VIRY.CZ

LOG:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-12-2019
Ran by maja (administrator) on MAJA-PC (ASUSTeK COMPUTER INC. 1025C) (21-12-2019 20:53:51)
Running from C:\Users\maja\Desktop
Loaded Profiles: maja (Available Profiles: maja)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
(ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\Asus\CapsHook\CapsHook.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\Asus\InstantOn for EPC\InsOnSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\Asus\InstantOn for EPC\InsOnWMI.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\Asus\HotkeyService\HotKeyMon.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\Asus\HotkeyService\HotkeyService.exe
(ASUSTeK Computer Inc. -> AsusTek Computer Inc.) C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files\Asus\SHE\SuperHybridEngine.exe
(ASUSTeK Computer Inc. -> AsusTek Computer Inc.) C:\Program Files\Asus\USBChargeSetting\iSeriesCharge.exe
(AVAST Software -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Common Files\avast software\overseer\overseer.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\maja\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\maja\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Panasonic Corporation -> Panasonic Corporation) C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(VideACE Technology Co. -> ) C:\ExpressGateUtil\VAWinAgent.exe
(VideACE Technology Co. -> ) C:\ExpressGateUtil\VAWinService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [GfxServiceInstall] => C:\windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-13] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe [101800 2011-08-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\ASUS\HotkeyService\HotkeyService.exe [1263024 2011-08-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\ASUS\SHE\SuperHybridEngine.exe [425400 2011-12-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] => C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe [1095080 2011-11-10] (ASUSTeK Computer Inc. -> AsusTek Computer Inc.)
HKLM\...\Run: [CapsHook] => C:\Program Files\ASUS\CapsHook\CapsHook.exe [445344 2010-11-15] (ASUSTeK Computer Inc. -> ASUS)
HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [417456 2011-07-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
HKLM\...\Run: [ASUSWebStorage] => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (eCareme Technologies, Inc. -> ecareme)
HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1123664 2010-10-08] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [112632 2010-10-12] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [218448 2010-10-20] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [VAWinAgent] => C:\ExpressGateUtil\VAWinAgent.exe [45448 2011-08-19] (VideACE Technology Co. -> )
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11004520 2011-09-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1813800 2011-03-10] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [ASUSPRP] => C:\Program Files\ASUS\APRP\APRP.EXE [3331312 2012-01-05] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304 2013-03-07] (AVAST Software -> AVAST Software)
HKLM\...\Run: [iSeriesCharge] => C:\Program Files\ASUS\USBChargeSetting\iSeriesCharge.exe [99792 2012-06-28] (ASUSTeK Computer Inc. -> AsusTek Computer Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) [File not signed]
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: {d976b0aa-b975-11e1-9f16-c86000283925} - "F:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\78.0.3904.108\Installer\chrmstp.exe [2019-11-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-06-18]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk [2012-06-19]
ShortcutTarget: HD Writer.lnk -> C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation -> Panasonic Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {20C6F29C-6775-48F4-92AC-CE7B1F5E9136} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CF3F392-A911-4BAF-8020-B4E549587B66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {803560C3-6BA7-4816-B0FF-C208273EB071} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {849DEB90-FE9E-431D-A87B-D37375950FF9} - System32\Tasks\{D4D9D4B7-8E7C-424B-90CB-E18EA14828C7} => C:\windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {AFE1D72C-6B24-4D1D-9927-FEAFEB2921F7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2736056 2018-08-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {BA28B958-0B12-4DD4-A9AB-8AD07F128258} - System32\Tasks\{C43DE92B-354B-4856-BE42-D11A724BCF31} => C:\windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {EBEEC802-4B42-4A82-BDC6-9D7212346996} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-03-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F8F5F944-72BC-4E79-A7E1-1F4A9424DDC4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1455456 2017-12-06] (AVAST Software s.r.o. -> AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{2B4FF6E6-1428-4111-A16E-2BF526659DB9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A18BAFC2-B3D5-4792-BE2B-3CA83C1C94B3}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{E3B31B79-9E60-4487-87D9-B541BB568345}: [DhcpNameServer] 192.168.1.1 10.24.0.23

Internet Explorer:
==================
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension
FF Extension: (Trend Micro NSC Firefox Extension) - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension [2012-01-05] [Legacy] [not signed]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR NewTab: Default -> Not-active:"chrome-extension://kpocjpoifmommoiiiamepombpeoaehfh/dynamicNewTab.html"
CHR Notifications: Default -> hxxp://youzeek.com; hxxps://www.youtube.com
CHR Profile: C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default [2019-12-21]
CHR Extension: (Vyhledávání Google) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-09]
CHR Extension: (avast! WebRep) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-04-14]
CHR Extension: (EasyPDFCombine) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh [2019-12-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-01]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Amsp; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [196320 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 ASUS InstantOn; C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe [92800 2011-12-01] (ASUSTeK Computer Inc. -> ASUS)
R2 AsusService; C:\windows\system32\AsusService.exe [224680 2011-08-09] (ASUSTeK Computer Inc. -> )
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software -> AVAST Software)
S3 DCDhcpService; C:\Program Files\WiSharing\DCDhcpService.exe [108544 2011-09-16] (Atheros Communication Inc.) [File not signed]
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [161104 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-03-26] (VideACE Technology Co. -> )
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiDriver; C:\windows\System32\DRIVERS\AiDriver.sys [14720 2012-05-07] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 AsIO; C:\windows\System32\drivers\AsIO.sys [11456 2010-06-28] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2010-08-03] (ASUSTeK Computer Inc. -> )
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-03-07] (AVAST Software -> AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [66336 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [60656 2013-03-07] (AVAST Software -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49248 2013-03-07] (AVAST Software -> )
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368176 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62376 2013-03-07] (AVAST Software -> AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [164736 2013-03-07] (AVAST Software -> )
R3 athr; C:\windows\System32\DRIVERS\athr.sys [2205696 2011-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 DETECT PS2: ; C:\Program Files\ASUS\LiveUpdate\DetectSys.sys [6144 2010-05-26] (ELAN Microelectronic Corp.) [File not signed]
S3 dsNcAdpt; C:\windows\System32\DRIVERS\dsNcAdpt.sys [27648 2014-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Juniper Networks)
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [118568 2011-03-10] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] (ASUSTeK Computer Inc. -> )
R1 tmactmon; C:\windows\System32\DRIVERS\tmactmon.sys [80464 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmcomm; C:\windows\System32\DRIVERS\tmcomm.sys [189520 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmevtmgr; C:\windows\System32\DRIVERS\tmevtmgr.sys [64080 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmtdi; C:\windows\System32\DRIVERS\tmtdi.sys [92112 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-21 20:53 - 2019-12-21 21:02 - 000022104 _____ C:\Users\maja\Desktop\FRST.txt
2019-12-21 20:51 - 2019-12-21 21:00 - 000000000 ____D C:\FRST
2019-12-21 19:57 - 2019-12-21 20:04 - 001992192 _____ (Farbar) C:\Users\maja\Desktop\FRST.exe
2019-12-11 20:19 - 2019-12-11 20:21 - 000000000 ____D C:\windows\rescache
2019-12-11 13:28 - 2019-11-15 02:58 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2019-12-11 13:22 - 2019-12-06 02:40 - 000472064 _____ (Microsoft Corporation) C:\windows\system32\EOSNotify.exe
2019-12-11 13:22 - 2019-11-28 04:33 - 000069048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2019-12-11 13:22 - 2019-11-28 04:32 - 004061616 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2019-12-11 13:22 - 2019-11-28 04:32 - 003967416 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-12-11 13:22 - 2019-11-28 04:32 - 000191416 _____ (Microsoft Corporation) C:\windows\system32\halmacpi.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000191416 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000138192 _____ (Microsoft Corporation) C:\windows\system32\halacpi.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-12-11 13:22 - 2019-11-28 04:31 - 001316424 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-12-11 13:22 - 2019-11-28 04:29 - 000307200 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2019-12-11 13:22 - 2019-11-28 04:02 - 002407424 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-12-11 13:22 - 2019-11-26 21:22 - 000532192 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2019-12-11 13:22 - 2019-11-23 07:57 - 000341896 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2019-12-11 13:22 - 2019-11-21 03:16 - 000496640 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-12-11 13:22 - 2019-11-19 09:17 - 020290048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-12-11 13:22 - 2019-11-19 08:56 - 002304000 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-12-11 13:22 - 2019-11-19 08:49 - 000662528 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-12-11 13:22 - 2019-11-19 08:43 - 000668160 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2019-12-11 13:22 - 2019-11-19 08:26 - 004112384 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-12-11 13:22 - 2019-11-19 08:23 - 002058752 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2019-12-11 13:22 - 2019-11-19 08:22 - 001155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2019-12-11 13:22 - 2019-11-19 08:20 - 013838336 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-12-11 13:22 - 2019-11-19 08:05 - 004387840 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-12-11 13:22 - 2019-11-19 08:01 - 001331712 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-12-11 13:22 - 2019-11-15 03:32 - 000311008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 001330176 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000583680 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000479232 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000215040 _____ (Microsoft Corporation) C:\windows\system32\icm32.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000111616 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000071680 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2019-12-11 13:22 - 2019-11-15 03:13 - 000448000 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelinesvc.exe
2019-12-11 13:22 - 2019-11-15 03:13 - 000025088 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelineprxy.dll
2019-12-11 13:22 - 2019-11-15 02:59 - 000033280 _____ (Microsoft Corporation) C:\windows\system32\WcsPlugInService.dll
2019-12-11 13:22 - 2019-11-15 02:55 - 000258048 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2019-12-11 13:22 - 2019-11-05 22:27 - 000137144 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-12-11 13:22 - 2019-10-26 01:17 - 001465344 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 001072640 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000872448 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000812544 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000644096 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000555520 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000294400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000261632 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000254464 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000171008 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000167936 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000141312 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000082432 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000070144 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:04 - 000097792 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2019-12-11 13:21 - 2019-11-28 04:04 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2019-12-11 13:21 - 2019-11-28 04:04 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2019-12-11 13:21 - 2019-11-28 04:04 - 000016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2019-12-11 13:21 - 2019-11-28 04:04 - 000009728 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2019-12-11 13:21 - 2019-11-28 04:03 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2019-12-11 13:21 - 2019-11-28 04:02 - 000271360 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2019-12-11 13:21 - 2019-11-28 04:01 - 000262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2019-12-11 13:21 - 2019-11-28 04:01 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2019-12-11 13:21 - 2019-11-28 03:59 - 000317440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000314880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000226304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000117248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000098816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2019-12-11 13:21 - 2019-11-28 03:57 - 000055296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000053760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\viac7.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000052224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000035328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2019-12-11 13:21 - 2019-11-28 03:57 - 000015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-11 13:21 - 2019-11-19 09:11 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2019-12-11 13:21 - 2019-11-19 09:11 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2019-12-11 13:21 - 2019-11-19 08:59 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2019-12-11 13:21 - 2019-11-19 08:58 - 000341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2019-12-11 13:21 - 2019-11-19 08:58 - 000047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2019-12-11 13:21 - 2019-11-19 08:57 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2019-12-11 13:21 - 2019-11-19 08:53 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2019-12-11 13:21 - 2019-11-19 08:52 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2019-12-11 13:21 - 2019-11-19 08:50 - 000476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2019-12-11 13:21 - 2019-11-19 08:49 - 000620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-12-11 13:21 - 2019-11-19 08:49 - 000115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2019-12-11 13:21 - 2019-11-19 08:49 - 000104960 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2019-12-11 13:21 - 2019-11-19 08:40 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2019-12-11 13:21 - 2019-11-19 08:36 - 000073216 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2019-12-11 13:21 - 2019-11-19 08:36 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2019-12-11 13:21 - 2019-11-19 08:35 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2019-12-11 13:21 - 2019-11-19 08:33 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2019-12-11 13:21 - 2019-11-19 08:33 - 000076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2019-12-11 13:21 - 2019-11-19 08:31 - 000279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2019-12-11 13:21 - 2019-11-19 08:30 - 000130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2019-12-11 13:21 - 2019-11-19 08:24 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2019-12-11 13:21 - 2019-11-19 08:23 - 000696320 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2019-12-11 13:21 - 2019-11-19 08:23 - 000692224 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2019-12-11 13:21 - 2019-11-19 08:00 - 000710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 001425920 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000380928 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2019-12-11 13:21 - 2019-11-15 03:04 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2019-12-11 13:21 - 2019-11-15 02:59 - 000034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-21 20:03 - 2009-07-14 05:34 - 000016160 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-21 20:03 - 2009-07-14 05:34 - 000016160 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-21 19:27 - 2009-07-14 05:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-12-18 21:13 - 2018-01-09 20:44 - 000004174 _____ C:\windows\system32\Tasks\Avast Emergency Update
2019-12-18 09:31 - 2011-02-16 18:02 - 000693138 _____ C:\windows\system32\perfh005.dat
2019-12-18 09:31 - 2011-02-16 18:02 - 000149892 _____ C:\windows\system32\perfc005.dat
2019-12-18 09:31 - 2009-07-27 11:11 - 001641976 _____ C:\windows\system32\PerfStringBackup.INI
2019-12-18 09:31 - 2009-07-14 03:37 - 000000000 ____D C:\windows\inf
2019-12-14 17:06 - 2019-05-11 13:39 - 000000000 ____D C:\Users\maja\AppData\Roaming\Spotify
2019-12-14 09:10 - 2019-05-11 13:40 - 000000000 ____D C:\Users\maja\AppData\Local\Spotify
2019-12-14 00:32 - 2012-06-18 18:38 - 000003376 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 00:32 - 2012-06-18 18:38 - 000003248 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-11 18:34 - 2009-07-14 05:33 - 000357096 _____ C:\windows\system32\FNTCACHE.DAT
2019-12-11 17:06 - 2013-09-18 14:21 - 000000000 ____D C:\windows\system32\MRT
2019-12-11 16:49 - 2012-06-19 20:53 - 126061744 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-12-02 20:37 - 2009-07-14 05:53 - 000032584 _____ C:\windows\Tasks\SCHEDLGU.TXT
2019-12-01 11:04 - 2012-06-18 18:37 - 000000000 ____D C:\Program Files\Google
2019-11-29 00:45 - 2019-07-28 11:03 - 000000000 ____D C:\Users\maja\AppData\Roaming\vlc
2019-11-21 22:31 - 2012-06-18 18:39 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-21 22:30 - 2012-06-18 18:39 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-21 22:30 - 2012-06-18 18:39 - 000002129 _____ C:\ProgramData\Desktop\Google Chrome.lnk

==================== Files in the root of some directories ========

2012-07-13 20:47 - 2012-08-01 18:15 - 000004608 _____ () C:\Users\maja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2019-12-09 01:19
==================== End of FRST.txt ========================

xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 14-12-2019
Ran by maja (21-12-2019 21:08:06)
Running from C:\Users\maja\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) (2012-06-18 17:14:59)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3898336196-934405070-3867738441-500 - Administrator - Disabled)
Guest (S-1-5-21-3898336196-934405070-3867738441-501 - Limited - Disabled)
maja (S-1-5-21-3898336196-934405070-3867738441-1000 - Administrator - Enabled) => C:\Users\maja

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AS: avast! Antivirus (Disabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Trend Micro Titanium (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusScreensaver (HKLM\...\{99E77016-BCF2-48C8-9119-43ECF5815F65}) (Version: 1.05 - AsusTek Computer Inc.)
ASUSUpdate for Eee PC (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 1.06.03 - ASUSTeK Computer Inc.)
AsusVibe2.0 (HKLM\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CapsHook (HKLM\...\{4B5092B6-F231-4D18-83BC-2618B729CA45}) (Version: 1.0.0.7 - AsusTek Computer)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.3.0 - AzureWave)
Eee Docking 3.10.5 (HKLM\...\Eee Docking_is1) (Version: 3.10.5 - ASUSTek Computer Inc.)
ETDWare PS/2-X86 8.0.5.2_WHQL (HKLM\...\Elantech) (Version: 8.0.5.2 - ELAN Microelectronic Corp.)
ExpressGateCloud (HKLM\...\{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.7.44.279 - VideACE Co.) Hidden
ExpressGateCloud (HKLM\...\InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.7.44.279 - VideACE Co.)
FontResizer (HKLM\...\{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek) Hidden
FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria fotografii usługi Windows Live (HKLM\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Writer AE 3.0 (HKLM\...\{5678B15A-504C-4A79-8554-05488A206E41}) (Version: 3.00.019.1033 - Panasonic Corporation)
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.45 - AsusTek Computer Inc.)
InstantOn for EPC (HKLM\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.1.6 - ASUS)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1064 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Juniper Networks Setup Client (HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\Juniper_Setup_Client) (Version: 8.0.6.48695 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.30 - AsusTek Computer Inc.)
Media Sharing (HKLM\...\{9042F9FE-43CB-4ACF-9978-F62235127F90}) (Version: 0.65.6 - ASUS)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 1.0.11100.8.0 - Nero AG)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6473 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Spotify (HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\Spotify) (Version: 1.1.21.1654.g282a2807 - Spotify AB)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.20 - AsusTek Computer)
Trend Micro Titanium (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.0 - Trend Micro Inc.)
Trend Micro Titanium (HKLM\...\{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.00 - Trend Micro Inc.) Hidden
USBCharge+ (HKLM\...\{8165EFD2-0EB8-4C4F-A0E4-0E641B117ED2}) (Version: 1.0.0.23 - AsusTek Computer)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WiSharing (HKLM\...\{21DD6041-7251-40FA-9D06-C5EB30268E0F}) (Version: 1.1.0.7 - AzureWave)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll => No File
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\XPClient.DLL [2011-07-29] (eCareme Technologies, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers1_S-1-5-21-3898336196-934405070-3867738441-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2010-04-01 03:55 - 2010-04-01 03:55 - 000221184 _____ ( ) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZNamespaceExtensions.dll
2009-03-02 03:07 - 2009-03-02 03:07 - 000200704 _____ ( ) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZShellExtensions.dll
2009-03-02 03:08 - 2009-03-02 03:08 - 000003584 _____ () [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.PropSheetExtensionHelper.dll
2014-09-30 17:56 - 2014-09-30 08:42 - 002870272 _____ () [File not signed] C:\Program Files\AVAST Software\Avast\defs\14093000\algo.dll
2012-01-05 21:11 - 2010-09-17 09:32 - 000057344 _____ () [File not signed] C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
2012-01-05 21:11 - 2010-09-17 09:32 - 000049152 _____ () [File not signed] C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
2012-06-18 18:17 - 2011-09-28 01:13 - 000086528 _____ (Atheros Communications, Inc.) [File not signed] C:\Program Files\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll
2012-06-18 18:17 - 2011-09-28 01:12 - 000216064 _____ (Atheros Communications, Inc.) [File not signed] c:\program files\qualcomm atheros wifi driver installation\athihvwpap2p.dll
2011-07-28 09:48 - 2011-07-28 09:48 - 000274432 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\eCaremeDLL.dll
2011-07-29 10:37 - 2011-07-29 10:37 - 004526080 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\XPClient.dll
2012-06-19 19:16 - 2012-06-19 19:16 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2012-06-19 19:59 - 2012-06-19 19:59 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2009-10-29 02:41 - 2009-10-29 02:41 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\log4net.dll
2013-03-17 11:19 - 2013-01-29 12:28 - 001169408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast\LIBEAY32.dll
2013-03-17 11:19 - 2013-01-29 12:28 - 000265216 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;C:\Program Files\Trend Micro\AMSP
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CB69B178-1ACD-4FD2-BF62-3932A684B8D1}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35A57417-DEC3-413E-BA43-17C5FD5E840A}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{16538B9D-30D8-4110-B54A-CF7556319E23}] => (Allow) LPort=2869
FirewallRules: [{8CF4790F-48D8-4218-BDD0-C7EA96D5D961}] => (Allow) LPort=1900
FirewallRules: [{D3680A79-9481-4F71-93E2-6BD69083E228}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1FE5DF69-72D2-411F-9320-3FED7A080864}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{93C0EB7B-9BE6-46E4-94D6-4E91C7C6CFF6}] => (Allow) C:\Program Files\WiSharing\P2PUIMain.exe (Atheros Communication) [File not signed]
FirewallRules: [{2D046336-F76C-43A3-B6E9-6482BF283F4D}] => (Allow) C:\Program Files\WiSharing\DCDhcpService.exe (Atheros Communication Inc.) [File not signed]
FirewallRules: [TCP Query User{76CAC69A-71D5-423F-A4FD-BE592A3AD2DB}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{036DFA49-D764-4D40-9F69-1A34D20FADF9}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{5BAE9C57-28FF-4644-95D8-C85940D20359}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{6E9DDEFF-FAC7-44FD-ABFD-8691E15EF4DA}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{FF67B783-CA8D-4E97-8040-E9008AF7F9B0}C:\users\maja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{80876312-8FEA-44E4-A33E-AB86168D5D00}C:\users\maja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6FDA9B4B-79BD-476C-B97B-D4FC0E50A434}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

15-12-2019 20:03:12 Naplánovaný kontrolní bod
21-12-2019 20:10:23 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/14/2019 05:22:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: InsOnSrv.exe, verze: 2.1.7.1, časové razítko: 0x4ed5f236
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x7c
Čas spuštění chybující aplikace: 0x01d5b25551464099
Cesta k chybující aplikaci: C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: da5460e1-1e8d-11ea-a882-c86000283925

Error: (12/14/2019 09:33:46 AM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.

Error: (12/13/2019 11:47:26 AM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.

Error: (12/12/2019 03:25:21 AM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.

Error: (12/11/2019 01:52:32 PM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.

Error: (12/10/2019 12:13:50 PM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.

Error: (12/09/2019 03:29:32 AM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.

Error: (12/08/2019 05:16:16 AM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.

System errors:
=============
Error: (12/21/2019 08:59:38 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (12/21/2019 08:30:45 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (12/21/2019 07:59:02 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (12/21/2019 07:29:57 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.228.
Počítač s IP adresou 192.168.0.59 nepovolil získání názvu
tímto počítačem.

Error: (12/21/2019 07:29:08 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.228.
Počítač s IP adresou 192.168.0.59 nepovolil získání názvu
tímto počítačem.

Error: (12/21/2019 07:28:46 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (12/21/2019 07:28:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (12/21/2019 07:28:42 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Windows Defender:
===================================
Date: 2019-09-22 18:17:39.816
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{0BC08668-2D95-4A0F-AC1F-9EDD4D612744}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

CodeIntegrity:
===================================

Date: 2015-04-13 20:27:28.151
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1025C.0701 01/06/2012
Motherboard: ASUSTeK COMPUTER INC. 1025C
Processor: Intel(R) Atom(TM) CPU N2800 @ 1.86GHz
Percentage of memory in use: 88%
Total physical RAM: 1011.94 MB
Available physical RAM: 113.5 MB
Total Virtual: 2589.34 MB
Available Virtual: 293.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:38.57 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:183.07 GB) (Free:140.99 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: A8D6F410)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=183.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=16 MB) - (Type=EF)

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Dobrý den , děkuji, zde je log

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2019-12-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-27-2019
# Duration: 00:04:08
# OS: Windows 7 Starter
# Cleaned: 20
# Failed: 1

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Premium
Deleted C:\Users\maja\AppData\Roaming\OpenCandy

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Conduit

***** [ Chromium (and derivatives) ] *****

Deleted EasyPDFCombine
Deleted EasyPDFCombine

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ASUSInstantOn Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{749F674B-2674-47E8-879C-5626A06B2A91}
Deleted Preinstalled.ASUSLiveUpdate Folder C:\Program Files\ASUS\LIVEUPDATE
Deleted Preinstalled.ASUSLiveUpdate Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\LIVEUPDATE
Deleted Preinstalled.ASUSProductRegistration Folder C:\Program Files\ASUS\APRP
Deleted Preinstalled.ASUSProductRegistration Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ASUSPRP
Deleted Preinstalled.ASUSUpdateChecker Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{587178E7-B1DF-494E-9838-FA4DD36E873C}
Deleted Preinstalled.ASUSVibe Folder C:\Program Files\ASUS\ASUSVIBE
Deleted Preinstalled.ASUSVibe Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUSVIBE
Deleted Preinstalled.ASUSVibe Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Asus Vibe2.0
Deleted Preinstalled.ASUSWebStorage Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS WEBSTORAGE
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|ASUSWebStorage
Deleted Preinstalled.ASUSWebStorage Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ASUS WebStorage
Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
Deleted Preinstalled.VAIOSmartNetwork Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{21DD6041-7251-40FA-9D06-C5EB30268E0F}
Not Deleted Preinstalled.ASUSWebStorage Folder C:\Program Files\ASUS\ASUS WEBSTORAGE

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3127 octets] - [27/12/2019 22:01:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK. Dejte nové logy FRST+Addition.

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-12-2019
Ran by maja (28-12-2019 22:54:53)
Running from C:\Users\maja\Desktop
Microsoft Windows 7 Starter Service Pack 1 (X86) (2012-06-18 17:14:59)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3898336196-934405070-3867738441-500 - Administrator - Disabled)
Guest (S-1-5-21-3898336196-934405070-3867738441-501 - Limited - Disabled)
maja (S-1-5-21-3898336196-934405070-3867738441-1000 - Administrator - Enabled) => C:\Users\maja

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Trend Micro Titanium (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: avast! Antivirus (Disabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Trend Micro Titanium (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
AsusScreensaver (HKLM\...\{99E77016-BCF2-48C8-9119-43ECF5815F65}) (Version: 1.05 - AsusTek Computer Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.8.8 - Atheros Communications Inc.)
Avira (HKLM\...\{4e6a365c-99da-4552-bea4-b13f55457be4}) (Version: 1.2.141.10870 - Avira Operations GmbH & Co. KG)
Avira (HKLM\...\{93A3C9E9-C927-43EC-B42F-29C3B5670A2E}) (Version: 1.2.141.10870 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.1912.1683 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM\...\Avira Phantom VPN) (Version: 2.29.2.24183 - Avira Operations GmbH & Co. KG)
Avira Privacy Pal (HKLM\...\{F2BC8305-DFBE-4C02-A906-9BBD8EE299A3}_is1) (Version: 2.1.0.1934 - Avira Operations GmbH & Co. KG)
Avira Software Updater (HKLM\...\{D72D7C97-7AEC-43E0-A8CF-B23F27422FE0}) (Version: 2.0.6.22870 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM\...\Avira System Speedup_is1) (Version: 6.3.1.10826 - Avira Operations GmbH & Co. KG)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CapsHook (HKLM\...\{4B5092B6-F231-4D18-83BC-2618B729CA45}) (Version: 1.0.0.7 - AsusTek Computer)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
E-Cam (HKLM\...\{185AFA7A-F63E-450B-94AA-011CAC18090E}) (Version: 2.0.3.0 - AzureWave)
Eee Docking 3.10.5 (HKLM\...\Eee Docking_is1) (Version: 3.10.5 - ASUSTek Computer Inc.)
ETDWare PS/2-X86 8.0.5.2_WHQL (HKLM\...\Elantech) (Version: 8.0.5.2 - ELAN Microelectronic Corp.)
ExpressGateCloud (HKLM\...\{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.7.44.279 - VideACE Co.) Hidden
ExpressGateCloud (HKLM\...\InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}) (Version: 2.7.44.279 - VideACE Co.)
FontResizer (HKLM\...\{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek) Hidden
FontResizer (HKLM\...\InstallShield_{17780F99-A9DF-450B-81B3-6781B20A17A8}) (Version: 1.01.0011 - ASUSTek)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria fotografii usługi Windows Live (HKLM\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Writer AE 3.0 (HKLM\...\{5678B15A-504C-4A79-8554-05488A206E41}) (Version: 3.00.019.1033 - Panasonic Corporation)
Hotkey Service (HKLM\...\{71C0E38E-09F2-4386-9977-404D4F6640CD}) (Version: 1.45 - AsusTek Computer Inc.)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1064 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Juniper Networks Setup Client (HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\Juniper_Setup_Client) (Version: 8.0.6.48695 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LiveUpdate (HKLM\...\{38E5A3B1-ADF1-47E0-8024-76310A30EB36}) (Version: 1.30 - AsusTek Computer Inc.)
Media Sharing (HKLM\...\{9042F9FE-43CB-4ACF-9978-F62235127F90}) (Version: 0.65.6 - ASUS)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nero Backup Drivers (HKLM\...\{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}) (Version: 1.0.11100.8.0 - Nero AG)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Poczta usługi Windows Live (HKLM\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6473 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Spotify (HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\Spotify) (Version: 1.1.21.1654.g282a2807 - Spotify AB)
Super Hybrid Engine (HKLM\...\{88F08F98-12BC-4613-81A2-8F9B88CFC73E}) (Version: 2.20 - AsusTek Computer)
Trend Micro Titanium (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.0 - Trend Micro Inc.)
Trend Micro Titanium (HKLM\...\{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.00 - Trend Micro Inc.) Hidden
USBCharge+ (HKLM\...\{8165EFD2-0EB8-4C4F-A0E4-0E641B117ED2}) (Version: 1.0.0.23 - AsusTek Computer)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll => No File
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
CustomCLSID: HKU\S-1-5-21-3898336196-934405070-3867738441-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\iconOverlay.dll (TODO: <Company name>) [File not signed]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2325} => C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\XPClient.DLL [2011-07-29] (eCareme Technologies, Inc.) [File not signed]
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files\Avira\Antivirus\shlext.dll [2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [{48F45200-91E6-11CE-8A4F-0080C81A28D4}] -> {48F45200-91E6-11CE-8A4F-0080C81A28D4} => C:\Program Files\Trend Micro\UniClient\UiFrmwrk\tmdshell.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
ContextMenuHandlers1_S-1-5-21-3898336196-934405070-3867738441-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2009-03-02 03:07 - 2009-03-02 03:07 - 000200704 _____ ( ) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.EZShellExtensions.dll
2014-09-30 17:56 - 2014-09-30 08:42 - 002870272 _____ () [File not signed] C:\Program Files\AVAST Software\Avast\defs\14093000\algo.dll
2012-01-05 21:11 - 2010-09-17 09:32 - 000057344 _____ () [File not signed] C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
2012-01-05 21:11 - 2010-09-17 09:32 - 000049152 _____ () [File not signed] C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
2012-06-18 18:17 - 2011-09-28 01:13 - 000086528 _____ (Atheros Communications, Inc.) [File not signed] C:\Program Files\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll
2012-06-18 18:17 - 2011-09-28 01:12 - 000216064 _____ (Atheros Communications, Inc.) [File not signed] c:\program files\qualcomm atheros wifi driver installation\athihvwpap2p.dll
2011-07-28 09:48 - 2011-07-28 09:48 - 000274432 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\eCaremeDLL.dll
2011-07-29 10:37 - 2011-07-29 10:37 - 004526080 _____ (eCareme Technologies, Inc.) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\XPClient.dll
2012-06-19 19:16 - 2012-06-19 19:16 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2012-06-19 19:59 - 2012-06-19 19:59 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2019-12-24 12:52 - 2019-12-24 12:52 - 000880128 _____ (ServiceStack) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\ServiceStack.Text\b3bd16df7e27cd6d87053c670a1b0eaa\ServiceStack.Text.ni.dll
2009-10-29 02:41 - 2009-10-29 02:41 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Program Files\ASUS\ASUS WebStorage\3.0.108.222\log4net.dll
2013-03-17 11:19 - 2013-01-29 12:28 - 001169408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast\LIBEAY32.dll
2013-03-17 11:19 - 2013-01-29 12:28 - 000265216 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;C:\Program Files\Trend Micro\AMSP
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Control Panel\Desktop\\Wallpaper -> %windir%\web\wallpaper\windows\img0.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CB69B178-1ACD-4FD2-BF62-3932A684B8D1}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35A57417-DEC3-413E-BA43-17C5FD5E840A}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{16538B9D-30D8-4110-B54A-CF7556319E23}] => (Allow) LPort=2869
FirewallRules: [{8CF4790F-48D8-4218-BDD0-C7EA96D5D961}] => (Allow) LPort=1900
FirewallRules: [{D3680A79-9481-4F71-93E2-6BD69083E228}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1FE5DF69-72D2-411F-9320-3FED7A080864}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{93C0EB7B-9BE6-46E4-94D6-4E91C7C6CFF6}] => (Allow) C:\Program Files\WiSharing\P2PUIMain.exe (Atheros Communication) [File not signed]
FirewallRules: [{2D046336-F76C-43A3-B6E9-6482BF283F4D}] => (Allow) C:\Program Files\WiSharing\DCDhcpService.exe (Atheros Communication Inc.) [File not signed]
FirewallRules: [TCP Query User{76CAC69A-71D5-423F-A4FD-BE592A3AD2DB}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{036DFA49-D764-4D40-9F69-1A34D20FADF9}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{5BAE9C57-28FF-4644-95D8-C85940D20359}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{6E9DDEFF-FAC7-44FD-ABFD-8691E15EF4DA}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{FF67B783-CA8D-4E97-8040-E9008AF7F9B0}C:\users\maja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{80876312-8FEA-44E4-A33E-AB86168D5D00}C:\users\maja\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maja\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1633478E-02D4-4D09-85AF-57E89F5E3EAA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D9A91A0B-9FC5-4E88-B0EC-345EE0E9004C}] => (Block) C:\Program Files\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{E9E9C68B-84A9-4505-9488-C7DA0A98666E}] => (Allow) C:\Program Files\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{B00F4D6F-F8A6-4810-9EBA-2C916FE30FBE}] => (Allow) C:\Program Files\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Restore Points =========================

21-12-2019 20:10:23 Windows Update
24-12-2019 12:42:19 Instalace balíčku ovladače zařízení: Phantom TAP-Windows Provider V9 Síťové adaptéry

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/28/2019 10:52:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.3.1.10826, časové razítko: 0x5dfbb212
Název chybujícího modulu: clr.dll, verze: 4.7.3468.0, časové razítko: 0x5d490e65
Kód výjimky: 0xc0000409
Posun chyby: 0x002f8fd9
ID chybujícího procesu: 0x15a8
Čas spuštění chybující aplikace: 0x01d5bdc8e59d90f0
Cesta k chybující aplikaci: C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: 560a3268-29bc-11ea-8bef-c86000283925

Error: (12/27/2019 10:22:09 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\maja\Desktop\adwcleaner_8.0.1.exe ; Popis = AdwCleaner_BeforeCleaning_27/12/2019_22:03:02; Chyba = 0x81000101).

Error: (12/27/2019 10:03:58 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.

Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {b2b5ddb7-580c-4040-8198-cfb1b77f5d35}

Error: (12/27/2019 09:51:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Avira.SystemSpeedup.Maintenance.exe, verze: 6.3.1.10826, časové razítko: 0x5dfbb212
Název chybujícího modulu: clr.dll, verze: 4.7.3468.0, časové razítko: 0x5d490e65
Kód výjimky: 0xc0000409
Posun chyby: 0x002f8fd9
ID chybujícího procesu: 0x13fc
Čas spuštění chybující aplikace: 0x01d5bcf75909f14d
Cesta k chybující aplikaci: C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Maintenance.exe
Cesta k chybujícímu modulu: C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
ID zprávy: ae702a7b-28ea-11ea-8bc5-c86000283925

Error: (12/24/2019 12:02:22 PM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.

Error: (12/21/2019 09:24:00 PM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.

Error: (12/14/2019 05:22:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: InsOnSrv.exe, verze: 2.1.7.1, časové razítko: 0x4ed5f236
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000
ID chybujícího procesu: 0x7c
Čas spuštění chybující aplikace: 0x01d5b25551464099
Cesta k chybující aplikaci: C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: da5460e1-1e8d-11ea-a882-c86000283925

Error: (12/14/2019 09:33:46 AM) (Source: MsiInstaller) (EventID: 11309) (User: NT AUTHORITY)
Description: Produkt: Microsoft Office Professional Edition 2003 - Chyba 1309. Při čtení souboru E:\SKU011.CAB došlo k chybě. Systémová chyba 15. Přesvědčte se, zda soubor existuje a zda k němu máte přístup.

System errors:
=============
Error: (12/28/2019 10:39:02 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (12/28/2019 10:22:08 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.228.
Počítač s IP adresou 192.168.0.59 nepovolil získání názvu
tímto počítačem.

Error: (12/28/2019 10:18:05 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Microsoft .NET Framework NGEN v4.0.30319_X86 bylo dosaženo časového limitu (30000 ms).

Error: (12/28/2019 10:16:58 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.228.
Počítač s IP adresou 192.168.0.59 nepovolil získání názvu
tímto počítačem.

Error: (12/28/2019 10:16:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/28/2019 10:16:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (12/28/2019 10:15:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (12/28/2019 10:11:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Avira Service Host bylo dosaženo časového limitu (30000 ms).

Windows Defender:
===================================
Date: 2019-09-22 18:17:39.816
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{0BC08668-2D95-4A0F-AC1F-9EDD4D612744}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

CodeIntegrity:
===================================

Date: 2015-04-13 20:27:28.151
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\crypt32.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1025C.0701 01/06/2012
Motherboard: ASUSTeK COMPUTER INC. 1025C
Processor: Intel(R) Atom(TM) CPU N2800 @ 1.86GHz
Percentage of memory in use: 91%
Total physical RAM: 1011.94 MB
Available physical RAM: 89.81 MB
Total Virtual: 2555.27 MB
Available Virtual: 240.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:34.8 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:183.07 GB) (Free:140.99 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: A8D6F410)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15 GB) - (Type=1B)
Partition 3: (Not Active) - (Size=183.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=16 MB) - (Type=EF)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-12-2019
Ran by maja (administrator) on MAJA-PC (ASUSTeK COMPUTER INC. 1025C) (28-12-2019 22:28:59)
Running from C:\Users\maja\Desktop
Loaded Profiles: maja (Available Profiles: maja)
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
(ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusService.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\Asus\InstantOn for EPC\InsOnSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files\Asus\InstantOn for EPC\InsOnWMI.exe
(AVAST Software -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\update.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Optimizer Host\Avira.OptimizerHost.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.35.422\GoogleCrashHandler.exe
(Google LLC -> Google) C:\Users\maja\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\maja\AppData\Local\Google\Chrome\User Data\SwReporter\77.225.200\software_reporter_tool.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\CompatTel\diagtrackrunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\sipnotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Panasonic Corporation -> Panasonic Corporation) C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro, Inc. -> Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(VideACE Technology Co. -> ) C:\ExpressGateUtil\VAWinAgent.exe
(VideACE Technology Co. -> ) C:\ExpressGateUtil\VAWinService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [GfxServiceInstall] => C:\windows\system32\GfxCUIServiceInstall.vbs [131 2011-12-13] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [HotkeyMon] => C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe [101800 2011-08-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [HotkeyService] => C:\Program Files\ASUS\HotkeyService\HotkeyService.exe [1263024 2011-08-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [SuperHybridEngine] => C:\Program Files\ASUS\SHE\SuperHybridEngine.exe [425400 2011-12-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM\...\Run: [LiveUpdate] => AsusSender.exe C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
HKLM\...\Run: [CapsHook] => C:\Program Files\ASUS\CapsHook\CapsHook.exe [445344 2010-11-15] (ASUSTeK Computer Inc. -> ASUS)
HKLM\...\Run: [Eee Docking] => C:\Program Files\ASUS\Eee Docking\Eee Docking.exe [417456 2011-07-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [File not signed]
HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1123664 2010-10-08] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [112632 2010-10-12] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [218448 2010-10-20] (Trend Micro, Inc. -> Trend Micro Inc.)
HKLM\...\Run: [VAWinAgent] => C:\ExpressGateUtil\VAWinAgent.exe [45448 2011-08-19] (VideACE Technology Co. -> )
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11004520 2011-09-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [1813800 2011-03-10] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4767304 2013-03-07] (AVAST Software -> AVAST Software)
HKLM\...\Run: [iSeriesCharge] => C:\Program Files\ASUS\USBChargeSetting\iSeriesCharge.exe [99792 2012-06-28] (ASUSTeK Computer Inc. -> AsusTek Computer Inc.)
HKLM\...\Run: [NeroFilterCheck] => C:\windows\system32\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) [File not signed]
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [228120 2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira System Speedup User Starter] => C:\Program Files\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330008 2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: {d976b0aa-b975-11e1-9f16-c86000283925} - "F:\WD SmartWare.exe" autoplay=true
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-24] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-06-18]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files\Asus\AsusVibe\AsusVibeLauncher.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HD Writer.lnk [2012-06-19]
ShortcutTarget: HD Writer.lnk -> C:\Program Files\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe (Panasonic Corporation -> Panasonic Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09CBE58F-7236-4B7D-9261-B4B0F4821A46} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [27855480 2019-12-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG )
Task: {20C6F29C-6775-48F4-92AC-CE7B1F5E9136} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5CF3F392-A911-4BAF-8020-B4E549587B66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {803560C3-6BA7-4816-B0FF-C208273EB071} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {849DEB90-FE9E-431D-A87B-D37375950FF9} - System32\Tasks\{D4D9D4B7-8E7C-424B-90CB-E18EA14828C7} => C:\windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {AFE1D72C-6B24-4D1D-9927-FEAFEB2921F7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2736056 2018-08-23] (AVAST Software s.r.o. -> AVAST Software)
Task: {BA28B958-0B12-4DD4-A9AB-8AD07F128258} - System32\Tasks\{C43DE92B-354B-4856-BE42-D11A724BCF31} => C:\windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {EBEEC802-4B42-4A82-BDC6-9D7212346996} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-03-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F8F5F944-72BC-4E79-A7E1-1F4A9424DDC4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1455456 2017-12-06] (AVAST Software s.r.o. -> AVAST Software)
Task: {FEE42346-ACBD-489F-9ADE-00B031BD207B} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files\Avira\Antivirus\avgnt.exe [2757672 2019-11-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{2B4FF6E6-1428-4111-A16E-2BF526659DB9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A18BAFC2-B3D5-4792-BE2B-3CA83C1C94B3}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{E3B31B79-9E60-4487-87D9-B541BB568345}: [DhcpNameServer] 192.168.1.1 10.24.0.23

Internet Explorer:
==================
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corporation -> Microsoft Corp.)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)

FireFox:
========
FF ProfilePath: C:\Users\maja\AppData\Roaming\Mozilla\Firefox\Profiles\2KeyyKzg.default [2019-12-24]
FF Extension: (Avira Password Manager) - C:\Users\maja\AppData\Roaming\Mozilla\Firefox\Profiles\2KeyyKzg.default\Extensions\passwordmanager@avira.com [2019-12-24]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension
FF Extension: (Trend Micro NSC Firefox Extension) - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension [2012-01-05] [Legacy] [not signed]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) [File not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Notifications: Default -> hxxp://youzeek.com; hxxps://www.youtube.com
CHR Profile: C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default [2019-12-28]
CHR Extension: (Avira Safe Shopping) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2019-12-27]
CHR Extension: (Vyhledávání Google) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-09]
CHR Extension: (avast! WebRep) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-04-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\maja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-27]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Amsp; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [196320 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [1210168 2019-11-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [484768 2019-10-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [567872 2019-11-11] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files\ASUS\InstantOn for EPC\InsOnSrv.exe [92800 2011-12-01] (ASUSTeK Computer Inc. -> ASUS)
R2 AsusService; C:\windows\system32\AsusService.exe [224680 2011-08-09] (ASUSTeK Computer Inc. -> )
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248 2013-03-07] (AVAST Software -> AVAST Software)
S2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [612944 2019-12-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files\Avira\Optimizer Host\Avira.OptimizerHost.exe [2989536 2019-12-17] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraPhantomVPN; C:\Program Files\Avira\VPN\Avira.VpnService.exe [381424 2019-12-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AviraUpdaterService; C:\Program Files\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [146224 2019-10-31] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 DCDhcpService; C:\Program Files\WiSharing\DCDhcpService.exe [108544 2011-09-16] (Atheros Communication Inc.) [File not signed]
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [161104 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [91464 2011-03-26] (VideACE Technology Co. -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536 2011-03-29] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiDriver; C:\windows\System32\DRIVERS\AiDriver.sys [14720 2012-05-07] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R1 AsIO; C:\windows\System32\drivers\AsIO.sys [11456 2010-06-28] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\windows\System32\drivers\AsUpIO.sys [11832 2010-08-03] (ASUSTeK Computer Inc. -> )
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-03-07] (AVAST Software -> AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [66336 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [60656 2013-03-07] (AVAST Software -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49248 2013-03-07] (AVAST Software -> )
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [765736 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [368176 2013-03-07] (AVAST Software -> AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [62376 2013-03-07] (AVAST Software -> AVAST Software)
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [164736 2013-03-07] (AVAST Software -> )
R3 athr; C:\windows\System32\DRIVERS\athr.sys [2205696 2011-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [50728 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [156160 2019-12-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [171568 2019-09-19] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [36688 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [60360 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [33280 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 dsNcAdpt; C:\windows\System32\DRIVERS\dsNcAdpt.sys [27648 2014-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Juniper Networks)
R3 ETD; C:\windows\System32\DRIVERS\ETD.sys [118568 2011-03-10] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R3 kbfiltr; C:\windows\System32\DRIVERS\kbfiltr.sys [13880 2009-07-20] (ASUSTeK Computer Inc. -> )
R3 phantomtap; C:\windows\System32\DRIVERS\phantomtap.sys [31032 2019-12-04] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R1 tmactmon; C:\windows\System32\DRIVERS\tmactmon.sys [80464 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmcomm; C:\windows\System32\DRIVERS\tmcomm.sys [189520 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R1 tmevtmgr; C:\windows\System32\DRIVERS\tmevtmgr.sys [64080 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
R2 tmtdi; C:\windows\System32\DRIVERS\tmtdi.sys [92112 2010-09-17] (Trend Micro, Inc. -> Trend Micro Inc.)
S3 DETECT PS2: ; \??\C:\Program Files\ASUS\LiveUpdate\DetectSys.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-28 22:28 - 2019-12-28 22:28 - 000000000 ____D C:\Users\maja\Desktop\FRST-OlderVersion
2019-12-27 22:27 - 2019-12-27 22:27 - 000000000 ____D C:\Users\maja\AppData\Local\Avira
2019-12-27 21:54 - 2019-12-27 22:22 - 000000000 ____D C:\AdwCleaner
2019-12-27 21:49 - 2019-12-27 21:49 - 008237744 _____ (Malwarebytes) C:\Users\maja\Desktop\adwcleaner_8.0.1.exe
2019-12-27 21:40 - 2019-12-27 21:40 - 000000000 ____D C:\windows\system32\Tasks\Avira
2019-12-27 21:32 - 2019-12-27 21:32 - 020799544 _____ (Adobe) C:\windows\system32\FlashPlayerInstaller.exe
2019-12-24 14:11 - 2019-12-24 14:11 - 000000000 ____D C:\windows\system32\GPUCache
2019-12-24 14:10 - 2019-12-24 14:10 - 000000000 ____D C:\Users\maja\AppData\Local\CEF
2019-12-24 13:07 - 2019-12-24 13:07 - 000003268 _____ C:\windows\system32\Tasks\Avira_Antivirus_Systray
2019-12-24 13:07 - 2019-12-24 13:07 - 000000000 ____H C:\windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2019-12-24 13:03 - 2019-03-20 18:50 - 000033280 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avusbflt.sys
2019-12-24 13:02 - 2019-12-02 10:26 - 000156160 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2019-12-24 13:02 - 2019-09-19 09:07 - 000171568 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2019-12-24 13:02 - 2019-06-07 14:09 - 000050728 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avdevprot.sys
2019-12-24 13:02 - 2019-03-20 18:50 - 000060360 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2019-12-24 13:02 - 2019-03-20 18:50 - 000036688 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2019-12-24 12:54 - 2019-12-24 12:56 - 000000000 ____D C:\Users\Public\PrivacyPal Sessions
2019-12-24 12:46 - 2019-12-24 12:46 - 000000000 ____D C:\Users\Public\Speedup Sessions
2019-12-24 12:45 - 2019-12-24 12:45 - 000003664 _____ C:\windows\system32\Tasks\AviraSystemSpeedupUpdate
2019-12-24 12:39 - 2019-12-24 12:39 - 000000000 ____D C:\Users\maja\AppData\Roaming\Mozilla
2019-12-24 12:38 - 2019-12-24 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-12-24 12:38 - 2019-12-24 12:57 - 000000000 ____D C:\Program Files\Avira
2019-12-24 12:38 - 2019-12-24 12:38 - 000001146 _____ C:\Users\Public\Desktop\Avira.lnk
2019-12-24 12:38 - 2019-12-24 12:38 - 000001146 _____ C:\ProgramData\Desktop\Avira.lnk
2019-12-24 12:37 - 2019-12-24 12:57 - 000000000 ____D C:\ProgramData\Avira
2019-12-24 12:37 - 2019-12-24 12:37 - 000000000 ____D C:\ProgramData\Package Cache
2019-12-21 21:48 - 2019-12-21 21:48 - 000143208 _____ C:\windows\Minidump\122119-64241-01.dmp
2019-12-21 21:42 - 2019-12-21 21:48 - 000000000 ____D C:\windows\Minidump
2019-12-21 21:42 - 2019-12-21 21:42 - 000143208 _____ C:\windows\Minidump\122119-55349-01.dmp
2019-12-21 21:08 - 2019-12-21 21:16 - 000026598 _____ C:\Users\maja\Desktop\Addition.txt
2019-12-21 20:53 - 2019-12-28 22:38 - 000025260 _____ C:\Users\maja\Desktop\FRST.txt
2019-12-21 20:51 - 2019-12-28 22:35 - 000000000 ____D C:\FRST
2019-12-21 19:57 - 2019-12-28 22:28 - 002000896 _____ (Farbar) C:\Users\maja\Desktop\FRST.exe
2019-12-11 20:19 - 2019-12-11 20:21 - 000000000 ____D C:\windows\rescache
2019-12-11 13:28 - 2019-11-15 02:58 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2019-12-11 13:22 - 2019-12-06 02:40 - 000472064 _____ (Microsoft Corporation) C:\windows\system32\EOSNotify.exe
2019-12-11 13:22 - 2019-11-28 04:33 - 000069048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2019-12-11 13:22 - 2019-11-28 04:32 - 004061616 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2019-12-11 13:22 - 2019-11-28 04:32 - 003967416 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-12-11 13:22 - 2019-11-28 04:32 - 000191416 _____ (Microsoft Corporation) C:\windows\system32\halmacpi.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000191416 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000138192 _____ (Microsoft Corporation) C:\windows\system32\halacpi.dll
2019-12-11 13:22 - 2019-11-28 04:32 - 000137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-12-11 13:22 - 2019-11-28 04:31 - 001316424 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-12-11 13:22 - 2019-11-28 04:29 - 000307200 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2019-12-11 13:22 - 2019-11-28 04:02 - 002407424 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-12-11 13:22 - 2019-11-26 21:22 - 000532192 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2019-12-11 13:22 - 2019-11-23 07:57 - 000341896 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2019-12-11 13:22 - 2019-11-21 03:16 - 000496640 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-12-11 13:22 - 2019-11-19 09:17 - 020290048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-12-11 13:22 - 2019-11-19 08:56 - 002304000 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-12-11 13:22 - 2019-11-19 08:49 - 000662528 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-12-11 13:22 - 2019-11-19 08:43 - 000668160 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2019-12-11 13:22 - 2019-11-19 08:26 - 004112384 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-12-11 13:22 - 2019-11-19 08:23 - 002058752 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2019-12-11 13:22 - 2019-11-19 08:22 - 001155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2019-12-11 13:22 - 2019-11-19 08:20 - 013838336 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-12-11 13:22 - 2019-11-19 08:05 - 004387840 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-12-11 13:22 - 2019-11-19 08:01 - 001331712 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-12-11 13:22 - 2019-11-15 03:32 - 000311008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 001330176 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000583680 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000479232 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000215040 _____ (Microsoft Corporation) C:\windows\system32\icm32.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000111616 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2019-12-11 13:22 - 2019-11-15 03:29 - 000071680 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2019-12-11 13:22 - 2019-11-15 03:13 - 000448000 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelinesvc.exe
2019-12-11 13:22 - 2019-11-15 03:13 - 000025088 _____ (Microsoft Corporation) C:\windows\system32\printfilterpipelineprxy.dll
2019-12-11 13:22 - 2019-11-15 02:59 - 000033280 _____ (Microsoft Corporation) C:\windows\system32\WcsPlugInService.dll
2019-12-11 13:22 - 2019-11-15 02:55 - 000258048 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2019-12-11 13:22 - 2019-11-05 22:27 - 000137144 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-12-11 13:22 - 2019-10-26 01:17 - 001465344 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 001072640 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000872448 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000812544 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000644096 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000555520 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000294400 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000261632 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000254464 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000171008 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000167936 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000141312 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000082432 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000070144 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:29 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 04:04 - 000097792 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2019-12-11 13:21 - 2019-11-28 04:04 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2019-12-11 13:21 - 2019-11-28 04:04 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2019-12-11 13:21 - 2019-11-28 04:04 - 000016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2019-12-11 13:21 - 2019-11-28 04:04 - 000009728 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2019-12-11 13:21 - 2019-11-28 04:03 - 000050688 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2019-12-11 13:21 - 2019-11-28 04:02 - 000271360 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2019-12-11 13:21 - 2019-11-28 04:01 - 000262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2019-12-11 13:21 - 2019-11-28 04:01 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2019-12-11 13:21 - 2019-11-28 03:59 - 000317440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000314880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000226304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000117248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-12-11 13:21 - 2019-11-28 03:58 - 000098816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2019-12-11 13:21 - 2019-11-28 03:57 - 000055296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000053760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\viac7.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000052736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000052224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000035328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
2019-12-11 13:21 - 2019-11-28 03:57 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2019-12-11 13:21 - 2019-11-28 03:57 - 000015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-12-11 13:21 - 2019-11-28 03:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-12-11 13:21 - 2019-11-19 09:11 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2019-12-11 13:21 - 2019-11-19 09:11 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2019-12-11 13:21 - 2019-11-19 08:59 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2019-12-11 13:21 - 2019-11-19 08:58 - 000341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2019-12-11 13:21 - 2019-11-19 08:58 - 000047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2019-12-11 13:21 - 2019-11-19 08:57 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2019-12-11 13:21 - 2019-11-19 08:53 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2019-12-11 13:21 - 2019-11-19 08:52 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2019-12-11 13:21 - 2019-11-19 08:50 - 000476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2019-12-11 13:21 - 2019-11-19 08:49 - 000620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2019-12-11 13:21 - 2019-11-19 08:49 - 000115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2019-12-11 13:21 - 2019-11-19 08:49 - 000104960 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2019-12-11 13:21 - 2019-11-19 08:40 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2019-12-11 13:21 - 2019-11-19 08:36 - 000073216 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2019-12-11 13:21 - 2019-11-19 08:36 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2019-12-11 13:21 - 2019-11-19 08:35 - 000091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2019-12-11 13:21 - 2019-11-19 08:33 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2019-12-11 13:21 - 2019-11-19 08:33 - 000076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2019-12-11 13:21 - 2019-11-19 08:31 - 000279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2019-12-11 13:21 - 2019-11-19 08:30 - 000130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2019-12-11 13:21 - 2019-11-19 08:24 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2019-12-11 13:21 - 2019-11-19 08:23 - 000696320 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2019-12-11 13:21 - 2019-11-19 08:23 - 000692224 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2019-12-11 13:21 - 2019-11-19 08:00 - 000710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 001425920 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000380928 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2019-12-11 13:21 - 2019-11-15 03:29 - 000010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2019-12-11 13:21 - 2019-11-15 03:04 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2019-12-11 13:21 - 2019-11-15 02:59 - 000034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2019-12-04 13:25 - 2019-12-04 13:25 - 000031032 _____ (The OpenVPN Project) C:\windows\system32\Drivers\phantomtap.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-28 22:23 - 2009-07-14 05:34 - 000016160 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-28 22:23 - 2009-07-14 05:34 - 000016160 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-28 22:08 - 2009-07-14 05:53 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-12-27 22:52 - 2017-09-28 17:23 - 000001187 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-12-27 22:52 - 2017-09-28 17:23 - 000001187 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2019-12-27 22:52 - 2017-09-28 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-12-27 22:25 - 2012-01-05 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2019-12-27 22:25 - 2012-01-05 20:53 - 000000000 ____D C:\Program Files\Asus
2019-12-27 21:33 - 2012-01-05 20:56 - 000000000 ____D C:\windows\system32\Macromed
2019-12-27 21:24 - 2009-07-14 05:33 - 000357888 _____ C:\windows\system32\FNTCACHE.DAT
2019-12-24 13:06 - 2012-06-18 18:39 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-24 13:06 - 2012-06-18 18:39 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-12-24 13:06 - 2012-06-18 18:39 - 000002129 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-12-24 12:51 - 2012-06-18 18:15 - 000088256 _____ C:\Users\maja\AppData\Local\GDIPFONTCACHEV1.DAT
2019-12-24 12:49 - 2009-07-14 03:37 - 000000000 ____D C:\windows\inf
2019-12-24 11:56 - 2019-05-11 13:40 - 000000000 ____D C:\Users\maja\AppData\Local\Spotify
2019-12-24 11:36 - 2019-05-11 13:39 - 000000000 ____D C:\Users\maja\AppData\Roaming\Spotify
2019-12-21 21:47 - 2013-07-22 20:40 - 424082409 _____ C:\windows\MEMORY.DMP
2019-12-18 21:13 - 2018-01-09 20:44 - 000004174 _____ C:\windows\system32\Tasks\Avast Emergency Update
2019-12-18 09:31 - 2011-02-16 18:02 - 000693138 _____ C:\windows\system32\perfh005.dat
2019-12-18 09:31 - 2011-02-16 18:02 - 000149892 _____ C:\windows\system32\perfc005.dat
2019-12-18 09:31 - 2009-07-27 11:11 - 001641976 _____ C:\windows\system32\PerfStringBackup.INI
2019-12-14 00:32 - 2012-06-18 18:38 - 000003376 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 00:32 - 2012-06-18 18:38 - 000003248 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-11 17:06 - 2013-09-18 14:21 - 000000000 ____D C:\windows\system32\MRT
2019-12-11 16:49 - 2012-06-19 20:53 - 126061744 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-12-02 20:37 - 2009-07-14 05:53 - 000032584 _____ C:\windows\Tasks\SCHEDLGU.TXT
2019-12-01 11:04 - 2012-06-18 18:37 - 000000000 ____D C:\Program Files\Google
2019-11-29 00:45 - 2019-07-28 11:03 - 000000000 ____D C:\Users\maja\AppData\Roaming\vlc

==================== Files in the root of some directories ========

2012-07-13 20:47 - 2012-08-01 18:15 - 000004608 _____ () C:\Users\maja\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2019-12-24 14:02
==================== End of FRST.txt ========================

A ještě bych Vás rád požádal radu, jak odstranit avast antivirus, nikterak se mi to nedaří. Chci ho odstranit, protože jsem přešel na antivirus AVIRA. Děkuji

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: {d976b0aa-b975-11e1-9f16-c86000283925} - "F:\WD SmartWare.exe" autoplay=true
Task: {5CF3F392-A911-4BAF-8020-B4E549587B66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {803560C3-6BA7-4816-B0FF-C208273EB071} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1_S-1-5-21-3898336196-934405070-3867738441-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll -> No File
FirewallRules: [TCP Query User{76CAC69A-71D5-423F-A4FD-BE592A3AD2DB}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{036DFA49-D764-4D40-9F69-1A34D20FADF9}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{5BAE9C57-28FF-4644-95D8-C85940D20359}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{6E9DDEFF-FAC7-44FD-ABFD-8691E15EF4DA}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

K odinstalaci Avastu použijte uninstaler od výrobce: https://www.avast.com/cs-cz/uninstall-utility .

Dobrý den, provedeno, zde je log. K té odinstalaci: nedaří se mi to,není jiná varianta? děkuji.

Fix result of Farbar Recovery Scan Tool (x86) Version: 28-12-2019
Ran by maja (29-12-2019 15:28:01) Run:1
Running from C:\Users\maja\Desktop
Loaded Profiles: maja (Available Profiles: maja)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\...\MountPoints2: {d976b0aa-b975-11e1-9f16-c86000283925} - "F:\WD SmartWare.exe" autoplay=true
Task: {5CF3F392-A911-4BAF-8020-B4E549587B66} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
Task: {803560C3-6BA7-4816-B0FF-C208273EB071} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [154440 2016-03-05] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3898336196-934405070-3867738441-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1_S-1-5-21-3898336196-934405070-3867738441-1000: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\maja\AppData\Local\CloudStation\app\icon-overlay\10\x86\ContextMenu.dll -> No File
FirewallRules: [TCP Query User{76CAC69A-71D5-423F-A4FD-BE592A3AD2DB}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{036DFA49-D764-4D40-9F69-1A34D20FADF9}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [TCP Query User{5BAE9C57-28FF-4644-95D8-C85940D20359}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File
FirewallRules: [UDP Query User{6E9DDEFF-FAC7-44FD-ABFD-8691E15EF4DA}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d976b0aa-b975-11e1-9f16-c86000283925} => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CF3F392-A911-4BAF-8020-B4E549587B66}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CF3F392-A911-4BAF-8020-B4E549587B66}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{803560C3-6BA7-4816-B0FF-C208273EB071}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{803560C3-6BA7-4816-B0FF-C208273EB071}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
"HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
"C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\Software\Classes\*\ShellEx\ContextMenuHandlers\CloudStation.SyncFolderContextMenu => removed successfully.
HKU\S-1-5-21-3898336196-934405070-3867738441-1000\SOFTWARE\Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237} => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{76CAC69A-71D5-423F-A4FD-BE592A3AD2DB}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{036DFA49-D764-4D40-9F69-1A34D20FADF9}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5BAE9C57-28FF-4644-95D8-C85940D20359}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6E9DDEFF-FAC7-44FD-ABFD-8691E15EF4DA}C:\users\maja\appdata\local\cloudstation\app\bin\cloud-connect.exe" => removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 75948563 B
Java, Flash, Steam htmlcache => 2755 B
Windows/system/drivers => 2364626204 B
Edge => 0 B
Chrome => 97352625 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 526290 B
Public => 526290 B
ProgramData => 526290 B
systemprofile => 51026658 B
LocalService => 51026658 B
NetworkService => 51163658 B
maja => 3010263811 B

RecycleBin => 0 B
EmptyTemp: => 5.3 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 15:34:06 ====

SCEEN

Smazáno, log již bude zřejmě čistý. Ta hláška vyskakuje i po požití odinstalátoru?

Super. Děkuji za všechny opravy. Co tam nakonec bylo?

K obrázku: vyskakuje to právě s uninstalleru od avastu. Bez něho vůbec v ovládacích panelech kde se odebírají programy nelze najít!!!!

Děkuji za radu.

AdWare OpenCandy a nějaké zbytečnosti. Zkuste ten uninstaller spustit v nouz. režimu. Tohle jsem neviděl.

Dobrý den, tak ani v nouzovém režimu se to nepodařilo a znovu naskočilo stejné okno. Jsem zoufalý, protože avast si žádá aktualizace a prodloužení účtu a nejde s tím nic dělat. Takže je to bludný kruh. Bylo by zapotřebí ho násilně odebrat, neexistuje nějaká cesta? Děkuji moc za radu.

Potom je instalace Avastu poškozena zřejmě natolik, že s ní nehne ani jejich odinstalátor. Budete se muset obrátit sem: https://forum.avast.com/index.php?board=30.0 .

VIRY.CZ

Prosím o preventivní kontrolu logu

Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu

Re: Prosím o preventivní kontrolu logu