Až příliš pomalý notebook
Napsal: 13 črc 2020 19:42
Zdravím,
prosím Vás o kontrolu pomalého notebooku.
Posílám logy z FRST a adwcleaneru.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.6.0
# -------------------------------
# Build: 06-24-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-13-2020
# Duration: 00:01:40
# OS: Windows 10 Home
# Cleaned: 67
# Failed: 1
***** [ Services ] *****
Deleted Amazon Assistant Service
***** [ Folders ] *****
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
Deleted C:\Users\Public\Pokki
Deleted C:\Users\magda\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Deleted C:\extensions
Not Deleted C:\Program Files (x86)\Amazon\Amazon Assistant
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Users\magda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
Deleted C:\Users\magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Users\magda\Desktop\App Explorer.lnk
Deleted C:\Users\magda\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\LocalService\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\NetworkService\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\AppDataLow\Software\Amazon\AmazonAssistant
Deleted HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\titan.service.amazonbrowserapp.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\Amazon Assistant Service
Deleted HKLM\Software\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
Deleted HKLM\Software\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\Software\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
Deleted HKLM\Software\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKLM\Software\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
Deleted HKLM\Software\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
Deleted HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted HKLM\Software\Wow6432Node\Amazon\AmazonAssistant
Deleted HKLM\Software\Wow6432Node\\AppDataLow\Software\Amazon\AmazonAssistant
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Amazon Assistant Service
Deleted HKU\.DEFAULT\Software\AppDataLow\Software\Amazon\AmazonAssistant
Deleted HKU\S-1-5-18\Software\AppDataLow\Software\Amazon\AmazonAssistant
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [14309 octets] - [13/07/2020 18:42:00]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
__________________________________________________________________________________________________
# -------------------------------
# Malwarebytes AdwCleaner 8.0.6.0
# -------------------------------
# Build: 06-24-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-13-2020
# Duration: 00:00:35
# OS: Windows 10 Home
# Cleaned: 49
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Amazon\Amazon Assistant
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Deleted Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Deleted Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Deleted Preinstalled.AcerCareCenter File C:\Users\Public\Desktop\Acer Care Center.lnk
Deleted Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91F9D2B6-9405-4B55-8297-BF24C7AD5C78}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91F9D2B6-9405-4B55-8297-BF24C7AD5C78}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD6F702C-470B-4241-8589-E1071B89BA8F}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Deleted Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Deleted Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Deleted Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Deleted Preinstalled.AcerDocsOfficeAddIn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DCBF3379-246B-47E1-8173-639B63940838}
Deleted Preinstalled.AcerExplorerAgent Folder C:\Program Files\ACER\ACER EXPLORER AGENT
Deleted Preinstalled.AcerExplorerAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}
Deleted Preinstalled.AcerPortal Folder C:\Program Files (x86)\ACER\ACER PORTAL
Deleted Preinstalled.AcerPortal Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AcerPortal
Deleted Preinstalled.AcerPortal Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Deleted Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER POWER MANAGEMENT
Deleted Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AA349F2-D485-4808-97C3-9210CD562CE0}
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{804FB1CD-8E38-4C73-8E4A-441767EAC694}
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Deleted Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}
Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Deleted Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Deleted Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Deleted Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Deleted Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Deleted Preinstalled.AcerabDocs File C:\Users\Public\Desktop\abDocs.lnk
Deleted Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS
Deleted Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS OFFICE ADDIN
Deleted Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84F856AE-8436-43AB-90A3-3206B5D970AD}
Deleted Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abDocsDllLoader
Deleted Preinstalled.AcerabDocs Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|abDocsDllLoader
Deleted Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
Deleted Preinstalled.AcerabDocs Task C:\Windows\System32\Tasks\ABDOCSDLLLOADER
Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AD314E7-2C76-4E98-96D6-C11E75FBED77}
Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Deleted Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}
Not Deleted Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [14309 octets] - [13/07/2020 18:42:00]
AdwCleaner[C00].txt - [7383 octets] - [13/07/2020 19:44:31]
AdwCleaner[S01].txt - [7465 octets] - [13/07/2020 20:00:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
___________________________________________________________________________________________________
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2020 01
Ran by magda (administrator) on LAPTOP-F30A982H (Acer Aspire E5-573G) (13-07-2020 20:34:01)
Running from C:\Users\magda\Desktop
Loaded Profiles: magda
Platform: Windows 10 Home Version 1909 18363.900 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporated -> ) C:\OEM\Preload\FubTracking\FubTracking.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Google LLC -> Google) C:\Users\magda\AppData\Local\Google\Chrome\User Data\SwReporter\83.238.200\software_reporter_tool.exe <4>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_f010cc3692c89680\Display.NvContainer\NVDisplay.Container.exe <2>
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Robert McNeel and Associates -> Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe <5>
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [185648 2020-07-07] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [795744 2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [460384 2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Run: [Google Update] => C:\Users\magda\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48594832 2020-06-15] (Google LLC -> )
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\magda\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Run: [Dropbox Update] => C:\Users\magda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2019-03-22] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\magda\AppData\Local\Microsoft\Teams\Update.exe [2350776 2020-05-30] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\MountPoints2: {085dc01d-411d-11e5-9bc7-806e6f6e6963} - "D:\Launcher.exe"
HKLM\...\Windows x64\Print Processors\Canon MG5100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAD.DLL [28672 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\ssj1MPC: C:\Windows\System32\spool\prtprocs\x64\ssj1mpc.dll [41984 2014-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5100 series: C:\Windows\system32\CNMLMAD.DLL [361472 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [393392 2016-07-21] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\ssj1M Langmon: C:\Windows\system32\ssj1mlm.dll [34304 2014-09-24] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2019-07-25]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2019-07-25]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\Users\magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2020-07-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\magda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A69ACBD-F4E6-457C-BFBA-732A4DD3FED8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {12EEAC31-5A86-4E18-AA2F-FB68046B9BC9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001Core => C:\Users\magda\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-03-13] (Google Inc -> Google Inc.)
Task: {1541C799-EE6C-4EE4-9846-4F5DC50F6E58} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {17FBA92C-DEB7-4F10-8574-803923B6E8EA} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {1A7C7F52-0EB8-48B1-BFC6-DF31F74CD610} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1AB24802-A31B-4ECC-AA71-B4B0A774B8BF} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {220890F0-4904-49E1-AC7A-FC06A94FE59F} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {2253D082-8114-4270-9153-A5572074A0FB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001Core => C:\Users\magda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2019-03-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {22D0CD57-6FE4-4BAB-AD62-7BE0C55BFFD6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001Core1d2585319a925b8 => C:\Users\magda\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-03-13] (Google Inc -> Google Inc.)
Task: {26DFFC44-6580-41F4-A6BC-4C2816A74CF8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369344 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {26ED8D37-AD63-49E5-A65D-FFDBB24CB7B9} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {2B12EF23-A93C-4185-9F27-00DB6E823B64} - System32\Tasks\AdwCleaner_onReboot => C:\Users\magda\Downloads\adwcleaner_8.0.6.exe [8420016 2020-07-13] (Malwarebytes Inc -> Malwarebytes)
Task: {2B82380A-F8BE-4B92-B1F3-4643B6ED42B3} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [330240 2020-05-05] (Microsoft Windows -> Microsoft Corporation)
Task: {37429BC4-8C5E-4894-A6DB-E27ED63CCF24} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [110416 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {39C55BBA-8DF8-4E02-AD9B-900111A84539} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1571200 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {472750D3-9922-4224-ADED-EEBFB0FB605F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001UA => C:\Users\magda\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-03-13] (Google Inc -> Google Inc.)
Task: {51796746-956F-463F-A81A-491DE1CBB923} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-31] (Google Inc -> Google Inc.)
Task: {5760781E-9BD9-4A9D-8399-F6B07B586EE0} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {581FFAFA-0D0C-4A99-AB07-DA9ADCDF11F2} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-magdalena.prusova2@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5AA0BDFB-D852-422A-8B9C-FEFDD7362848} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {66060B82-E5E5-4D53-B12E-7EE71FDB0A8B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
Task: {6628886D-B9F2-48C1-9B01-921A2C1CCD3E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {69ED04EF-2D5A-416C-AF42-B089FED72961} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {6E90D7D4-ABF3-439A-B99D-86CB01ECF002} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [110416 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {74DA6176-8C04-4DB7-98D4-A64C39ED3F63} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {7D986849-3229-4A99-A802-868D85C7A710} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-31] (Google Inc -> Google Inc.)
Task: {7E36FBDC-8196-490E-8ECB-B037D43EA773} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {7F5FC9F3-14A8-451B-9691-D51C88A44D68} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {86553904-FF45-492D-922D-219660E72CE2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4460952 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E90DE31-8E6D-4F51-9674-1BA648B3448A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1421720 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {9105C382-16FD-4BC0-8C54-71ACD56429A8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {921F925F-B906-4499-8D4D-10C813AC1FBC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4460952 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {9514BE35-03CE-4882-BC4C-26B8BA8317C6} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {963D0548-1350-439C-91DB-3B3E394E6CEE} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
Task: {9986C2FE-8067-40ED-BA40-6E23A6ACA69D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A9AA3E7E-95AE-4C22-861F-D48C97C538FC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AA059926-B05E-4E23-9B2B-66559AC34A6C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {AC4532CD-7892-4317-A1B1-CFA6D305219C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1421720 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B944E398-0AF2-4B02-A858-1BAC873415DB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C1FFFD79-D3E2-4720-A7BB-4C4FB0A8A8F3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369344 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C34912FF-052D-401A-A0D1-3736A49A64E0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {CA812767-9688-48E8-8676-AB1DB8F06534} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D51A71FF-C29E-488A-B76C-F1EF99C1D2E7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001UA => C:\Users\magda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2019-03-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E647CCEC-F5E5-42A4-BD2E-2CA6B6BFD1A8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E6963C34-49FB-4AB7-9458-C936F4FB58B4} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {E7091A41-DF93-4DD7-8891-90A95BE56372} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [330240 2020-05-05] (Microsoft Windows -> Microsoft Corporation)
Task: {E8599B00-CEB4-4C6E-BE9E-FF8CDAE35EF5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001UA1d2585319d21a08 => C:\Users\magda\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-03-13] (Google Inc -> Google Inc.)
Task: {F2760ABF-BD0B-46D4-B567-A165F171A159} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F79130D0-BE65-4989-B1C1-4263D6D4C67D} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001Core.job => C:\Users\magda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001UA.job => C:\Users\magda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001Core.job => C:\Users\magda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001UA.job => C:\Users\magda\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{806b2942-e5df-4086-8e3b-661aa574741a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a83ab3f7-25ac-459a-8497-fa81f2211cff}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d732d955-21fd-4db8-94f2-c7d2f0becc39}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{df4f655d-84fe-4624-812c-f9fd8b205f7a}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Internet Explorer:
==================
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-1444543506-3402364255-3794872836-1001 -> DefaultScope {2DE1A778-D120-4A0C-A3AE-84A47FF06A6E} URL = hxxp://www.bing.com/search?FORM=U280DF&PC=U280 ... -SearchBox
SearchScopes: HKU\S-1-5-21-1444543506-3402364255-3794872836-1001 -> {2DE1A778-D120-4A0C-A3AE-84A47FF06A6E} URL = hxxp://www.bing.com/search?FORM=U280DF&PC=U280 ... -SearchBox
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Edge:
======
DownloadDir: C:\Users\magda\Desktop
Edge Notifications: HKU\S-1-5-21-1444543506-3402364255-3794872836-1001 -> hxxps://www.automobilovedily24.cz; hxxps://navratdoreality.cz; hxxps://www.spuntik.cz
FireFox:
========
FF DefaultProfile: rtlqy80i.default
FF ProfilePath: C:\Users\magda\AppData\Roaming\Mozilla\Firefox\Profiles\rtlqy80i.default [2020-07-13]
FF user.js: detected! => C:\Users\magda\AppData\Roaming\Mozilla\Firefox\Profiles\rtlqy80i.default\user.js [2016-07-02]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-1444543506-3402364255-3794872836-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\magda\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-14] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-07-13]
Chrome:
=======
CHR Profile: C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default [2020-07-13]
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-27]
CHR Extension: (Dokumenty) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-27]
CHR Extension: (Disk Google) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-31]
CHR Extension: (YouTube) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-31]
CHR Extension: (OneTab) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2020-05-05]
CHR Extension: (Adblock na Youtube™) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-03-27]
CHR Extension: (Vyhledávání Google) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-31]
CHR Extension: (Adobe Acrobat) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-06-30]
CHR Extension: (Tabulky) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-29]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-07-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-02-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Gmail) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-30]
CHR Profile: C:\Users\magda\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-16]
CHR HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11600760 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9199512 2018-02-26] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [40544 2020-03-12] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2371248 2020-07-07] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2371248 2020-07-07] (ESET, spol. s r.o. -> ESET)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373712 2017-09-25] (Intel(R) pGFX -> Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2015-08-12] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [65904 2019-02-27] (Robert McNeel and Associates -> Robert McNeel & Associates)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 ePowerSvc; "C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_f010cc3692c89680\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_f010cc3692c89680\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
S3 QALSvc; "C:\Program Files\Acer\Acer Quick Access\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [159528 2020-07-07] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106640 2020-07-07] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [195456 2020-07-07] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [53064 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79536 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116488 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-07-28] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-07-28] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_f010cc3692c89680\nvlddmkm.sys [23439288 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Qcamain; C:\WINDOWS\System32\drivers\Qcamainx64.sys [2276352 2015-07-10] (Qualcomm Atheros, Inc.) [File not signed]
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [51368 2015-05-11] (Synaptics Incorporated -> Synaptics Incorporated)
R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2019-12-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [118200 2016-12-20] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-13 20:25 - 2020-07-13 20:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-07-13 20:20 - 2020-07-13 20:20 - 000000004 ____H C:\ProgramData\cm-lock
2020-07-13 19:44 - 2020-07-13 20:03 - 000003174 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2020-07-13 18:20 - 2020-07-13 18:27 - 000059575 _____ C:\Users\magda\Desktop\Addition.txt
2020-07-13 18:13 - 2020-07-13 20:35 - 000041983 _____ C:\Users\magda\Desktop\FRST.txt
2020-07-13 18:12 - 2020-07-13 20:35 - 000000000 ____D C:\FRST
2020-07-13 18:07 - 2020-07-13 19:43 - 000000000 ____D C:\AdwCleaner
2020-07-13 14:42 - 2020-07-13 14:42 - 000000000 ____D C:\Users\magda\Downloads\Ztratili jsme Stalina
2020-07-13 14:24 - 2020-07-13 18:07 - 000000000 ____D C:\Program Files (x86)\uTorrent
2020-07-13 14:22 - 2020-07-13 14:22 - 000399736 _____ (BitTorrent, Inc.) C:\Users\magda\Downloads\utorrent_2.2.1_build_25302.exe
2020-07-13 14:19 - 2020-07-13 14:20 - 002292736 _____ (Farbar) C:\Users\magda\Desktop\FRST64.exe
2020-07-13 14:18 - 2020-07-13 14:19 - 008420016 _____ (Malwarebytes) C:\Users\magda\Downloads\adwcleaner_8.0.6.exe
2020-07-13 14:16 - 2020-07-13 14:16 - 000000000 _____ C:\Users\magda\Downloads\Nepotvrzeno 930698.crdownload
2020-07-13 14:12 - 2020-07-13 14:12 - 000032532 _____ C:\Users\magda\Downloads\[CzT]Ztratili_jsme_Stalina_The_Death_of_Stalin_2017_CZ_EN_1080pHD_.torrent
2020-07-09 09:52 - 2020-07-09 09:52 - 000000000 ____D C:\Users\magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-28 11:04 - 2020-06-28 11:04 - 000037194 _____ C:\Users\magda\Downloads\OTAZKY-zk-2020 (1).pdf
2020-06-28 11:00 - 2020-06-28 11:00 - 004188703 _____ C:\Users\magda\Downloads\poklady-sgea-2017-teorie-1-17-umet-priklady-s-vypoctem-prednasky-necti.pdf
2020-06-24 21:55 - 2020-06-24 23:11 - 000012122 _____ C:\Users\magda\Downloads\interpolace.xlsx
2020-06-23 06:49 - 2020-06-23 06:49 - 000159885 _____ C:\Users\magda\Downloads\total-v-pdf.pdf
2020-06-22 22:45 - 2020-06-28 11:02 - 000041364 _____ C:\Users\magda\Downloads\KOMPLEXNÍ-ÚLOHA (1).xlsx
2020-06-22 21:41 - 2020-07-13 20:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-22 16:21 - 2020-06-22 16:21 - 000037194 _____ C:\Users\magda\Downloads\OTAZKY-zk-2020.pdf
2020-06-22 15:20 - 2020-06-22 15:20 - 000013778 _____ C:\Users\magda\Downloads\SGEA-komplexní-úloha.xlsx
2020-06-22 14:01 - 2020-06-22 14:01 - 000006826 _____ C:\Users\magda\Downloads\ja-a-spol.pdf
2020-06-22 14:00 - 2020-06-22 14:00 - 000172378 _____ C:\Users\magda\Downloads\matelna_23.4..pdf
2020-06-22 14:00 - 2020-06-22 14:00 - 000166947 _____ C:\Users\magda\Downloads\Vrstevnice_KÚ_.pdf
2020-06-22 14:00 - 2020-06-22 14:00 - 000006466 _____ C:\Users\magda\Downloads\ut.pdf
2020-06-20 15:25 - 2020-06-20 15:25 - 000068442 _____ C:\Users\magda\OneDrive\Dokumenty\Gmail - Hranice pozemku.pdf
2020-06-20 15:23 - 2020-06-20 15:23 - 000109608 _____ C:\Users\magda\OneDrive\Dokumenty\Gmail - Jiří Průša - sousedovi psi - neustalé štěkání psů na cokoli.pdf
2020-06-17 19:13 - 2020-06-17 19:14 - 037219357 _____ C:\Users\magda\Downloads\peli.pdf
2020-06-15 18:41 - 2020-06-15 18:41 - 001479226 _____ C:\Users\magda\Downloads\Zakladni_pripady_1.pdf
2020-06-14 10:36 - 2020-06-14 10:36 - 006033782 _____ C:\Users\magda\Downloads\Sbirka_prikladu_SNK.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-13 20:31 - 2018-02-12 18:19 - 000000000 ____D C:\Users\magda\AppData\LocalLow\Mozilla
2020-07-13 20:29 - 2016-09-28 21:01 - 000000000 ____D C:\ProgramData\NVIDIA
2020-07-13 20:25 - 2018-02-12 18:16 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-07-13 20:25 - 2018-02-12 18:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-13 20:22 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-13 20:22 - 2015-12-31 16:56 - 000000000 __SHD C:\Users\magda\IntelGraphicsProfiles
2020-07-13 20:21 - 2019-07-13 00:39 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-07-13 20:20 - 2019-09-19 20:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-13 20:19 - 2020-03-28 10:02 - 000017089 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-07-13 20:19 - 2020-03-28 10:02 - 000011747 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-07-13 20:19 - 2020-03-28 10:01 - 000018845 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-07-13 20:19 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-07-13 20:04 - 2020-03-28 10:02 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-07-13 20:02 - 2018-02-24 18:19 - 000000000 ____D C:\Program Files (x86)\Amazon
2020-07-13 20:02 - 2015-07-16 05:34 - 000000000 ____D C:\Program Files\Acer
2020-07-13 20:02 - 2015-07-16 05:31 - 000000000 ____D C:\ProgramData\Acer
2020-07-13 20:02 - 2015-07-16 05:31 - 000000000 ____D C:\Program Files (x86)\Acer
2020-07-13 19:54 - 2016-08-28 12:49 - 000000000 ____D C:\Users\magda\AppData\Roaming\Skype
2020-07-13 19:42 - 2019-09-19 19:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-13 18:30 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-13 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-13 18:07 - 2017-07-13 16:29 - 000000000 ____D C:\Users\magda\AppData\Roaming\vlc
2020-07-13 18:06 - 2015-12-31 17:07 - 000000000 ____D C:\Users\magda\AppData\Local\CrashDumps
2020-07-13 18:05 - 2017-07-12 21:14 - 000000000 ____D C:\Users\magda\AppData\Roaming\uTorrent
2020-07-13 14:10 - 2018-02-05 08:58 - 000002077 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-07-13 14:10 - 2018-02-05 08:58 - 000002075 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-07-13 14:10 - 2018-02-05 08:58 - 000002065 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-07-13 14:10 - 2018-02-05 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-07-09 09:54 - 2019-03-22 13:27 - 000000000 ____D C:\Users\magda\AppData\Roaming\Dropbox
2020-07-08 00:27 - 2019-09-19 20:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-07-08 00:26 - 2016-01-03 21:03 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-07-07 21:20 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-07-07 21:19 - 2018-11-29 11:54 - 000159528 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2020-07-07 21:19 - 2018-11-29 11:54 - 000106640 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2020-07-07 21:19 - 2018-10-17 16:37 - 000195456 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2020-07-07 21:19 - 2018-10-17 16:37 - 000116488 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2020-07-07 21:19 - 2018-10-17 16:37 - 000079536 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2020-07-07 21:19 - 2018-10-17 16:37 - 000053064 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2020-06-28 11:39 - 2017-12-04 00:58 - 000000000 ____D C:\Users\magda\AppData\Local\Packages
2020-06-28 10:46 - 2019-09-19 20:04 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1444543506-3402364255-3794872836-1001
2020-06-28 10:46 - 2019-09-19 19:36 - 000002414 _____ C:\Users\magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-28 10:46 - 2019-09-16 10:27 - 000000000 ___RD C:\Users\magda\OneDrive - České vysoké učení technické v Praze
2020-06-28 10:46 - 2015-12-31 16:59 - 000000000 ___RD C:\Users\magda\OneDrive
2020-06-24 22:23 - 2015-12-31 15:44 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 22:23 - 2015-12-31 15:44 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-20 15:16 - 2019-09-19 19:48 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-20 15:16 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-06-20 15:16 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-06-17 07:43 - 2015-08-12 20:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
==================== Files in the root of some directories ========
2018-11-18 12:49 - 2018-11-18 12:49 - 000000410 _____ () C:\Users\magda\AppData\Local\oobelibMkey.log
2016-07-27 23:48 - 2016-07-27 23:48 - 000000000 _____ () C:\Users\magda\AppData\Local\{09BDF7FF-74A1-4316-BA1D-236B4BD981CB}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
prosím Vás o kontrolu pomalého notebooku.
Posílám logy z FRST a adwcleaneru.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.6.0
# -------------------------------
# Build: 06-24-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-13-2020
# Duration: 00:01:40
# OS: Windows 10 Home
# Cleaned: 67
# Failed: 1
***** [ Services ] *****
Deleted Amazon Assistant Service
***** [ Folders ] *****
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
Deleted C:\Users\Public\Pokki
Deleted C:\Users\magda\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Deleted C:\extensions
Not Deleted C:\Program Files (x86)\Amazon\Amazon Assistant
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Users\magda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
Deleted C:\Users\magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Users\magda\Desktop\App Explorer.lnk
Deleted C:\Users\magda\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\LocalService\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\NetworkService\Desktop\App Explorer.lnk
Deleted C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\AppDataLow\Software\Amazon\AmazonAssistant
Deleted HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\titan.service.amazonbrowserapp.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\amazonbrowserapp.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\analytics.app.amazonbrowserapp.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\Amazon Assistant Service
Deleted HKLM\Software\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
Deleted HKLM\Software\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\Software\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
Deleted HKLM\Software\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKLM\Software\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
Deleted HKLM\Software\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
Deleted HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted HKLM\Software\Wow6432Node\Amazon\AmazonAssistant
Deleted HKLM\Software\Wow6432Node\\AppDataLow\Software\Amazon\AmazonAssistant
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\Amazon Assistant Service
Deleted HKU\.DEFAULT\Software\AppDataLow\Software\Amazon\AmazonAssistant
Deleted HKU\S-1-5-18\Software\AppDataLow\Software\Amazon\AmazonAssistant
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [14309 octets] - [13/07/2020 18:42:00]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
__________________________________________________________________________________________________
# -------------------------------
# Malwarebytes AdwCleaner 8.0.6.0
# -------------------------------
# Build: 06-24-2020
# Database: 2020-06-15.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-13-2020
# Duration: 00:00:35
# OS: Windows 10 Home
# Cleaned: 49
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Amazon\Amazon Assistant
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Deleted Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Deleted Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Deleted Preinstalled.AcerCareCenter File C:\Users\Public\Desktop\Acer Care Center.lnk
Deleted Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91F9D2B6-9405-4B55-8297-BF24C7AD5C78}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91F9D2B6-9405-4B55-8297-BF24C7AD5C78}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD6F702C-470B-4241-8589-E1071B89BA8F}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Deleted Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Deleted Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Deleted Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Deleted Preinstalled.AcerDocsOfficeAddIn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DCBF3379-246B-47E1-8173-639B63940838}
Deleted Preinstalled.AcerExplorerAgent Folder C:\Program Files\ACER\ACER EXPLORER AGENT
Deleted Preinstalled.AcerExplorerAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}
Deleted Preinstalled.AcerPortal Folder C:\Program Files (x86)\ACER\ACER PORTAL
Deleted Preinstalled.AcerPortal Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AcerPortal
Deleted Preinstalled.AcerPortal Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Deleted Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER POWER MANAGEMENT
Deleted Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AA349F2-D485-4808-97C3-9210CD562CE0}
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{804FB1CD-8E38-4C73-8E4A-441767EAC694}
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Deleted Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}
Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Deleted Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Deleted Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Deleted Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Deleted Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Deleted Preinstalled.AcerabDocs File C:\Users\Public\Desktop\abDocs.lnk
Deleted Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS
Deleted Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS OFFICE ADDIN
Deleted Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{84F856AE-8436-43AB-90A3-3206B5D970AD}
Deleted Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abDocsDllLoader
Deleted Preinstalled.AcerabDocs Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|abDocsDllLoader
Deleted Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
Deleted Preinstalled.AcerabDocs Task C:\Windows\System32\Tasks\ABDOCSDLLLOADER
Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AD314E7-2C76-4E98-96D6-C11E75FBED77}
Deleted Preinstalled.GatewayPowerManagement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Management
Deleted Preinstalled.GatewayPowerManagement Task C:\Windows\System32\Tasks\POWER MANAGEMENT
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{91F52DE4-B789-42B0-9311-A349F10E5479}
Not Deleted Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [14309 octets] - [13/07/2020 18:42:00]
AdwCleaner[C00].txt - [7383 octets] - [13/07/2020 19:44:31]
AdwCleaner[S01].txt - [7465 octets] - [13/07/2020 20:00:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
___________________________________________________________________________________________________
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2020 01
Ran by magda (administrator) on LAPTOP-F30A982H (Acer Aspire E5-573G) (13-07-2020 20:34:01)
Running from C:\Users\magda\Desktop
Loaded Profiles: magda
Platform: Windows 10 Home Version 1909 18363.900 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporated -> ) C:\OEM\Preload\FubTracking\FubTracking.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Google LLC -> Google) C:\Users\magda\AppData\Local\Google\Chrome\User Data\SwReporter\83.238.200\software_reporter_tool.exe <4>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_f010cc3692c89680\Display.NvContainer\NVDisplay.Container.exe <2>
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Robert McNeel and Associates -> Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe <5>
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [185648 2020-07-07] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [795744 2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [460384 2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Run: [Google Update] => C:\Users\magda\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [48594832 2020-06-15] (Google LLC -> )
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\magda\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Run: [Dropbox Update] => C:\Users\magda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2019-03-22] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\magda\AppData\Local\Microsoft\Teams\Update.exe [2350776 2020-05-30] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\Policies\Explorer: []
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\...\MountPoints2: {085dc01d-411d-11e5-9bc7-806e6f6e6963} - "D:\Launcher.exe"
HKLM\...\Windows x64\Print Processors\Canon MG5100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAD.DLL [28672 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\ssj1MPC: C:\Windows\System32\spool\prtprocs\x64\ssj1mpc.dll [41984 2014-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5100 series: C:\Windows\system32\CNMLMAD.DLL [361472 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [393392 2016-07-21] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\ssj1M Langmon: C:\Windows\system32\ssj1mlm.dll [34304 2014-09-24] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2019-07-25]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2019-07-25]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\Users\magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2020-07-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\magda\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A69ACBD-F4E6-457C-BFBA-732A4DD3FED8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {12EEAC31-5A86-4E18-AA2F-FB68046B9BC9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001Core => C:\Users\magda\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-03-13] (Google Inc -> Google Inc.)
Task: {1541C799-EE6C-4EE4-9846-4F5DC50F6E58} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {17FBA92C-DEB7-4F10-8574-803923B6E8EA} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {1A7C7F52-0EB8-48B1-BFC6-DF31F74CD610} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1AB24802-A31B-4ECC-AA71-B4B0A774B8BF} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {220890F0-4904-49E1-AC7A-FC06A94FE59F} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {2253D082-8114-4270-9153-A5572074A0FB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001Core => C:\Users\magda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2019-03-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {22D0CD57-6FE4-4BAB-AD62-7BE0C55BFFD6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001Core1d2585319a925b8 => C:\Users\magda\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-03-13] (Google Inc -> Google Inc.)
Task: {26DFFC44-6580-41F4-A6BC-4C2816A74CF8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369344 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {26ED8D37-AD63-49E5-A65D-FFDBB24CB7B9} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {2B12EF23-A93C-4185-9F27-00DB6E823B64} - System32\Tasks\AdwCleaner_onReboot => C:\Users\magda\Downloads\adwcleaner_8.0.6.exe [8420016 2020-07-13] (Malwarebytes Inc -> Malwarebytes)
Task: {2B82380A-F8BE-4B92-B1F3-4643B6ED42B3} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [330240 2020-05-05] (Microsoft Windows -> Microsoft Corporation)
Task: {37429BC4-8C5E-4894-A6DB-E27ED63CCF24} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [110416 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {39C55BBA-8DF8-4E02-AD9B-900111A84539} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1571200 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {472750D3-9922-4224-ADED-EEBFB0FB605F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001UA => C:\Users\magda\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-03-13] (Google Inc -> Google Inc.)
Task: {51796746-956F-463F-A81A-491DE1CBB923} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-31] (Google Inc -> Google Inc.)
Task: {5760781E-9BD9-4A9D-8399-F6B07B586EE0} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {581FFAFA-0D0C-4A99-AB07-DA9ADCDF11F2} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-magdalena.prusova2@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5AA0BDFB-D852-422A-8B9C-FEFDD7362848} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {66060B82-E5E5-4D53-B12E-7EE71FDB0A8B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1331792 2020-05-07] (Adobe Inc. -> Adobe Inc.)
Task: {6628886D-B9F2-48C1-9B01-921A2C1CCD3E} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {69ED04EF-2D5A-416C-AF42-B089FED72961} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {6E90D7D4-ABF3-439A-B99D-86CB01ECF002} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [110416 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {74DA6176-8C04-4DB7-98D4-A64C39ED3F63} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {7D986849-3229-4A99-A802-868D85C7A710} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-31] (Google Inc -> Google Inc.)
Task: {7E36FBDC-8196-490E-8ECB-B037D43EA773} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {7F5FC9F3-14A8-451B-9691-D51C88A44D68} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [124624 2020-06-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {86553904-FF45-492D-922D-219660E72CE2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4460952 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E90DE31-8E6D-4F51-9674-1BA648B3448A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1421720 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {9105C382-16FD-4BC0-8C54-71ACD56429A8} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {921F925F-B906-4499-8D4D-10C813AC1FBC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4460952 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {9514BE35-03CE-4882-BC4C-26B8BA8317C6} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {963D0548-1350-439C-91DB-3B3E394E6CEE} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
Task: {9986C2FE-8067-40ED-BA40-6E23A6ACA69D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A9AA3E7E-95AE-4C22-861F-D48C97C538FC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AA059926-B05E-4E23-9B2B-66559AC34A6C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {AC4532CD-7892-4317-A1B1-CFA6D305219C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1421720 2020-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B944E398-0AF2-4B02-A858-1BAC873415DB} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {C1FFFD79-D3E2-4720-A7BB-4C4FB0A8A8F3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369344 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C34912FF-052D-401A-A0D1-3736A49A64E0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {CA812767-9688-48E8-8676-AB1DB8F06534} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D51A71FF-C29E-488A-B76C-F1EF99C1D2E7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001UA => C:\Users\magda\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2019-03-22] (Dropbox, Inc -> Dropbox, Inc.)
Task: {E647CCEC-F5E5-42A4-BD2E-2CA6B6BFD1A8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E6963C34-49FB-4AB7-9458-C936F4FB58B4} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
Task: {E7091A41-DF93-4DD7-8891-90A95BE56372} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3E0D659C-C7DC-46D3-A834-2178E994DF9B\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [330240 2020-05-05] (Microsoft Windows -> Microsoft Corporation)
Task: {E8599B00-CEB4-4C6E-BE9E-FF8CDAE35EF5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001UA1d2585319d21a08 => C:\Users\magda\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-03-13] (Google Inc -> Google Inc.)
Task: {F2760ABF-BD0B-46D4-B567-A165F171A159} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F79130D0-BE65-4989-B1C1-4263D6D4C67D} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001Core.job => C:\Users\magda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001UA.job => C:\Users\magda\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001Core.job => C:\Users\magda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1444543506-3402364255-3794872836-1001UA.job => C:\Users\magda\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{806b2942-e5df-4086-8e3b-661aa574741a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a83ab3f7-25ac-459a-8497-fa81f2211cff}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d732d955-21fd-4db8-94f2-c7d2f0becc39}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{df4f655d-84fe-4624-812c-f9fd8b205f7a}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Internet Explorer:
==================
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-1444543506-3402364255-3794872836-1001 -> DefaultScope {2DE1A778-D120-4A0C-A3AE-84A47FF06A6E} URL = hxxp://www.bing.com/search?FORM=U280DF&PC=U280 ... -SearchBox
SearchScopes: HKU\S-1-5-21-1444543506-3402364255-3794872836-1001 -> {2DE1A778-D120-4A0C-A3AE-84A47FF06A6E} URL = hxxp://www.bing.com/search?FORM=U280DF&PC=U280 ... -SearchBox
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Edge:
======
DownloadDir: C:\Users\magda\Desktop
Edge Notifications: HKU\S-1-5-21-1444543506-3402364255-3794872836-1001 -> hxxps://www.automobilovedily24.cz; hxxps://navratdoreality.cz; hxxps://www.spuntik.cz
FireFox:
========
FF DefaultProfile: rtlqy80i.default
FF ProfilePath: C:\Users\magda\AppData\Roaming\Mozilla\Firefox\Profiles\rtlqy80i.default [2020-07-13]
FF user.js: detected! => C:\Users\magda\AppData\Roaming\Mozilla\Firefox\Profiles\rtlqy80i.default\user.js [2016-07-02]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-1444543506-3402364255-3794872836-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\magda\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-14] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-07-13]
Chrome:
=======
CHR Profile: C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default [2020-07-13]
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-27]
CHR Extension: (Dokumenty) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-27]
CHR Extension: (Disk Google) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-31]
CHR Extension: (YouTube) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-31]
CHR Extension: (OneTab) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2020-05-05]
CHR Extension: (Adblock na Youtube™) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2019-03-27]
CHR Extension: (Vyhledávání Google) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-31]
CHR Extension: (Adobe Acrobat) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-06-30]
CHR Extension: (Tabulky) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-29]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-07-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-02-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Gmail) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\magda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-30]
CHR Profile: C:\Users\magda\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-16]
CHR HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-1444543506-3402364255-3794872836-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11600760 2020-06-03] (Microsoft Corporation -> Microsoft Corporation)
R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9199512 2018-02-26] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [40544 2020-03-12] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2371248 2020-07-07] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2371248 2020-07-07] (ESET, spol. s r.o. -> ESET)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373712 2017-09-25] (Intel(R) pGFX -> Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2015-08-12] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [65904 2019-02-27] (Robert McNeel and Associates -> Robert McNeel & Associates)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 ePowerSvc; "C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_f010cc3692c89680\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_f010cc3692c89680\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
S3 QALSvc; "C:\Program Files\Acer\Acer Quick Access\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [159528 2020-07-07] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106640 2020-07-07] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [195456 2020-07-07] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [53064 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79536 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116488 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-07-28] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-07-28] (Malwarebytes Corporation -> Malwarebytes)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_f010cc3692c89680\nvlddmkm.sys [23439288 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2020-04-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Qcamain; C:\WINDOWS\System32\drivers\Qcamainx64.sys [2276352 2015-07-10] (Qualcomm Atheros, Inc.) [File not signed]
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [51368 2015-05-11] (Synaptics Incorporated -> Synaptics Incorporated)
R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2019-12-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [118200 2016-12-20] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-13 20:25 - 2020-07-13 20:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-07-13 20:20 - 2020-07-13 20:20 - 000000004 ____H C:\ProgramData\cm-lock
2020-07-13 19:44 - 2020-07-13 20:03 - 000003174 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2020-07-13 18:20 - 2020-07-13 18:27 - 000059575 _____ C:\Users\magda\Desktop\Addition.txt
2020-07-13 18:13 - 2020-07-13 20:35 - 000041983 _____ C:\Users\magda\Desktop\FRST.txt
2020-07-13 18:12 - 2020-07-13 20:35 - 000000000 ____D C:\FRST
2020-07-13 18:07 - 2020-07-13 19:43 - 000000000 ____D C:\AdwCleaner
2020-07-13 14:42 - 2020-07-13 14:42 - 000000000 ____D C:\Users\magda\Downloads\Ztratili jsme Stalina
2020-07-13 14:24 - 2020-07-13 18:07 - 000000000 ____D C:\Program Files (x86)\uTorrent
2020-07-13 14:22 - 2020-07-13 14:22 - 000399736 _____ (BitTorrent, Inc.) C:\Users\magda\Downloads\utorrent_2.2.1_build_25302.exe
2020-07-13 14:19 - 2020-07-13 14:20 - 002292736 _____ (Farbar) C:\Users\magda\Desktop\FRST64.exe
2020-07-13 14:18 - 2020-07-13 14:19 - 008420016 _____ (Malwarebytes) C:\Users\magda\Downloads\adwcleaner_8.0.6.exe
2020-07-13 14:16 - 2020-07-13 14:16 - 000000000 _____ C:\Users\magda\Downloads\Nepotvrzeno 930698.crdownload
2020-07-13 14:12 - 2020-07-13 14:12 - 000032532 _____ C:\Users\magda\Downloads\[CzT]Ztratili_jsme_Stalina_The_Death_of_Stalin_2017_CZ_EN_1080pHD_.torrent
2020-07-09 09:52 - 2020-07-09 09:52 - 000000000 ____D C:\Users\magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2020-06-28 11:04 - 2020-06-28 11:04 - 000037194 _____ C:\Users\magda\Downloads\OTAZKY-zk-2020 (1).pdf
2020-06-28 11:00 - 2020-06-28 11:00 - 004188703 _____ C:\Users\magda\Downloads\poklady-sgea-2017-teorie-1-17-umet-priklady-s-vypoctem-prednasky-necti.pdf
2020-06-24 21:55 - 2020-06-24 23:11 - 000012122 _____ C:\Users\magda\Downloads\interpolace.xlsx
2020-06-23 06:49 - 2020-06-23 06:49 - 000159885 _____ C:\Users\magda\Downloads\total-v-pdf.pdf
2020-06-22 22:45 - 2020-06-28 11:02 - 000041364 _____ C:\Users\magda\Downloads\KOMPLEXNÍ-ÚLOHA (1).xlsx
2020-06-22 21:41 - 2020-07-13 20:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-06-22 16:21 - 2020-06-22 16:21 - 000037194 _____ C:\Users\magda\Downloads\OTAZKY-zk-2020.pdf
2020-06-22 15:20 - 2020-06-22 15:20 - 000013778 _____ C:\Users\magda\Downloads\SGEA-komplexní-úloha.xlsx
2020-06-22 14:01 - 2020-06-22 14:01 - 000006826 _____ C:\Users\magda\Downloads\ja-a-spol.pdf
2020-06-22 14:00 - 2020-06-22 14:00 - 000172378 _____ C:\Users\magda\Downloads\matelna_23.4..pdf
2020-06-22 14:00 - 2020-06-22 14:00 - 000166947 _____ C:\Users\magda\Downloads\Vrstevnice_KÚ_.pdf
2020-06-22 14:00 - 2020-06-22 14:00 - 000006466 _____ C:\Users\magda\Downloads\ut.pdf
2020-06-20 15:25 - 2020-06-20 15:25 - 000068442 _____ C:\Users\magda\OneDrive\Dokumenty\Gmail - Hranice pozemku.pdf
2020-06-20 15:23 - 2020-06-20 15:23 - 000109608 _____ C:\Users\magda\OneDrive\Dokumenty\Gmail - Jiří Průša - sousedovi psi - neustalé štěkání psů na cokoli.pdf
2020-06-17 19:13 - 2020-06-17 19:14 - 037219357 _____ C:\Users\magda\Downloads\peli.pdf
2020-06-15 18:41 - 2020-06-15 18:41 - 001479226 _____ C:\Users\magda\Downloads\Zakladni_pripady_1.pdf
2020-06-14 10:36 - 2020-06-14 10:36 - 006033782 _____ C:\Users\magda\Downloads\Sbirka_prikladu_SNK.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-13 20:31 - 2018-02-12 18:19 - 000000000 ____D C:\Users\magda\AppData\LocalLow\Mozilla
2020-07-13 20:29 - 2016-09-28 21:01 - 000000000 ____D C:\ProgramData\NVIDIA
2020-07-13 20:25 - 2018-02-12 18:16 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-07-13 20:25 - 2018-02-12 18:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-07-13 20:22 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-13 20:22 - 2015-12-31 16:56 - 000000000 __SHD C:\Users\magda\IntelGraphicsProfiles
2020-07-13 20:21 - 2019-07-13 00:39 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-07-13 20:20 - 2019-09-19 20:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-13 20:19 - 2020-03-28 10:02 - 000017089 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-07-13 20:19 - 2020-03-28 10:02 - 000011747 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-07-13 20:19 - 2020-03-28 10:01 - 000018845 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-07-13 20:19 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-07-13 20:04 - 2020-03-28 10:02 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-07-13 20:02 - 2018-02-24 18:19 - 000000000 ____D C:\Program Files (x86)\Amazon
2020-07-13 20:02 - 2015-07-16 05:34 - 000000000 ____D C:\Program Files\Acer
2020-07-13 20:02 - 2015-07-16 05:31 - 000000000 ____D C:\ProgramData\Acer
2020-07-13 20:02 - 2015-07-16 05:31 - 000000000 ____D C:\Program Files (x86)\Acer
2020-07-13 19:54 - 2016-08-28 12:49 - 000000000 ____D C:\Users\magda\AppData\Roaming\Skype
2020-07-13 19:42 - 2019-09-19 19:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-13 18:30 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-13 18:30 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-13 18:07 - 2017-07-13 16:29 - 000000000 ____D C:\Users\magda\AppData\Roaming\vlc
2020-07-13 18:06 - 2015-12-31 17:07 - 000000000 ____D C:\Users\magda\AppData\Local\CrashDumps
2020-07-13 18:05 - 2017-07-12 21:14 - 000000000 ____D C:\Users\magda\AppData\Roaming\uTorrent
2020-07-13 14:10 - 2018-02-05 08:58 - 000002077 _____ C:\Users\Public\Desktop\Google Slides.lnk
2020-07-13 14:10 - 2018-02-05 08:58 - 000002075 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2020-07-13 14:10 - 2018-02-05 08:58 - 000002065 _____ C:\Users\Public\Desktop\Google Docs.lnk
2020-07-13 14:10 - 2018-02-05 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2020-07-09 09:54 - 2019-03-22 13:27 - 000000000 ____D C:\Users\magda\AppData\Roaming\Dropbox
2020-07-08 00:27 - 2019-09-19 20:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-07-08 00:26 - 2016-01-03 21:03 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-07-07 21:20 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-07-07 21:19 - 2018-11-29 11:54 - 000159528 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2020-07-07 21:19 - 2018-11-29 11:54 - 000106640 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2020-07-07 21:19 - 2018-10-17 16:37 - 000195456 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2020-07-07 21:19 - 2018-10-17 16:37 - 000116488 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2020-07-07 21:19 - 2018-10-17 16:37 - 000079536 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2020-07-07 21:19 - 2018-10-17 16:37 - 000053064 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2020-06-28 11:39 - 2017-12-04 00:58 - 000000000 ____D C:\Users\magda\AppData\Local\Packages
2020-06-28 10:46 - 2019-09-19 20:04 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1444543506-3402364255-3794872836-1001
2020-06-28 10:46 - 2019-09-19 19:36 - 000002414 _____ C:\Users\magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-28 10:46 - 2019-09-16 10:27 - 000000000 ___RD C:\Users\magda\OneDrive - České vysoké učení technické v Praze
2020-06-28 10:46 - 2015-12-31 16:59 - 000000000 ___RD C:\Users\magda\OneDrive
2020-06-24 22:23 - 2015-12-31 15:44 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 22:23 - 2015-12-31 15:44 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-20 15:16 - 2019-09-19 19:48 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-20 15:16 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-06-20 15:16 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-06-17 07:43 - 2015-08-12 20:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
==================== Files in the root of some directories ========
2018-11-18 12:49 - 2018-11-18 12:49 - 000000410 _____ () C:\Users\magda\AppData\Local\oobelibMkey.log
2016-07-27 23:48 - 2016-07-27 23:48 - 000000000 _____ () C:\Users\magda\AppData\Local\{09BDF7FF-74A1-4316-BA1D-236B4BD981CB}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================