VIRY.CZ

Zdravím prosím o preventivku PC se zpomalilo a ve správci souboru je toho nějáko hodně.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Ran by AMD (administrator) on AMD-PC (Gigabyte Technology Co., Ltd. To be filled by O.E.M.) (17-05-2020 09:47:07)
Running from C:\Users\AMD\Desktop
Loaded Profiles: AMD
Platform: Windows 10 Home Version 1903 18362.778 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Discord Inc. -> Discord Inc.) C:\Users\AMD\AppData\Local\Discord\app-0.0.306\Discord.exe <6>
(Google LLC -> Google LLC) C:\Users\AMD\AppData\Local\Google\Chrome\Application\chrome.exe <12>
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <5>
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7632088 2014-06-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\Run: [Google Update] => C:\Users\AMD\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2417016 2020-05-15] (Wargaming.net Limited -> Wargaming.net)
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\Run: [Discord] => C:\Users\AMD\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91585088 2020-03-31] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\MountPoints2: {c098b0c3-9273-11e8-932a-fcaa148ce839} - "F:\setup.exe"
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-02-04]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00EB089E-0213-43C3-83DF-EE41CDAF0BDB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0FD0C192-29A6-401C-9740-BCA811E16646} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000UA => C:\Users\AMD\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-17] (Google Inc -> Google Inc.)
Task: {1CEA740C-8259-4F66-905D-4A764F8F7799} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {20136B0F-AFA9-4D1F-AAE5-DC5B6282060D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.)
Task: {2E0B0A1E-CC28-4C6F-B2C0-A21677BD0668} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-13] (Adobe Inc. -> Adobe)
Task: {31A9373A-F173-4A03-B698-C0475F8E607D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {41A29839-CEEB-48BC-89E8-2FAE509D585F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {5059A3D4-85E0-47D7-B032-2F3B9130A2AE} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {54C983DD-64FC-49ED-9C3D-19AF5AA9B1B0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {57B2C865-542B-46C8-82C4-8FFAC835EF40} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {57E56911-946D-4B92-A4D8-D4E3913266F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000Core => C:\Users\AMD\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-17] (Google Inc -> Google Inc.)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6054D48E-E1A7-41C1-A8EC-0FB06D63AFC3} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {61CAFFD2-AEE6-47AB-8B63-D9C841EEC32A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {62388590-26B2-4661-9A99-1BA4F84521DD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {6DB1ACFD-75D5-4AEB-BC1D-E694ADE35882} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {71D766DA-9D41-4EC7-A6DC-2D3BDE7E03DC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {798E499F-556F-4E89-A7AF-051EB591CD95} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
Task: {7D8D86FF-C4F7-4191-A102-EFCB4A9A8B2C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8CE4AE60-520F-45F0-B331-8F9FA7F5D88D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {8D8D6AA5-F232-4175-8C98-335268019D6A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8F7B52F5-0203-424A-A878-CA387EE68D6F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9E32D642-B996-47DB-9F4B-C71DA2B924F6} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A4C2ED56-8A76-44AE-AC7A-0888C58A8462} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AA22AF04-E839-4CB1-A006-6CCD83455A31} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AD00F4C8-C095-44DC-BCF4-53AF962F0875} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {AE975DF6-7D12-443F-8A47-1BE3674FBF47} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B57CF498-0E9C-4678-961D-DB7E4E21FFA7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {BEDB3BA0-3F00-4DC7-9B32-E8D5D176D2D2} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {C4E65433-B716-4C1A-B19F-1155F5A9BA49} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CC46873A-F2FC-4D4D-993B-45F2537751CD} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D3184BC9-ADE1-4ADC-A6A7-DFA81A6D0FAE} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {D62D0D84-E4B1-4BAD-9172-F425983D5134} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D91DDDBC-CB16-421A-8167-7F1427A20E94} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DACD2751-4103-4CBA-920E-804908C13A68} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC55C531-3D37-4845-B915-043FD26A7481} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {F3182EA7-F519-4301-BCE8-56637A339E7C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-13] (Adobe Inc. -> Adobe)
Task: {F7943CE2-34FC-4BBE-AE30-22F23EF5A4C8} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {FA3CB332-85B6-403E-AF37-0ECC2B342743} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{613fb9db-02b9-483a-b2db-4ddc6d07f787}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-04-21] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-04-21] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation)
Handler: sacore - No CLSID Value

FireFox:
========
FF DefaultProfile: mh6e64a2.default
FF ProfilePath: C:\Users\AMD\AppData\Roaming\Mozilla\Firefox\Profiles\mh6e64a2.default [2020-05-17]
FF user.js: detected! => C:\Users\AMD\AppData\Roaming\Mozilla\Firefox\Profiles\mh6e64a2.default\user.js [2020-01-27]
FF DownloadDir: D:\StaĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ä‚â€šĂ‚Â¦Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąÄľĂ„â€šĂ˘â‚¬ĹľÄ‚â€žĂ„ÄľenĂ„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă„ÄľÄ‚â€žĂ˘â‚¬ĹˇÄ‚â€ąĂ‚ÂĂ„â€šĂ‹ÂÄ‚ËĂ˘â€šÂ¬ÄąË‡Ä‚â€šĂ‚Â¬Ä‚â€žĂ„â€¦Ä‚â€ąĂ˘â‚¬Ë‡Ă„â€šĂ˘â‚¬ĹľÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ‹ÂÄ‚ËĂ˘â‚¬ĹˇĂ‚Â¬Ă„Ä…Ă‹â€ˇÄ‚â€žĂ˘â‚¬ĹˇÄ‚ËĂ˘â€šÂ¬ÄąË‡Ă„â€šĂ˘â‚¬ĹˇÄ‚â€šĂ‚Â© soubory
FF Homepage: Mozilla\Firefox\Profiles\mh6e64a2.default -> hxxps://www.seznam.cz/
FF Extension: (Firefox Hotfix) - C:\Users\AMD\AppData\Roaming\Mozilla\Firefox\Profiles\mh6e64a2.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-10-14] [Legacy]
FF SearchPlugin: C:\Users\AMD\AppData\Roaming\Mozilla\Firefox\Profiles\mh6e64a2.default\searchplugins\McSiteAdvisor.xml [2018-12-04]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-04-21] [UpdateUrl:hxxps://www.siteadvisor.com/waffinstall/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-13] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default [2020-05-17]
CHR Extension: (Dokumenty) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-28]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Chrome Media Router) - C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-19] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606632 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-04-17] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [916712 2020-04-21] (McAfee, LLC -> McAfee, LLC)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [11749648 2018-12-28] (Mail.Ru LLC -> LLC Mail.Ru)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [860656 2019-12-24] (NVIDIA Corporation -> NVIDIA Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2020-02-27] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 wust; C:\OSRSS\wust.exe [84896 2018-07-02] (Microsoft Windows -> )

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2020-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices Inc.)
S3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37856 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206120 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [234776 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [178968 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60696 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2020-02-25] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42984 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175920 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [500960 2020-04-20] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109480 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85056 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851808 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [459408 2020-04-16] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [235696 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317280 2020-04-15] (Avast Software s.r.o. -> AVAST Software)
S3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [303616 2019-01-10] () [File not signed]
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-12] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 DroidCam; C:\WINDOWS\system32\DRIVERS\droidcam.sys [33592 2015-05-24] (DEV47 APPS -> Dev47Apps)
R3 DroidCamVideo; C:\WINDOWS\system32\DRIVERS\droidcamvideo.sys [230712 2015-05-24] (DEV47 APPS -> Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-07-28] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-07-28] (Disc Soft Ltd -> Disc Soft Ltd)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-01-27] (Martin Malik - REALiX -> REALiX(tm))
S2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [35328 2019-01-10] () [File not signed]
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-04-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [10962696 2018-12-28] (Mail.Ru LLC -> LLC Mail.Ru)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ce13a81bcfac4a48\nvlddmkm.sys [23251968 2020-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1160488 2020-01-28] (Realtek Semiconductor Corp. -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 usbfilter; C:\WINDOWS\System32\DRIVERS\usbfilter.sys [58536 2012-08-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376544 2020-02-27] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-02-27] (Microsoft Windows -> Microsoft Corporation)
U4 aspnet_state; no ImagePath
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-17 09:47 - 2020-05-17 09:49 - 000026788 _____ C:\Users\AMD\Desktop\FRST.txt
2020-05-17 09:46 - 2020-05-17 09:46 - 002286080 _____ (Farbar) C:\Users\AMD\Desktop\FRST64.exe
2020-05-17 09:46 - 2020-05-17 09:46 - 000000000 ____D C:\Users\AMD\Desktop\FRST-OlderVersion
2020-05-17 09:44 - 2020-05-17 09:48 - 000000000 ____D C:\FRST
2020-05-16 19:06 - 2020-05-16 19:06 - 000001795 _____ C:\Users\AMD\Downloads\[CzT]Microsoft_Office_2010_Activator_x86_x64_.torrent
2020-05-15 20:11 - 2020-05-15 20:11 - 000032492 _____ C:\Users\AMD\Downloads\[CzT]Kralicek_Jojo_Jojo_Rabbit_2019_CZ_.torrent
2020-05-15 20:10 - 2020-05-15 20:10 - 000011011 _____ C:\Users\AMD\Downloads\[CzT]Vlastnici_2019_CZ_WebRip_.torrent
2020-05-15 20:04 - 2020-05-15 20:04 - 000101288 _____ C:\Users\AMD\Downloads\[CzT]Justice_League_Dark_Apokolips_War_2020_EN_WebRip_1080p_.torrent
2020-05-15 14:02 - 2020-05-15 14:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-05-13 20:19 - 2020-05-13 20:14 - 000114344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-05-13 20:11 - 2020-05-13 20:11 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2020-05-13 20:11 - 2020-05-13 20:11 - 000001108 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2020-05-13 20:09 - 2020-05-17 09:40 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-05-13 19:57 - 2020-05-13 19:57 - 000001304 _____ C:\Users\AMD\Documents\cc_20200513_195736.reg
2020-05-13 19:49 - 2020-05-17 09:40 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2245982206-4208826249-678931006-1000
2020-05-13 19:49 - 2020-05-13 19:49 - 000002361 _____ C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-11 19:38 - 2020-05-11 19:38 - 000014219 _____ C:\Users\AMD\Downloads\[CzT]Microsoft_Office_Professional_Plus_2010_x86_x64_CZ_.torrent
2020-05-03 11:59 - 2020-05-03 11:59 - 000487107 _____ C:\Users\AMD\Downloads\POTVRZENI (1).PDF
2020-04-28 21:24 - 2020-04-28 21:24 - 001370165 _____ C:\Users\AMD\Downloads\WWW NA 24.4..pdf
2020-04-26 19:10 - 2020-04-26 19:10 - 000004758 _____ C:\Users\AMD\Documents\cc_20200426_191043.reg
2020-04-25 17:55 - 2020-04-25 17:55 - 000013399 _____ C:\Users\AMD\Downloads\[CzT]Posledni_aristokratka_2019_CZ_WebRip_.torrent
2020-04-24 20:08 - 2020-04-24 20:09 - 000002229 _____ C:\Users\AMD\Desktop\Discord.lnk
2020-04-24 20:07 - 2020-04-24 20:08 - 000000000 ____D C:\Users\AMD\AppData\Local\Discord
2020-04-20 19:51 - 2020-04-20 19:51 - 000500960 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-04-20 14:50 - 2020-04-20 14:50 - 000001099 _____ C:\Users\AMD\Desktop\DroidCamApp.lnk
2020-04-20 14:50 - 2020-04-20 14:50 - 000000000 ____D C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam
2020-04-20 14:49 - 2020-04-20 14:50 - 000000000 ____D C:\Program Files (x86)\DroidCam
2020-04-17 18:42 - 2020-04-17 18:42 - 000087826 _____ C:\Users\AMD\Documents\cc_20200417_184233.reg
2020-04-17 18:23 - 2020-04-17 18:23 - 000002035 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-04-17 18:23 - 2020-04-17 18:23 - 000000000 ____D C:\Users\AMD\AppData\Local\mbamtray
2020-04-17 18:23 - 2020-04-17 18:23 - 000000000 ____D C:\Users\AMD\AppData\Local\mbam
2020-04-17 18:23 - 2020-04-17 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-04-17 18:23 - 2020-04-17 18:22 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-17 18:23 - 2020-04-17 18:22 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-04-17 18:22 - 2020-04-17 18:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-04-17 18:22 - 2020-04-17 18:22 - 000000000 ____D C:\Program Files\Malwarebytes
2020-04-17 18:09 - 2020-04-17 18:10 - 000000000 ____D C:\AdwCleaner
2020-04-17 18:08 - 2020-04-17 18:08 - 008196784 _____ (Malwarebytes) C:\Users\AMD\Downloads\adwcleaner_8.0.4.exe
2020-04-17 17:28 - 2020-04-16 18:39 - 000410838 __RSH C:\bootmgr
2020-04-17 17:28 - 2019-03-19 06:44 - 000000001 ___SH C:\BOOTNXT

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-05-17 09:40 - 2019-10-12 16:35 - 000003816 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-05-17 09:40 - 2019-10-12 16:35 - 000003572 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000UA
2020-05-17 09:40 - 2019-10-12 16:35 - 000003362 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-05-17 09:40 - 2019-10-12 16:35 - 000003330 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FD1F1D25-4BE0-4A8B-8D59-4FE8AEBAE712}
2020-05-17 09:40 - 2019-10-12 16:35 - 000003304 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000Core
2020-05-17 09:40 - 2019-10-12 16:35 - 000002218 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-05-17 09:40 - 2019-10-12 16:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-05-17 09:38 - 2019-04-14 21:30 - 000000000 ____D C:\Users\AMD\AppData\Roaming\Discord
2020-05-17 09:35 - 2020-04-15 14:38 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-05-16 22:33 - 2020-03-01 11:44 - 000000000 ____D C:\ProgramData\NVIDIA
2020-05-16 22:33 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-16 22:32 - 2018-10-17 17:33 - 000000000 ____D C:\Users\AMD\AppData\Local\Battle.net
2020-05-16 21:59 - 2019-06-09 20:49 - 000000000 ____D C:\Users\AMD\AppData\Roaming\TS3Client
2020-05-16 20:03 - 2015-09-17 10:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-05-16 19:43 - 2015-09-17 10:30 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-16 19:39 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-16 19:35 - 2019-10-12 16:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-16 19:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-16 19:11 - 2018-07-28 21:40 - 000000000 ____D C:\Users\AMD\AppData\Roaming\uTorrent
2020-05-16 19:08 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-14 21:09 - 2015-09-17 10:44 - 000000000 ____D C:\Users\AMD\AppData\Roaming\vlc
2020-05-14 21:05 - 2018-10-17 17:39 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2020-05-14 20:58 - 2018-10-17 17:32 - 000000000 ____D C:\Program Files (x86)\Battle.net
2020-05-14 19:48 - 2019-11-15 19:22 - 000000000 ____D C:\Program Files (x86)\Google
2020-05-14 18:45 - 2015-09-17 10:46 - 000000000 ____D C:\ProgramData\Skype
2020-05-13 20:24 - 2019-06-09 20:48 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2020-05-13 20:19 - 2015-09-17 11:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-05-13 20:19 - 2015-09-17 11:24 - 000000000 ____D C:\Program Files (x86)\Java
2020-05-13 20:12 - 2015-09-17 10:41 - 000001145 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-05-13 20:11 - 2015-09-17 12:35 - 000000000 ____D C:\Users\AMD\AppData\Roaming\TeamViewer
2020-05-13 20:11 - 2015-09-17 12:35 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-05-13 20:09 - 2018-11-09 21:24 - 000000869 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-05-13 20:09 - 2018-11-09 21:24 - 000000000 ____D C:\Program Files\CCleaner
2020-05-13 19:56 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-13 19:49 - 2015-09-17 10:26 - 000000000 ___RD C:\Users\AMD\OneDrive
2020-05-13 19:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-05-13 19:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-05-11 14:14 - 2018-10-13 17:33 - 000000000 ____D C:\Users\AMD\AppData\Local\D3DSCache
2020-05-10 21:16 - 2017-09-29 10:55 - 000000035 _____ C:\ProgramData\droidcam-settings
2020-05-08 18:38 - 2015-09-17 10:39 - 000002494 _____ C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-08 18:38 - 2015-09-17 10:39 - 000002457 _____ C:\Users\AMD\Desktop\Google Chrome.lnk
2020-04-26 19:09 - 2018-07-28 22:08 - 000000000 ____D C:\Users\AMD\AppData\Local\CrashDumps
2020-04-24 20:09 - 2019-04-14 21:29 - 000000000 ____D C:\Users\AMD\AppData\Local\SquirrelTemp
2020-04-24 20:08 - 2019-04-14 21:30 - 000000000 ____D C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2020-04-22 22:30 - 2019-10-12 16:17 - 000000000 ____D C:\Users\AMD
2020-04-22 22:28 - 2019-10-12 16:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-20 14:58 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-17 18:23 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-04-17 18:11 - 2018-07-28 21:54 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-17 18:10 - 2020-01-27 19:19 - 000000000 ____D C:\Users\AMD\AppData\LocalLow\IObit
2020-04-17 18:10 - 2020-01-27 19:17 - 000000000 ____D C:\Users\AMD\AppData\Roaming\IObit
2020-04-17 18:10 - 2020-01-27 19:17 - 000000000 ____D C:\ProgramData\IObit
2020-04-17 18:10 - 2020-01-27 19:17 - 000000000 ____D C:\Program Files (x86)\IObit
2020-04-17 17:51 - 2016-06-04 17:17 - 000000000 ____D C:\ProgramData\AMD
2020-04-17 17:51 - 2016-06-04 17:17 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2020-04-17 17:46 - 2015-09-17 03:42 - 000000000 ____D C:\Program Files\ATI
2020-04-17 17:43 - 2020-01-27 19:19 - 000000000 ____D C:\ProgramData\ProductData
2020-04-17 17:33 - 2019-10-12 16:26 - 001694386 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-17 17:33 - 2019-03-19 13:55 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-04-17 17:33 - 2019-03-19 13:55 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-04-17 17:25 - 2019-10-12 16:07 - 000446160 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Files in the root of some directories ========

2016-05-28 09:35 - 2016-05-28 09:35 - 000003584 _____ () C:\Users\AMD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by AMD (17-05-2020 09:51:17)
Running from C:\Users\AMD\Desktop
Windows 10 Home Version 1903 18362.778 (X64) (2019-10-12 14:36:18)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2245982206-4208826249-678931006-500 - Administrator - Disabled)
AMD (S-1-5-21-2245982206-4208826249-678931006-1000 - Administrator - Enabled) => C:\Users\AMD
DefaultAccount (S-1-5-21-2245982206-4208826249-678931006-503 - Limited - Disabled)
Guest (S-1-5-21-2245982206-4208826249-678931006-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2245982206-4208826249-678931006-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.371 - Adobe)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.2.2401 - Avast Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0466 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\Discord) (Version: 0.0.306 - Discord Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Express Courier Beta verze 0.4.1 (HKLM-x32\...\{56224C24-4579-4A63-80E2-18284A0990F7}_is1) (Version: 0.4.1 - Simopt, s.r.o.)
Google Chrome (HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - )
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.92 - McAfee, LLC.)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenTTD 1.8.0 (HKLM-x32\...\OpenTTD) (Version: 1.8.0 - OpenTTD)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 441.87 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.87 - NVIDIA Corporation) Hidden
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.88.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7266 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.1.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.1 - VS Revo Group, Ltd.)
Skype verze 8.58 (HKLM-x32\...\Skype_is1) (Version: 8.58 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.5 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.8332 - TeamViewer)
Trackmania Turbo (HKLM-x32\...\Trackmania Turbo_is1) (Version: - )
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Unlocker 1.9.0-x64 (HKLM\...\Unlocker) (Version: 1.9.0-x64 - Cedrick Collomb)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\Wargaming.net Game Center) (Version: 20.2.1.112 - Wargaming.net)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
World of Tanks EU (HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: - ZONER software)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.38.21323.0_x64__8wekyb3d8bbwe [2020-05-16] (Microsoft Corporation)
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2015-11-14] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2245982206-4208826249-678931006-1000_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\AMD\AppData\Local\Google\Chrome\Application\81.0.4044.138\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2245982206-4208826249-678931006-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\AMD\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2245982206-4208826249-678931006-1000_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\AMD\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-04-30] () [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-12-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-04-15] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-04-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-04-30] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2020-05-15 14:01 - 2020-03-31 17:11 - 001899520 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2020-05-15 14:01 - 2020-03-31 17:11 - 000115712 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2020-05-15 14:01 - 2020-03-31 17:11 - 006668800 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2010-04-30 01:40 - 2010-04-30 01:40 - 000013312 _____ () [File not signed] C:\Program Files\Unlocker\UnlockerCOM.dll
2012-04-11 10:40 - 2012-04-11 10:40 - 000067584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2019-02-21 21:00 - 2019-02-21 21:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-04 20:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\StartupApproved\Run: => "GameCenter"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{2CE9C12F-85A3-4717-B63E-8C7B79293A8E}E:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) E:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{AF8FAD3A-99BB-49F0-B8F5-93ACE6948745}E:\games\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) E:\games\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{85E3A822-4841-4BEC-8BF5-74787FF969C3}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{0D4C6D91-8AF2-4E53-92E8-04C10724260F}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{0855C384-0BA0-418D-AFEA-F5E081DD9D49}E:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) E:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{0B19D674-82BD-4BDE-8135-D689B09528E1}E:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) E:\games\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{9D619ACA-717E-4385-8D49-49D8C1F6080A}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{FC9BF612-C8C0-4AF4-AAF1-3CC7962A75A4}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{0F7EE512-0DF6-4599-B3D3-3CCA235EDA6E}C:\users\amd\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\amd\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{446D9791-B2A0-4020-9313-BF38DB9A37B0}C:\users\amd\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\amd\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{71DB28D3-9469-4923-9AC5-16E1E12C2158}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{BFF3E7DE-4F85-435F-B890-147A14E89C6C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [UDP Query User{1834C084-6D60-4E49-8CA3-4E1B9E71AE1D}D:\mygames\warface my.com\bin32release\game.exe] => (Allow) D:\mygames\warface my.com\bin32release\game.exe (Mail.Ru, LLC -> Crytek GmbH)
FirewallRules: [TCP Query User{8E914CAD-3F79-4B02-ACE9-F2303233BB18}D:\mygames\warface my.com\bin32release\game.exe] => (Allow) D:\mygames\warface my.com\bin32release\game.exe (Mail.Ru, LLC -> Crytek GmbH)
FirewallRules: [UDP Query User{76553078-4C16-4C01-B973-9CCAEF889BF3}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{125A2A5D-03C7-4AC4-A8C9-5400BCEC298A}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{6ADE88B2-1C08-4AD9-BF49-C451C83FE1A3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe => No File
FirewallRules: [{F975D43B-9440-433E-B28B-FF8DDDEBFEF0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{C98EFA3C-1E25-46B3-8907-85DB8E29C14E}C:\users\amd\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\amd\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{1AC33827-272E-48D0-9ABB-F196E4763D5B}C:\users\amd\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\amd\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{F71A0B48-778F-425F-8691-4D8371717BBE}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{705C9062-8855-45E8-800F-34261137CD1E}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{1F44220A-80F9-4437-AB09-2147A879D8D2}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{9B90F196-B908-4E94-A9C4-EE12DEDE829C}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{FD78B311-A464-4B30-B554-73662CE407B1}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [TCP Query User{CC5BB0E5-831E-484A-B49B-CFC5718CB13C}E:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) E:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{D6341449-DD8B-40D4-88D2-FB6531E1EBA2}E:\games\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) E:\games\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{93D215B1-672F-4A61-A7FB-3EADC517BAB0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{11683691-DBE7-4911-AFCA-CD72A7AD04E4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2416F1DE-3461-4224-A26B-F95D55A93176}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AE39ECF7-E672-43F9-A73B-4043027240DD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D2B79A1A-DB50-4167-B9F6-794CF65644FF}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{71E64712-F9C4-4212-8412-07E9D9B67935}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

14-05-2020 19:02:57 Removed Google Earth Pro
14-05-2020 19:04:04 Removed AMD OverDrive.

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/17/2020 09:49:33 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8844,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (05/17/2020 09:34:33 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (05/16/2020 10:33:38 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (05/16/2020 10:33:38 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (05/16/2020 10:33:31 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (05/16/2020 10:33:28 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (05/16/2020 10:33:05 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (05/16/2020 10:13:25 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3796,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

System errors:
=============
Error: (05/16/2020 10:33:12 PM) (Source: DCOM) (EventID: 10010) (User: AMD-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/16/2020 10:33:12 PM) (Source: DCOM) (EventID: 10010) (User: AMD-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/16/2020 10:33:12 PM) (Source: DCOM) (EventID: 10010) (User: AMD-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/16/2020 10:33:12 PM) (Source: DCOM) (EventID: 10010) (User: AMD-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/16/2020 10:33:12 PM) (Source: DCOM) (EventID: 10010) (User: AMD-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/16/2020 10:33:12 PM) (Source: DCOM) (EventID: 10010) (User: AMD-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/16/2020 10:33:11 PM) (Source: DCOM) (EventID: 10010) (User: AMD-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (05/16/2020 10:33:11 PM) (Source: DCOM) (EventID: 10010) (User: AMD-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Windows Defender:
===================================
Date: 2020-01-22 18:48:25.238
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {95FC234C-AD5D-4085-8C99-4BAFE3FC3610}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-13 18:54:57.185
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BCBBAB8C-3E24-451D-8ADA-6EE96DDB081D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-04 19:48:15.294
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {89A8ADA0-EEB7-42A3-BFA3-A7931CF01D60}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-11 16:39:27.570
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6B5E5968-4915-4626-A133-B71BC85EC3E4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-01 10:32:03.598
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80508023
Popis chyby: Program nenašel na tomto zařízení malware ani jiný potenciálně nevyžádaný software.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2020-01-16 13:54:16.367
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.2432.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2020-01-16 13:54:16.366
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.2432.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2020-01-16 13:54:16.365
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.2432.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.

Date: 2020-01-16 13:50:42.499
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.307.2279.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

CodeIntegrity:
===================================

Date: 2020-05-17 09:48:44.120
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\AMD\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-17 09:48:44.053
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\AMD\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-17 09:48:35.814
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\AMD\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-17 09:48:35.788
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\AMD\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-17 09:48:16.400
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\AMD\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-17 09:48:16.390
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\AMD\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-17 09:47:59.559
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\AMD\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-05-17 09:47:59.487
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\AMD\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F1 11/14/2014
Motherboard: Gigabyte Technology Co., Ltd. F2A68HM-S1
Processor: AMD Athlon(tm) X2 340 Dual Core Processor
Percentage of memory in use: 82%
Total physical RAM: 4037.21 MB
Available physical RAM: 697.53 MB
Total Virtual: 8133.21 MB
Available Virtual: 3446.6 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:124.08 GB) (Free:64.21 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:341.18 GB) (Free:79.74 GB) NTFS
Drive e: () (Fixed) (Total:465.75 GB) (Free:73.34 GB) NTFS

\\?\Volume{647bb602-0000-0000-0000-50051f000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 647BB602)
Partition 1: (Active) - (Size=124.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=511 MB) - (Type=27)
Partition 3: (Not Active) - (Size=341.2 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: F81BF81B)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.0.4.0
# -------------------------------
# Build: 04-03-2020
# Database: 2020-05-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-18-2020
# Duration: 00:00:25
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2177 octets] - [17/04/2020 18:10:09]
AdwCleaner[C00].txt - [2183 octets] - [17/04/2020 18:10:53]
AdwCleaner[S01].txt - [1528 octets] - [18/05/2020 17:53:32]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\MountPoints2: {c098b0c3-9273-11e8-932a-fcaa148ce839} - "F:\setup.exe"
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Task: {0FD0C192-29A6-401C-9740-BCA811E16646} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000UA => C:\Users\AMD\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-17] (Google Inc -> Google Inc.)
Task: {57E56911-946D-4B92-A4D8-D4E3913266F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000Core => C:\Users\AMD\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-17] (Google Inc -> Google Inc.)
Task: {B57CF498-0E9C-4678-961D-DB7E4E21FFA7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Handler: sacore - No CLSID Value
U4 aspnet_state; no ImagePath
C:\Users\AMD\Downloads\[CzT]Microsoft_Office_2010_Activator_x86_x64_.torrent
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000UA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000Core
C:\Users\AMD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{6ADE88B2-1C08-4AD9-BF49-C451C83FE1A3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-05-2020 01
Ran by AMD (19-05-2020 19:53:41) Run:1
Running from C:\Users\AMD\Desktop
Loaded Profiles: AMD
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\...\MountPoints2: {c098b0c3-9273-11e8-932a-fcaa148ce839} - "F:\setup.exe"
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Task: {0FD0C192-29A6-401C-9740-BCA811E16646} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000UA => C:\Users\AMD\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-17] (Google Inc -> Google Inc.)
Task: {57E56911-946D-4B92-A4D8-D4E3913266F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000Core => C:\Users\AMD\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-17] (Google Inc -> Google Inc.)
Task: {B57CF498-0E9C-4678-961D-DB7E4E21FFA7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Handler: sacore - No CLSID Value
U4 aspnet_state; no ImagePath
C:\Users\AMD\Downloads\[CzT]Microsoft_Office_2010_Activator_x86_x64_.torrent
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000UA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000Core
C:\Users\AMD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{6ADE88B2-1C08-4AD9-BF49-C451C83FE1A3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-2245982206-4208826249-678931006-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c098b0c3-9273-11e8-932a-fcaa148ce839} => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FD0C192-29A6-401C-9740-BCA811E16646}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FD0C192-29A6-401C-9740-BCA811E16646}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000UA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000UA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57E56911-946D-4B92-A4D8-D4E3913266F0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57E56911-946D-4B92-A4D8-D4E3913266F0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000Core => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000Core" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B57CF498-0E9C-4678-961D-DB7E4E21FFA7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B57CF498-0E9C-4678-961D-DB7E4E21FFA7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => removed successfully
Handler: sacore - No CLSID Value => could not remove.: incorrect path.
HKLM\System\CurrentControlSet\Services\aspnet_state => removed successfully
aspnet_state => service removed successfully
C:\Users\AMD\Downloads\[CzT]Microsoft_Office_2010_Activator_x86_x64_.torrent => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000UA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245982206-4208826249-678931006-1000Core" => not found
C:\Users\AMD\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ACE => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6ADE88B2-1C08-4AD9-BF49-C451C83FE1A3}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14840466 B
Java, Flash, Steam htmlcache => 510 B
Windows/system/drivers => 5472 B
Edge => 26358 B
Chrome => 75011751 B
Firefox => 9338009 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 20492 B
Users => 20492 B
ProgramData => 20492 B
Public => 20492 B
systemprofile => 20492 B
systemprofile32 => 20492 B
LocalService => 24864 B
NetworkService => 24864 B
AMD => 7954679 B

RecycleBin => 136470144 B
EmptyTemp: => 242.5 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 19:54:44 ====

Smazáno, log je již OK. Šlo pouze o zbytečnosti.

díky moc. Pocituju zlepšení.

To jsem rád. Nemáte zač!

VIRY.CZ

prosím o preventivku

prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku

Re: prosím o preventivku