče) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\71xgxrmn.default-1555913718160\Extensions\@tipli-do-prohlizece-.xpi [2019-11-13]
FF Extension: (Group Speed Dial) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\71xgxrmn.default-1555913718160\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2019-12-19]
FF Extension: (Avast Online Security) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\71xgxrmn.default-1555913718160\Extensions\wrc@avast.com.xpi [2019-12-17]
FF Extension: (Video DownloadHelper) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\71xgxrmn.default-1555913718160\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-08]
FF ProfilePath: C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\y5rsxkig.default-1540228058096 [2019-12-21]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\y5rsxkig.default-1540228058096\Extensions\sp@avast.com.xpi [2019-02-09]
FF Extension: (Avast Online Security) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\y5rsxkig.default-1540228058096\Extensions\wrc@avast.com.xpi [2018-06-23]
FF Extension: (Telemetry coverage) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\y5rsxkig.default-1540228058096\features\{7a602248-b27e-444c-80fc-685c4701d0d7}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-22] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_269.dll [2019-09-27] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_269.dll [2019-09-27] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Profile: C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default [2019-12-21]
CHR Extension: (Překladač Google) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-11-02]
CHR Extension: (Disk Google) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-18]
CHR Extension: (YouTube) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-18]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2016-09-18]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2019-09-01]
CHR Extension: (Search by Image (by Google)) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2016-10-21]
CHR Extension: (Google+) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-09-18]
CHR Extension: (Legacy MindMup (discontinued)) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnenaecjcgeppfpaokiifokeieopppej [2017-01-22]
CHR Extension: (Box) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2016-09-18]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-11-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-29]
CHR Extension: (Avast Online Security) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-21]
CHR Extension: (Atavi bookmarks) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfephclnnkjfkfnmmcjampphpfgijgae [2016-09-18]
CHR Extension: (Dropbox) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2018-03-28]
CHR Extension: (CrxMouse Chrome™ Gestures) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2019-12-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-08-12]
CHR Extension: (Mapy Google) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-09-18]
CHR Extension: (Pocket) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-09-18]
CHR Extension: (OneDrive) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2016-09-18]
CHR Extension: (Save to Pocket) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2019-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-15]
CHR Extension: (Picasa) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2016-09-18]
CHR Extension: (Gmail) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-08]
CHR Extension: (Chrome Media Router) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-07-26] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-07-26] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2152.121\elevation_service.exe [970088 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation -> Intel Corporation)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
S3 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (SONY Corporation -> Sony Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (SONY Corporation -> Sony Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
R2 TryAndDecideService; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [495936 2008-03-06] (Acronis, Inc -> )
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2019-09-03] (Oracle Corporation -> Oracle Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [109504 2019-03-24] (Alcorlink Corp. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [58368 2014-05-21] (Microsoft Windows Hardware Compatibility Publisher -> GenesysLogic)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-02-08] (Martin Malik - REALiX -> REALiX(tm))
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2014-05-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1158944 2019-09-21] (Realtek Semiconductor Corp. -> Realtek )
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [237376 2019-09-03] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [248464 2019-09-03] (Oracle Corporation -> Oracle Corporation)
S3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [2196592 2012-05-04] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-08-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344288 2019-08-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-06] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-21 11:56 - 2019-12-21 11:57 - 000040057 _____ C:\Users\JZ\Downloads\FRST.txt
2019-12-21 11:56 - 2019-12-21 11:56 - 000000000 ____D C:\FRST
2019-12-21 11:55 - 2019-12-21 11:55 - 002264064 _____ (Farbar) C:\Users\JZ\Downloads\FRST64.exe
2019-12-21 11:55 - 2019-12-21 11:55 - 001992192 _____ (Farbar) C:\Users\JZ\Downloads\FRST.exe
2019-12-21 11:52 - 2019-12-21 11:53 - 000360796 _____ C:\WINDOWS\Minidump\122119-9312-01.dmp
2019-12-21 11:52 - 2019-12-21 11:52 - 1310477107 _____ C:\WINDOWS\MEMORY.DMP
2019-12-04 14:25 - 2019-12-05 17:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-11-28 20:17 - 2019-11-28 20:17 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2019-11-28 20:17 - 2019-11-28 20:17 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-21 11:55 - 2018-06-23 11:40 - 000000000 ____D C:\Users\JZ\AppData\Local\AVAST Software
2019-12-21 11:54 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-21 11:53 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-21 11:53 - 2016-11-20 14:15 - 000000000 ____D C:\Users\JZ\AppData\LocalLow\Mozilla
2019-12-21 11:52 - 2019-09-21 11:09 - 000000000 ____D C:\WINDOWS\Minidump
2019-12-21 11:52 - 2019-08-06 13:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-21 11:52 - 2019-08-06 12:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-21 11:52 - 2017-01-12 21:11 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-21 11:52 - 2014-03-25 18:14 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-21 11:51 - 2019-08-06 13:07 - 001920526 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-21 11:51 - 2019-03-19 12:55 - 000781808 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-21 11:51 - 2019-03-19 12:55 - 000172426 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-21 11:51 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-21 11:50 - 2018-07-06 12:27 - 000000000 ____D C:\Users\JZ\AppData\Local\CrashDumps
2019-12-21 11:50 - 2015-07-01 15:04 - 000000000 ____D C:\Users\JZ\AppData\Roaming\MPC-HC
2019-12-21 11:50 - 2014-06-07 18:49 - 000000000 ____D C:\Users\JZ\AppData\Roaming\TeamViewer
2019-12-21 11:49 - 2019-08-06 13:09 - 000003006 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (JZ)
2019-12-21 11:43 - 2019-08-06 13:00 - 000000000 ____D C:\Users\JZ
2019-12-21 11:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-21 11:04 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-21 09:55 - 2019-08-06 13:09 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-12-21 09:55 - 2019-08-06 13:09 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-20 19:02 - 2018-01-29 18:44 - 000000000 ____D C:\Users\JZ\AppData\Local\Packages
2019-12-20 18:08 - 2019-08-06 13:00 - 000000000 ____D C:\Users\DefaultAppPool
2019-12-18 06:55 - 2016-06-11 10:58 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-18 06:55 - 2016-06-11 10:58 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-13 20:16 - 2019-08-06 13:09 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 20:16 - 2019-08-06 13:09 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-12 19:04 - 2014-03-25 18:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 19:01 - 2014-03-25 18:37 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-12 17:00 - 2016-07-18 14:08 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-05 17:57 - 2014-03-26 13:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-04 19:43 - 2018-04-11 19:31 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-11-29 17:11 - 2019-08-06 12:54 - 000258176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-28 20:17 - 2019-08-06 13:00 - 000000000 ____D C:\Users\oem
2019-11-27 19:09 - 2019-08-06 13:09 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-11-27 19:09 - 2019-08-06 13:09 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-11-27 19:09 - 2019-07-26 19:02 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-11-27 19:09 - 2019-07-26 19:02 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-11-26 15:41 - 2019-08-06 13:09 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4234452935-3148851518-3890960206-1002
2019-11-26 15:41 - 2019-08-06 13:00 - 000002391 _____ C:\Users\JZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-26 15:41 - 2016-06-11 15:11 - 000000000 ___RD C:\Users\JZ\OneDrive
2019-11-25 16:46 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
==================== Files in the root of some directories ========
2014-04-29 18:53 - 2014-04-29 18:53 - 000004608 _____ () C:\Users\JZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-10-25 17:05 - 2019-10-25 17:05 - 000000000 _____ () C:\Users\JZ\AppData\Local\{0CE5962F-8D70-4CD7-978D-129156195B24}
2019-10-25 17:05 - 2019-10-25 17:05 - 000000000 _____ () C:\Users\JZ\AppData\Local\{23DC7BB3-91A6-4AD1-ACB7-3976D4AE7BD3}
2019-11-12 18:56 - 2019-11-12 18:56 - 000000000 _____ () C:\Users\JZ\AppData\Local\{4B1B06CA-9B27-4F2F-AA89-AC384A1533A8}
2019-11-12 18:56 - 2019-11-12 18:56 - 000000000 _____ () C:\Users\JZ\AppData\Local\{A59C8528-A351-43C7-AAAC-AC7E25235C5B}
2019-10-06 11:58 - 2019-10-06 11:58 - 000000000 _____ () C:\Users\JZ\AppData\Local\{C9105FAE-12AF-4B04-B840-5AF66088C109}
2019-09-26 16:19 - 2019-09-26 16:19 - 000000000 _____ () C:\Users\JZ\AppData\Local\{F8C6935D-8025-49B3-B882-2F59249BAF82}
2019-09-26 16:19 - 2019-09-26 16:19 - 000000000 _____ () C:\Users\JZ\AppData\Local\{F92CF856-6AB0-4974-B39F-DDF63B9907EA}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by JZ (administrator) on JZ-PC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (21-12-2019 11:56:31)
Running from C:\Users\JZ\Downloads
Loaded Profiles: JZ & DefaultAppPool (Available Profiles: oem & JZ & DefaultAppPool)
Platform: Windows 10 Home Version 1903 18362.418 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acronis, Inc -> ) C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
(Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.5.245.0\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Users\JZ\Portable apps\PortableApps\totalcmd 8.x 64 bit\TOTALCMD64.EXE
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TrueCrypt Foundation -> TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-09-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [140568 2008-03-06] (Acronis, Inc -> Acronis)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803976 2016-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5123216 2012-06-08] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2615688 2008-03-06] (Acronis, Inc -> Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [910744 2008-03-06] (Acronis, Inc -> Acronis)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\...\Run: [TrueCrypt] => C:\Program Files\TrueCrypt\TrueCrypt.exe [1488312 2016-01-24] (TrueCrypt Foundation -> TrueCrypt Foundation)
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\...\Run: [Spybot-S&D Cleaning] => C:\Users\JZ\Portable apps\PortableApps\SpybotPortable\App\Spybot\SDCleaner.exe [7388488 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [47774856 2019-10-24] (Google LLC -> )
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\...\Run: [AvastBrowserAutoLaunch_D1090998FFC75E8B371CF405D6DD316D] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\...\Run: [GoogleChromeAutoLaunch_6FFAB35E81609EE8D3943CD0A4622957] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1704944 2019-12-14] (Google LLC -> Google LLC)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2152.121\Installer\chrmstp.exe [2019-11-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Lsa: [Authentication Packages] relog_ap msv1_0
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0091D8C2-56A4-4706-9F2A-786049289F0D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {03BAAF96-692F-417B-A41C-D66A408AB527} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0F1FB08F-18A5-4D9A-B997-4E83190107F2} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {1946967F-DF98-4BBA-89C9-75A1DA19B3C8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1A57D447-D9D9-42E4-B18B-F2F0594607A1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {1CA276AA-9475-48F1-8360-70589C820312} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-07-26] (AVAST Software s.r.o. -> AVAST Software)
Task: {1F9D7B68-4BF5-42E3-BACF-AD445A5F72BA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {200F0DF8-0BED-4367-B9BE-0F9BD43C3EFF} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [1138320 2018-01-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {23998F29-6278-4CFE-AC75-69BDD680C65E} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {28993864-D6B2-4992-9D96-1524912F58CA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {315812EF-79EB-4FC7-857C-0A939D2ACBEF} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {340F0B46-6A55-4504-8E4E-69092022E15A} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {3C98A270-EC79-4F97-AD55-88725A876A4C} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-07-26] (AVAST Software s.r.o. -> AVAST Software)
Task: {3D0C9D78-61CB-4435-A5D0-97A3F5B0173D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [336952 2019-09-27] (Adobe Inc. -> Adobe)
Task: {3DB81B8F-9282-441B-8487-9368CEF0360A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {3E6722EE-7285-4638-9135-A8489592906C} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {4012AACA-0BD1-49E7-BA3A-FF516867B40F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4103378D-0736-4581-9BF2-298951882145} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {43A42E61-0446-4F48-A444-B7C821F8E9C8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {462A3458-3615-482F-A30A-BB937C7D03E7} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {471398B8-D4E7-45A4-B37D-7BB784D5CB6F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {49B2CD80-FD31-4E93-AD02-FB6C79570DAF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {4F46257A-8547-4B6D-B209-40EDFD002369} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {56D83433-BF6C-441A-8AC8-1F529282861D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5EBB7D0A-BADA-4A16-99BD-A7BAD8C37D17} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {60EC0E6B-74A5-44A5-AFF1-D8A0395123C0} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {630C8751-F9BD-418D-A136-0EBD7EFFC106} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {66550BF9-D7A0-4CD9-9D53-746CE9021F79} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6E2BA973-4206-419B-94B5-A89898A49219} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-11] (Google Inc -> Google Inc.)
Task: {716B8088-3773-402E-A6FF-285B00638D4E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {722BC1B9-603B-4612-977D-ED8B32437EEB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {74458F35-5396-4E6E-9158-82E865B2FC4C} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {7732F590-0BBE-48ED-98F7-5B3248152FCD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {78BE7DF3-BA93-4794-BB61-35662E7EE29F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {79224657-542B-4B18-A068-8EBEEF0155B8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {7E0DE717-4F44-49E9-83C2-EEE08D40055F} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe [147232 2017-12-11] (IObit Information Technology -> IObit)
Task: {814A7409-FE32-49EB-9DF6-6315CF420493} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {83E5DF5C-887C-4FA1-99DE-7D3D833B203B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8ECF746F-572B-4063-97FE-DCBA3021EC3E} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
Task: {982D1C34-783A-4394-9297-EA93CCFC821D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {993A31EE-68ED-4232-8A91-BD0C9E051D1E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A5868B22-465F-4310-A98D-D7627AEFC544} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B178B0EC-9D5F-4A5F-B2F0-1246A8E826C7} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B3DCADB1-4D0E-42C6-80C1-840606829363} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B488BFC3-716C-4648-84CB-86030A0C3ED5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B5873A0D-344A-465C-AE3E-1C26069C8276} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {B6244F12-E8B1-4EF5-80C7-55F78E2D181B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B720956D-63ED-4F72-B84C-3920CE390C04} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B8B4141D-2A6F-4596-8B7C-5FB5B21DABD0} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {B8D632E3-BC09-42EB-AC36-AD4EB465918F} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {BF5D75DE-3D02-4346-9B2D-8FBEE9AC4FFD} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {C0B7FEF2-B13D-4FC2-93A7-F6E838251C4C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C6DC22CD-AB1B-416B-85DC-DB938B95D3AA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C8B2EC4A-69DC-4A0B-BBA3-A6FCF8ACECDA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-06-11] (Google Inc -> Google Inc.)
Task: {C8DC14CB-D08B-44B4-91D8-BFB0F1429C84} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C9652AD4-E33F-4417-A704-AD87B3A5D50B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CF0AF4A8-74DD-4F2E-8260-AEE8BC83159F} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: {D4381B46-7ED0-4BE2-91E5-E7DB70EC76D0} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4234452935-3148851518-3890960206-1002 => C:\Users\JZ\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-09-16] (Mega Limited -> Mega Limited)
Task: {DB3EC9AA-576B-425B-86DE-3496EE45C4D7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E2ED593C-C57B-4BB0-9649-8998E46F6C2C} - System32\Tasks\Driver Booster SkipUAC (JZ) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe [6058784 2018-01-11] (IObit Information Technology -> IObit)
Task: {E40DFFBE-9A1C-4F4E-BB81-5314D26CF52A} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [20776 2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {EB642C6C-21C9-452F-87A8-33304E347616} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {EDFDEC02-EBC2-4D6E-8363-30341AE2C50A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F04C1F21-808C-4895-BD1E-E28C7C99DFF8} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F2DF97D7-A95C-45CF-A5ED-61E0CD89AB9D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {F57789E6-8E16-4C9C-B3F4-08E92D4E46FE} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{b88e070f-043b-4173-8aa0-392e326e7bce}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nmd.msn.com/
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nmd.msn.com
HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.tsbohemia.cz
SearchScopes: HKLM -> DefaultScope {FAF2E14B-5187-462C-AC8C-8900AF346889} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {FAF2E14B-5187-462C-AC8C-8900AF346889} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {4D4B34D2-79F9-4023-8C17-5DAA8F3FA04A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {4D4B34D2-79F9-4023-8C17-5DAA8F3FA04A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {FAF2E14B-5187-462C-AC8C-8900AF346889} URL =
SearchScopes: HKU\.DEFAULT -> {FAF2E14B-5187-462C-AC8C-8900AF346889} URL =
SearchScopes: HKU\S-1-5-21-4234452935-3148851518-3890960206-1002 -> DefaultScope {FAF2E14B-5187-462C-AC8C-8900AF346889} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-4234452935-3148851518-3890960206-1002 -> {3D2CBF5E-DC7F-41B8-8D74-BEA3063941EF} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4234452935-3148851518-3890960206-1002 -> {FAF2E14B-5187-462C-AC8C-8900AF346889} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll [2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-25] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-4234452935-3148851518-3890960206-1002 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Program Files (x86)\Avira\Browser Safety\Avira Browser Safety.dll [2015-03-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 71xgxrmn.default-1555913718160
FF ProfilePath: C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\71xgxrmn.default-1555913718160 [2019-12-21]
FF Notifications: Mozilla\Firefox\Profiles\71xgxrmn.default-1555913718160 -> hxxps://www.facebook.com; hxxps://www.tipli.cz; hxxps://www.youtube.com
FF Extension: (Tipli do prohlížeče) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\71xgxrmn.default-1555913718160\Extensions\@tipli-do-prohlizece-.xpi [2019-11-13]
FF Extension: (Group Speed Dial) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\71xgxrmn.default-1555913718160\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2019-12-19]
FF Extension: (Avast Online Security) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\71xgxrmn.default-1555913718160\Extensions\wrc@avast.com.xpi [2019-12-17]
FF Extension: (Video DownloadHelper) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\71xgxrmn.default-1555913718160\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2019-07-08]
FF ProfilePath: C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\y5rsxkig.default-1540228058096 [2019-12-21]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\y5rsxkig.default-1540228058096\Extensions\sp@avast.com.xpi [2019-02-09]
FF Extension: (Avast Online Security) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\y5rsxkig.default-1540228058096\Extensions\wrc@avast.com.xpi [2018-06-23]
FF Extension: (Telemetry coverage) - C:\Users\JZ\AppData\Roaming\Mozilla\Firefox\Profiles\y5rsxkig.default-1540228058096\features\{7a602248-b27e-444c-80fc-685c4701d0d7}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-22] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_269.dll [2019-09-27] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_269.dll [2019-09-27] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Notifications: Default -> hxxps://www.youtube.com
CHR Profile: C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default [2019-12-21]
CHR Extension: (Překladač Google) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-11-02]
CHR Extension: (Disk Google) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-18]
CHR Extension: (YouTube) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-18]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2016-09-18]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2019-09-01]
CHR Extension: (Search by Image (by Google)) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2016-10-21]
CHR Extension: (Google+) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-09-18]
CHR Extension: (Legacy MindMup (discontinued)) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnenaecjcgeppfpaokiifokeieopppej [2017-01-22]
CHR Extension: (Box) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2016-09-18]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-11-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-29]
CHR Extension: (Avast Online Security) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-21]
CHR Extension: (Atavi bookmarks) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfephclnnkjfkfnmmcjampphpfgijgae [2016-09-18]
CHR Extension: (Dropbox) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2018-03-28]
CHR Extension: (CrxMouse Chrome™ Gestures) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2019-12-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-08-12]
CHR Extension: (Mapy Google) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-09-18]
CHR Extension: (Pocket) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-09-18]
CHR Extension: (OneDrive) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2016-09-18]
CHR Extension: (Save to Pocket) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2019-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-15]
CHR Extension: (Picasa) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2016-09-18]
CHR Extension: (Gmail) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-08]
CHR Extension: (Chrome Media Router) - C:\Users\JZ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-4234452935-3148851518-3890960206-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-07-26] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [202392 2019-07-26] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2152.121\elevation_service.exe [970088 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation -> Intel Corporation)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
S3 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (SONY Corporation -> Sony Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (SONY Corporation -> Sony Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12097024 2019-11-06] (TeamViewer GmbH -> TeamViewer Germany GmbH)
R2 TryAndDecideService; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [495936 2008-03-06] (Acronis, Inc -> )
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2019-09-03] (Oracle Corporation -> Oracle Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-05-04] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [109504 2019-03-24] (Alcorlink Corp. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [58368 2014-05-21] (Microsoft Windows Hardware Compatibility Publisher -> GenesysLogic)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-02-08] (Martin Malik - REALiX -> REALiX(tm))
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100312 2014-05-17] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1158944 2019-09-21] (Realtek Semiconductor Corp. -> Realtek )
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [237376 2019-09-03] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [248464 2019-09-03] (Oracle Corporation -> Oracle Corporation)
S3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [2196592 2012-05-04] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-08-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344288 2019-08-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-06] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-21 11:56 - 2019-12-21 11:57 - 000040057 _____ C:\Users\JZ\Downloads\FRST.txt
2019-12-21 11:56 - 2019-12-21 11:56 - 000000000 ____D C:\FRST
2019-12-21 11:55 - 2019-12-21 11:55 - 002264064 _____ (Farbar) C:\Users\JZ\Downloads\FRST64.exe
2019-12-21 11:55 - 2019-12-21 11:55 - 001992192 _____ (Farbar) C:\Users\JZ\Downloads\FRST.exe
2019-12-21 11:52 - 2019-12-21 11:53 - 000360796 _____ C:\WINDOWS\Minidump\122119-9312-01.dmp
2019-12-21 11:52 - 2019-12-21 11:52 - 1310477107 _____ C:\WINDOWS\MEMORY.DMP
2019-12-04 14:25 - 2019-12-05 17:57 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-11-28 20:17 - 2019-11-28 20:17 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2019-11-28 20:17 - 2019-11-28 20:17 - 000001028 _____ C:\Users\Public\Desktop\TeamViewer.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-21 11:55 - 2018-06-23 11:40 - 000000000 ____D C:\Users\JZ\AppData\Local\AVAST Software
2019-12-21 11:54 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-21 11:53 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-21 11:53 - 2016-11-20 14:15 - 000000000 ____D C:\Users\JZ\AppData\LocalLow\Mozilla
2019-12-21 11:52 - 2019-09-21 11:09 - 000000000 ____D C:\WINDOWS\Minidump
2019-12-21 11:52 - 2019-08-06 13:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-21 11:52 - 2019-08-06 12:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-21 11:52 - 2017-01-12 21:11 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-21 11:52 - 2014-03-25 18:14 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-21 11:51 - 2019-08-06 13:07 - 001920526 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-21 11:51 - 2019-03-19 12:55 - 000781808 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-21 11:51 - 2019-03-19 12:55 - 000172426 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-21 11:51 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-21 11:50 - 2018-07-06 12:27 - 000000000 ____D C:\Users\JZ\AppData\Local\CrashDumps
2019-12-21 11:50 - 2015-07-01 15:04 - 000000000 ____D C:\Users\JZ\AppData\Roaming\MPC-HC
2019-12-21 11:50 - 2014-06-07 18:49 - 000000000 ____D C:\Users\JZ\AppData\Roaming\TeamViewer
2019-12-21 11:49 - 2019-08-06 13:09 - 000003006 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (JZ)
2019-12-21 11:43 - 2019-08-06 13:00 - 000000000 ____D C:\Users\JZ
2019-12-21 11:05 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-21 11:04 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-21 09:55 - 2019-08-06 13:09 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-12-21 09:55 - 2019-08-06 13:09 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-12-20 19:02 - 2018-01-29 18:44 - 000000000 ____D C:\Users\JZ\AppData\Local\Packages
2019-12-20 18:08 - 2019-08-06 13:00 - 000000000 ____D C:\Users\DefaultAppPool
2019-12-18 06:55 - 2016-06-11 10:58 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-18 06:55 - 2016-06-11 10:58 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-13 20:16 - 2019-08-06 13:09 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-13 20:16 - 2019-08-06 13:09 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-12 19:04 - 2014-03-25 18:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 19:01 - 2014-03-25 18:37 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-12 17:00 - 2016-07-18 14:08 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-05 17:57 - 2014-03-26 13:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-04 19:43 - 2018-04-11 19:31 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-11-29 17:11 - 2019-08-06 12:54 - 000258176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-11-28 20:17 - 2019-08-06 13:00 - 000000000 ____D C:\Users\oem
2019-11-27 19:09 - 2019-08-06 13:09 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-11-27 19:09 - 2019-08-06 13:09 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-11-27 19:09 - 2019-07-26 19:02 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-11-27 19:09 - 2019-07-26 19:02 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-11-26 15:41 - 2019-08-06 13:09 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4234452935-3148851518-3890960206-1002
2019-11-26 15:41 - 2019-08-06 13:00 - 000002391 _____ C:\Users\JZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-26 15:41 - 2016-06-11 15:11 - 000000000 ___RD C:\Users\JZ\OneDrive
2019-11-25 16:46 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
==================== Files in the root of some directories ========
2014-04-29 18:53 - 2014-04-29 18:53 - 000004608 _____ () C:\Users\JZ\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-10-25 17:05 - 2019-10-25 17:05 - 000000000 _____ () C:\Users\JZ\AppData\Local\{0CE5962F-8D70-4CD7-978D-129156195B24}
2019-10-25 17:05 - 2019-10-25 17:05 - 000000000 _____ () C:\Users\JZ\AppData\Local\{23DC7BB3-91A6-4AD1-ACB7-3976D4AE7BD3}
2019-11-12 18:56 - 2019-11-12 18:56 - 000000000 _____ () C:\Users\JZ\AppData\Local\{4B1B06CA-9B27-4F2F-AA89-AC384A1533A8}
2019-11-12 18:56 - 2019-11-12 18:56 - 000000000 _____ () C:\Users\JZ\AppData\Local\{A59C8528-A351-43C7-AAAC-AC7E25235C5B}
2019-10-06 11:58 - 2019-10-06 11:58 - 000000000 _____ () C:\Users\JZ\AppData\Local\{C9105FAE-12AF-4B04-B840-5AF66088C109}
2019-09-26 16:19 - 2019-09-26 16:19 - 000000000 _____ () C:\Users\JZ\AppData\Local\{F8C6935D-8025-49B3-B882-2F59249BAF82}
2019-09-26 16:19 - 2019-09-26 16:19 - 000000000 _____ () C:\Users\JZ\AppData\Local\{F92CF856-6AB0-4974-B39F-DDF63B9907EA}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================