VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

bluescreeny a restarty - prosím o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=157975

Stránka 1 z 2

bluescreeny a restarty - prosím o kontrolu

Napsal: 21 bře 2021 20:33
od kaaposch
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-03-2021
Ran by Kapucky (21-03-2021 20:29:10)
Running from C:\Users\Kapucky\Desktop
Windows 10 Home Version 2004 19041.867 (X64) (2020-11-10 06:45:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2525883802-2620883698-3047885965-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2525883802-2620883698-3047885965-503 - Limited - Disabled)
Guest (S-1-5-21-2525883802-2620883698-3047885965-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2525883802-2620883698-3047885965-1003 - Limited - Enabled)
Kapucky (S-1-5-21-2525883802-2620883698-3047885965-1001 - Administrator - Enabled) => C:\Users\Kapucky
WDAGUtilityAccount (S-1-5-21-2525883802-2620883698-3047885965-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (HKLM-x32\...\{23170F69-40C1-2701-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Reader XI (11.0.13) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 89.0.8689.90 - AVAST Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.68.1077 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Cubify Invent (HKLM-x32\...\{603AFBD1-85BB-4BCD-B42E-E1BD1C34652C}) (Version: 1.0.0.10007 - 3D Systems)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Discord (HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DolbyFiles (HKLM-x32\...\{b1adf008-e898-4fe2-8a1f-690d9a06acaf}) (Version: 0.1 - Nero AG) Hidden
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - )
Dropbox (HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\Dropbox) (Version: 118.4.460 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
K-Lite Codec Pack 9.4.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.4.0 - )
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.57 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MotionDV STUDIO 5.3E LE for DV (HKLM-x32\...\{43F8F1E5-C740-4293-A309-EA9DD6474DB1}) (Version: - )
Mozilla Firefox 86.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 86.0.1 (x64 cs)) (Version: 86.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 86.0.1.7739 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Tag (HKLM-x32\...\{2ADBD0DD-F146-413E-8C3A-285592BD10F0}) (Version: 2.08 - Wide Angle Software)
Nero 9 Essentials (HKLM-x32\...\{baf459c9-fe42-429a-ab4f-7fab4348549c}) (Version: - Nero AG)
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
Oxford Grammar for Schools 1 (HKLM-x32\...\Oxford Grammar for Schools 1 1.0) (Version: 1.0 - Oxford University Press)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.)
Recepty doma (HKLM-x32\...\Recepty doma_is1) (Version: - Martin Roubec)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.69 (HKLM-x32\...\Skype_is1) (Version: 8.69 - Skype Technologies S.A.)
Splash Lite (HKLM-x32\...\{8B4A6011-BB10-4918-B561-3F6CF5712B37}) (Version: 1.7.1 - Mirillis)
Stamp ID3 Tag Editor (HKLM-x32\...\Stamp) (Version: 2.39 - NCH Software)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1220 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.15.5 - TeamViewer)
TL-WN751ND Driver (HKLM-x32\...\{14770694-6C1C-4137-95F9-6F934D8491B4}) (Version: 1.00.0000 - TP-LINK)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zacek v2.1 (HKLM-x32\...\Zacek v2.1) (Version: - )

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0 [2021-03-07] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{04271989-C4D2-B969-45A7-C10075E5CB10} -> [OneDrive - ZŠ Týniště nad Orlicí] => C:\Users\Kapucky\OneDrive - ZŠ Týniště nad Orlicí [2020-12-13 17:06]
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Kapucky\Dropbox [2014-01-15 16:28]
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [dropbox-NamespaceExtensionRole.Business] => 0
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2009-07-16] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2525883802-2620883698-3047885965-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2525883802-2620883698-3047885965-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2525883802-2620883698-3047885965-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.DVSD] => C:\Windows\SysWOW64\pdvcodec.dll [215552 2000-11-21] (Matsushita Electric Industrial Co., Ltd.) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Kapucky\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\Kapucky\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co
ShortcutWithArgument: C:\Users\Kapucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Network File Share for Chrome OS.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=ndjpildffkeodjdaeebdhnncfhopkajk
ShortcutWithArgument: C:\Users\Kapucky\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2018-02-04 21:00 - 2021-02-12 21:46 - 002552320 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-08-27 13:23 - 2021-02-12 21:46 - 000388608 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\swiftshader\libegl.dll
2019-08-27 13:23 - 2021-02-12 21:46 - 002863104 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\swiftshader\libglesv2.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 000817152 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 000214528 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-11-04 16:43 - 2015-11-04 16:43 - 000102400 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 003650560 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\A4.Foundation\504009a76ca5422320da1d8f31324306\A4.Foundation.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\67f7ac3082c8dc1f8606d43126fdfbba\AEM.Actions.CCAA.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\989928877965673a163a9f15bea48de8\AEM.Plugin.EEU.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\47212c976ed152f62c1701ee4d67dd36\AEM.Plugin.Hotkeys.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.4adf1574#\33904cf7a5466d3189332af87f797a26\AEM.Plugin.Audio.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\b603f1d268edaae6a086e0be78dd68c4\AEM.Plugin.DPPE.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\b0eaf5f5470526e1dbf4b00b0812647c\AEM.Plugin.Source.Kit.Server.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\e6798b6d8848f78aa2dd9a4696e41d1f\AEM.Plugin.WinMessages.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\a2aed8a22c9f7274548f5444ef423776\AEM.Plugin.REG.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\669d2e086d4ef7f4c672719a4731dfec\AEM.Plugin.GD.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\e983328f61fd6adcb06f474b32692f8b\AEM.Server.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AEM.Server\a9630ac1088c78e8bc84bdb17d0294e6\AEM.Server.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Foundation\e22f70cf6e808423818d5941b97af063\APM.Foundation.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ATICCCom\21b2337f43c4525036285b84f408c786\ATICCCom.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\f9fa1a0f72e03bc960487c9bfbbcbd0f\CCC.Implementation.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.2042675f#\5ac4a102e8f425d31c680508936b38ed\CLI.Aspect.CPUPStates.Fuel.Dashboard.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\a9603c2260034290d27ed9a985d109a1\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\6f0c51454cf6fe37b3fa76c5d9bea625\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\3a63e1c99f02b2a029942ec669f669de\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\cc65a8a8b696e453985bd50e3fb6fadb\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\2ce2e16a1b3d8a418d29d8481e46f4d5\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\9c8b183b8b2d1edf733880bf5d6f51b3\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\12e1224b7697dbf9ae06849c541aab48\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000152576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4ede500c#\4c42fbf895674e55a35556467e0e7ef4\CLI.Aspect.DPPE.Fuel.Dashboard.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.52c6dbaa#\3571fd853748bbc08417641253644955\CLI.Aspect.FPS.Graphics.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\de4944dd979e37be97a5bb3ba5d89952\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000111616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.5a772e69#\1b82ebf8a8bd551316fc393b9e91b931\CLI.Aspect.Fets.Fuel.Dashboard.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.648b65fc#\691b77d00fb7dff44b18ece377d28de3\CLI.Aspect.WiFi.Fuel.Dashboard.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\321d5af631bfd23e97ccc9392d54e11d\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000365056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\b53a5197ca28c78387657a73578c91c1\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000064000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8350f5c6#\1dae620b07c587cc56f71edcb9abd0fe\CLI.Aspect.UpdateNotification.Graphics.Runtime.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000678912 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\89626d09efd748298bab05f92eecd334\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000745472 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\2c9d8875cc4a5745a4c083c7868b8531\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000449536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\7609f2eb2646b815f2764279ec7f73e5\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9cd1e9e7#\f2e30fd3807666f9f9ea067c64f48d11\CLI.Aspect.FPS.Graphics.Dashboard.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000158208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\d0309a81e0978385b0d7f32031c8f852\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a6cd7fff#\3a5ed4dadc9293778206ac11bdbe9dab\CLI.Aspect.FPS.Graphics.Runtime.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000082944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a765109e#\b5313836cf34197fa217c5b6e45faa01\CLI.Aspect.UpdateNotification.Graphics.Dashboard.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\0ad22c300e3ed00603785497beada098\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\e89549ae2b2e17978f72b50e822d624c\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\d40e032fafac767775eda8ef1d457546\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000023552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c2a2b491#\29d7a2f6488c0dc935c0f1d624c89272\CLI.Aspect.WiFi.Fuel.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000340992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\fb19e27f48a4d6fb6cd05dd3c6e1cf8a\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\d31cb1aa84a9d72c0ba72ad9a6ea24a0\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000081408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.caa5cc64#\1b84c5ce6b9f0337e8a6fbf683350e81\CLI.Aspect.Fets.Fuel.Shared.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 001315840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d7e090dc#\b2b0192c5c64f50d17f023c827532ed2\CLI.Aspect.User.Fuel.Dashboard.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000276480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\d47a088fdc12d125b3f7ab4423073839\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 003312640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\e07642fe5123f264699524c0c643e17b\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000240640 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\bf85ad6e6f75da0f7b473a5475e32d0d\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000047616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\2b5a547f6596ab73827123138850439f\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.efd83192#\46ee6cce095f233287f426894a624a26\CLI.Aspect.CPUPStates.Fuel.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f45bd021#\17e2c26448dc4064a04fae89a651b318\CLI.Aspect.DPPE.Fuel.Shared.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f480a2f3#\d9ea0ef4ac5c5228ed2cb9db34b1403b\CLI.Aspect.UpdateNotification.Graphics.Shared.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\925c78a359c1adb7e43fc67cad42479e\CLI.Caste.A4.Runtime.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\17cd45c4a457956c53efef4741de31b4\CLI.Caste.A4.Shared.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\4874c33aa08e512e0137797b922bf2db\CLI.Caste.A4.Dashboard.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\28728358e3c92894aa22b51ee9397d0f\CLI.Caste.Fuel.Shared.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\72eedccb128d081184f821a44373b882\CLI.Caste.Fuel.Runtime.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\c3da6768bbfcd0f3a8990fe2fdbc859c\CLI.Caste.Fuel.Dashboard.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\ed6ffd99c44162498d16265cb05ac951\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 001555456 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\7e1471007c18296952e9f9c546602e67\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000587776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\7a15212c13910f7c7156bd58ad130be9\CLI.Caste.Graphics.Dashboard.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\e3c1dc0d2f08637cece90af92247ac2d\CLI.Caste.HydraVision.Runtime.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\7285fd2f3abeac5ffdb7656667243bca\CLI.Caste.HydraVision.Shared.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\ce139fef2ae55fcc3b5357c5102548df\CLI.Caste.HydraVision.Dashboard.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\2697dbde0038735008f8ace4ef841f76\CLI.Caste.Platform.Shared.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\d6bdf9c7d0a98eacf89512d720a8b529\CLI.Caste.Platform.Runtime.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\506e0608441ec480f89fa9692bbdcdf7\CLI.Caste.Platform.Dashboard.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000350720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combinee84f0351#\c1592b317007b0b6bd13ad952021ab93\CLI.Combined.Fusion.Aspects.Runtime.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\34b1f406a82517621c9daa46453e1470\CLI.Component.Runtime.Shared.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000901632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone26c9c557#\846b64ed83ff511edf18c7deb0dffbae\CLI.Component.Systemtray.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\ff0f3cb91d2f22bc8db4b9ea47ead86b\CLI.Component.Dashboard.ProfileManager2.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\fdb917d7e3e2ccc03d919b082a47b276\CLI.Component.Runtime.Shared.Private.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\6963cb4bda6e3cf26f7a03c529016c11\CLI.Component.Runtime.Extension.EEU.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 001609728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\f9f151d19d1cd80491e8d56dec54829f\CLI.Component.Dashboard.Shared.Private.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\dc7320ba432b7b7544af0980ca9e043d\CLI.Component.Client.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000085504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\8f57b22f7372dd5e91e35d5dd341ea2b\CLI.Component.Dashboard.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000089600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\e9b46cc3181dfca562f816c01fbd4183\CLI.Foundation.Private.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\94a5c7a62d0c92253c5272e891663377\CLI.Foundation.XManifest.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\a2d3d1df090756f59607498843fc0b0c\CLI.Foundation.CoreAudioAPI.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 001079808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\ec76fa18911be4468cee67c0ec7ac979\CLI.Foundation.Client.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\b611c60477a92ea5b70423b0e8251f5c\CLI.Foundation.ni.dll
2021-03-10 10:10 - 2021-03-10 10:10 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\fd7b219025f5e39d31a27efe4dab12dd\DEM.Foundation.ni.dll
2021-03-10 10:10 - 2021-03-10 10:10 - 000115200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\bab6bf8e41b6a239c0450e30b1a414d8\DEM.Graphics.I0601.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\8d4f287c0f23318f38f14ac41b9ce587\DEM.Graphics.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\3288905e28c1e13d5556ef5b1bb6bc7f\Fuel.Foundation.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000296960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\a56941ff4d7b8fa35bf97e36bceb081c\LOG.Foundation.Implementation.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000150016 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\ef363ad4825f524c70c58529cf1a67e7\LOG.Foundation.Private.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000087552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\e2a268073020ec5071e649b39bd104dd\LOG.Foundation.Implementation.Private.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000132608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\afbbb03332de34bc30adc9cea4dc476d\LOG.Foundation.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\4ff0850644a34b090e8c975b85639a0f\MOM.Foundation.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\33595633ab79de02dad6da847d6a2c27\MOM.Implementation.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\e6a8651fa08bbbbed6a69273637b4d73\NEWAEM.Foundation.ni.dll
2012-04-11 10:40 - 2012-04-11 10:40 - 000067584 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.dll
2021-03-10 10:10 - 2021-03-10 10:10 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\3dfa366e26c9c0723b61007c125adae0\ADL.Foundation.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000256000 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\APM.Server\000abe60ded38b8f41bff648cda49d81\APM.Server.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000298496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\3c2a89bc00bc1e89336882dd896bc591\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 001654272 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\683bc237097a75929d8eb68642d561c8\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 006336512 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\3cc1291f99e1131073f77d161da98384\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 008027648 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\e9dcd982157cbe937948aeb0e7278abd\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 001159680 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\94faba5e5e943705543a7254304cea1b\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\f60d5eadbcde2b47b156bf2d2c6f06ea\CLI.Component.Client.Shared.Private.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000234496 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\7d75824e32561c112569fc4399dbe527\CLI.Component.Runtime.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000929280 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\f5d9345846945753f9c8805a381b5dd5\CLI.Component.Dashboard.ni.dll
2021-03-10 10:11 - 2021-03-10 10:11 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\e44ae33031747106d862bd9a8052a86d\DEM.Graphics.I0706.ni.dll
2021-03-10 10:11 - 2021-03-10 10:11 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\1322f87024b17052759b3f55b18c5209\DEM.Graphics.I0709.ni.dll
2021-03-10 10:11 - 2021-03-10 10:11 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\98fe3616e0d5d61da9a336d625b3efae\DEM.Graphics.I0712.ni.dll
2021-03-10 10:11 - 2021-03-10 10:11 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\4324096702e75f48f1e69049179a99e5\DEM.Graphics.I0804.ni.dll
2021-03-10 10:12 - 2021-03-10 10:12 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\291a9a107698194a132d19720e325d8c\DEM.Graphics.I0805.ni.dll
2021-03-10 10:12 - 2021-03-10 10:12 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\f3641aa7c2ae692dff22e730f7b2faba\DEM.Graphics.I0812.ni.dll
2021-03-10 10:12 - 2021-03-10 10:12 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\1eb500b7c24517bd0780e13f30e1f51e\DEM.Graphics.I0906.ni.dll
2021-03-10 10:11 - 2021-03-10 10:11 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\190dfeab7f7a4848eb3aa71fa95c7000\DEM.Graphics.I0912.ni.dll
2021-03-10 10:12 - 2021-03-10 10:12 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\14c71e125bcd784ee8237995ccf9045c\DEM.Graphics.I1010.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 001139200 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\e1492d701f1412bd715a4319b0633524\Localization.Foundation.Private.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 000244736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\e9ee3b13882a043ff83a0ac03db0a2d1\ResourceManagement.Foundation.Implementation.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\93fea3443c8d3f78f8d7124db68214be\ResourceManagement.Foundation.Private.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\498a095ffae3fd68308c669b17b5a29e\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 002845696 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\99d1548ac6a709e8c41c5751f22618a9\CLI.Caste.Graphics.Shared.ni.dll
2021-03-10 10:14 - 2021-03-10 10:14 - 003268096 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\fc0ca5b95afa8a0deb2a5fda1298de26\CLI.Caste.Graphics.Runtime.ni.dll
2013-09-20 13:50 - 2013-09-20 13:50 - 000518144 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll
2018-04-30 16:00 - 2018-04-30 16:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files (x86)\7-Zip\7-zip.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 000335360 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.W8090224c#\26c9e1d859a61995bada5e09c8e58497\Microsoft.WindowsAPICodePack.ni.dll
2021-03-10 10:13 - 2021-03-10 10:13 - 002546688 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.Wfbf9373c#\dc198537485dcf961597a849a4d52c0c\Microsoft.WindowsAPICodePack.Shell.ni.dll
2013-04-08 18:03 - 2013-04-08 18:03 - 000299008 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\PDF Architect\libcurl.dll
2013-04-08 18:03 - 2013-04-08 18:03 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\PDF Architect\LIBEAY32.dll
2013-04-08 18:03 - 2013-04-08 18:03 - 000274432 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\PDF Architect\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
IE Session Restore: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001 -> is enabled.
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-09 23:22 - 000000035 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kapucky\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 77.48.254.254 - 77.48.100.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

Network Binding:
=============
Připojení k místní síti: AppEx Networks Accelerator -> appex_acc (enabled)
Bezdrátové připojení k síti: AppEx Networks Accelerator -> appex_acc (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_9AF5A7FCB2476DC252D04F6964C90B14"
HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\StartupApproved\Run: => "OfficeSyncProcess"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F2E1FA47-F50C-4ABC-A535-4B7381667040}] => (Allow) C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{187E555F-5530-4B8B-A2B8-0A075E1E2975}] => (Allow) C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{DC901452-A5BB-4169-8A54-969F3819FC72}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DD45A6E7-E89A-4366-A7E5-DBF334FFB764}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{4974BDCE-E7E1-4056-B452-F75BC641BC03}C:\users\kapucky\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kapucky\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{6C13A6CD-0297-470D-9615-3FCCDE8B225E}C:\users\kapucky\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kapucky\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2A5F8BDD-999B-4577-BD14-284DC831FD7B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B9C35F5E-352C-4A6A-A465-9DD6B143A16E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2DA3FE81-5CED-41BA-9BDF-AAD444139318}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{97C90EE2-C152-406E-92F7-CD835AA8D173}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [TCP Query User{8392FB0C-6568-4128-9906-B64BFD8B1213}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{1AE69F48-14DA-4CA3-8E26-A60130C70AF5}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{028A0FF3-16EB-4627-8BEB-D0EF3CE99AA0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{55B43BEB-56C1-47F7-8BBD-7FAF62B760BF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{3E6260DA-1B7D-482D-9450-E628D03506EE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E97F36CA-BA90-4A55-9113-3872B675A547}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BAB101BD-7605-470E-BED2-0B6C38975DB4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{238DDFBE-7D72-478C-A703-449AE84F739A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1858E1A4-75C5-4364-BEA4-68BDA75DCD50}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F0013875-C328-429B-9B06-2A21797CE3FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{96901338-B5F9-4A38-87E0-F8F8E69351EE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0B11B27E-4DAA-44E7-903B-D5B991CDAAC0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9983636B-6EC4-481E-AA5F-501A9C7CF84D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{208F4237-885E-40FC-9667-8A11870C51B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1520151-08EF-431B-9391-16E90F76FBE1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{578AAFC1-16B0-41D9-AC18-0E809BCDA794}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D77BBDD-12FC-47F8-BAAA-4EBAF71B08D9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1DB1E74C-7EC7-407F-BB3F-FA67A68797FA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC9C2D40-1C38-4512-A142-31AD95512A54}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{74455E8A-4B83-40E8-A350-DAB43A216368}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{94B69976-DDA4-4FBA-814A-9C278FFC5A41}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{831570E1-67E5-4F32-96C8-48600CEE2AC1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2EFB0DB9-A037-450A-9865-63B18FDFE583}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A9D18FDB-D259-4AC7-ADCF-FA8591C4A4E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5C03C0C0-13FE-437E-A20F-0F5EB10FC621}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0FB78D2B-946B-44C5-B369-196F0E0525CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{582B9F53-BB96-485D-AE89-52A7857E602F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F439F573-A72F-4585-95DE-483C36BB7BCD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DEBA3CBF-EE09-4D9B-BA65-8E4CEAA28BBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3FE15F6B-D070-4FED-9667-135238491AF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8CCCD198-45EB-4C1F-9397-D007CB6DAE9D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1FC7A0A5-EE4A-425B-AAF9-95CDA708ED39}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

21-03-2021 19:03:14 Windows Zálohování

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/21/2021 08:22:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.844, časové razítko: 0x69441820
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x2f54
Čas spuštění chybující aplikace: 0x01d71e86c03eec06
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 74713f4a-196c-484f-97d2-00cdb466dcad
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (03/21/2021 08:22:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.844 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1fb0

Čas spuštění: 01d71e852f16da3a

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 9d8a20dd-1779-4470-af4e-3eaece1b46fc

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-process

Error: (03/17/2021 09:52:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/17/2021 09:26:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Bebuscha&Kaaposch (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/17/2021 09:26:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{29c9d0b5-7a05-11e3-a8cc-806e6f6e6963}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/17/2021 09:21:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Bebuscha&Kaaposch (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/17/2021 09:20:59 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{29c9d0b5-7a05-11e3-a8cc-806e6f6e6963}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/17/2021 09:14:40 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Bebuscha&Kaaposch (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (03/21/2021 08:04:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:02:22, ‎21.‎3.‎2021) bylo neočekávané.

Error: (03/21/2021 07:48:35 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Připojení správce filtrů ke svazku \Device\HarddiskVolume10 se nezdařilo. Tento svazek nebude až do restartování k dispozici pro filtrování. Konečný stav: 0xc03a001c.

Error: (03/21/2021 07:48:35 PM) (Source: Microsoft-Windows-FilterManager) (EventID: 3) (User: NT AUTHORITY)
Description: Připojení správce filtrů ke svazku \Device\HarddiskVolume10 se nezdařilo. Tento svazek nebude až do restartování k dispozici pro filtrování. Konečný stav: 0xc03a001c.

Error: (03/21/2021 06:49:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (03/21/2021 06:49:17 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Kapucky\AppData\Local\Temp\ehdrv.sys

Error: (03/21/2021 06:49:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (03/21/2021 06:49:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Kapucky\AppData\Local\Temp\ehdrv.sys

Error: (03/21/2021 06:49:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.


CodeIntegrity:
===============
Date: 2021-03-21 20:31:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume2\PROGRAM FILES\AVAST SOFTWARE\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V2.2 07/15/2013
Motherboard: MSI FM2-A75MA-E35 (MS-7721)
Processor: AMD A10-6800K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 61%
Total physical RAM: 7374.98 MB
Available physical RAM: 2838.91 MB
Total Virtual: 14798.98 MB
Available Virtual: 10155.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.77 GB) (Free:806.97 GB) NTFS
Drive f: (Bebuscha&Kaaposch) (Fixed) (Total:931.48 GB) (Free:22.22 GB) NTFS

\\?\Volume{29c9d0b5-7a05-11e3-a8cc-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.12 GB) NTFS
\\?\Volume{d3829413-0000-0000-0000-b0bde8000000}\ () (Fixed) (Total:0.55 GB) (Free:0.09 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D3829413)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=561 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: FC622B53)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{AFB56B13-34DA-4383-8E69-4B5B032DC94A}: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{D5562BC4-A715-4AEA-A9A3-C04A259A9312}: [DhcpNameServer] 77.48.254.254 77.48.100.254

Edge:
=======
DownloadDir: C:\Users\Kapucky\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001 -> hxxps://www.seznam.cz/
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kapucky\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-21]
Edge DownloadDir: C:\Users\Kapucky\Downloads
Edge HomePage: Default -> hxxps://www.seznam.cz/
Edge Session Restore: Default -> is enabled.
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Kapucky\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-18]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 2zizny6g.default
FF ProfilePath: C:\Users\Kapucky\AppData\Roaming\Oxford University Press\OxfordGrammarForSchools1\Profiles\gkl5qly9.default [2014-12-16]
FF ProfilePath: C:\Users\Kapucky\AppData\Roaming\Mozilla\Firefox\Profiles\2zizny6g.default [2021-03-21]
FF Homepage: Mozilla\Firefox\Profiles\2zizny6g.default -> seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\2zizny6g.default -> is enabled.
FF Extension: (Avast Passwords) - C:\Users\Kapucky\AppData\Roaming\Mozilla\Firefox\Profiles\2zizny6g.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2020-02-12] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Kapucky\AppData\Roaming\Mozilla\Firefox\Profiles\2zizny6g.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-03-17]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2525883802-2620883698-3047885965-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kapucky\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-23] (Unity Technologies ApS -> Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default [2021-03-21]
CHR Extension: (Prezentace) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-08]
CHR Extension: (Dokumenty) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-08]
CHR Extension: (Disk Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-08]
CHR Extension: (YouTube) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-08]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-02-08]
CHR Extension: (Tabulky) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-08]
CHR Extension: (Gmail) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-08]
CHR Extension: (Chrome Media Router) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-21]
CHR Profile: C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-03-21]
CHR HomePage: Profile 1 -> hxxp://seznam.cz/
CHR StartupUrls: Profile 1 -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://email.seznam.cz/?hp#search/label-id%3A258%20flags%3Aunread"
CHR DefaultSearchURL: Profile 1 -> hxxps://ssl.gstatic.com/apps-notify/drive_96_1x.png
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-17]
CHR Extension: (Google Drive) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aghbiahbpaijignceidepookljebhfak [2021-01-17]
CHR Extension: (Bakaláři - mezi školou a rodinou) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agjamnfolfcbaipgblhelohhmpldbjmb [2021-01-17]
CHR Extension: (Dokumenty) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-17]
CHR Extension: (Disk Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-17]
CHR Extension: (YouTube) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-17]
CHR Extension: (Učebna Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\codkagpomgchjpmnolpoapjdaflomkbf [2021-01-17]
CHR Extension: (Google+) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dcdbodpaldbchkfinnjphocleggfceip [2021-01-17]
CHR Extension: (Mapy Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ebaakkhnommmgmlbagjehhjfhkkmhhaa [2021-01-17]
CHR Extension: (Bakaláři - mezi školou a rodinou) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ebgfdpiiinmcnijiejgkmmmogeobbgbn [2021-01-17]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2021-01-17]
CHR Extension: (Avast Passwords) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2021-01-17]
CHR Extension: (Tabulky) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-13]
CHR Extension: (Google Keep) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hcfcmgpnmpinpidjdgejehjchlbglpde [2021-01-17]
CHR Extension: (Messages) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hpfldicfbfomlpcikngkocigghgafkph [2021-01-17]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-16]
CHR Extension: (Google Duo) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\imgohncinckhbblnlmaedahepnnpmdma [2021-01-17]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-01-17]
CHR Extension: (Formuláře Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jkdlbdnmmndeckliookkkcbgindcjpme [2021-01-17]
CHR Extension: (Zprávy Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kfgapjallbhpciobgmlhlhokknljkgho [2021-01-17]
CHR Extension: (Google Earth) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kkgcdmfbmbiedhopdiejkdepbnboeeoa [2021-01-17]
CHR Extension: (Hangouts Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2021-01-17]
CHR Extension: (Network File Share for Chrome OS) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndjpildffkeodjdaeebdhnncfhopkajk [2021-01-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Gmail) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-17]
CHR Extension: (Chrome Media Router) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-11]
CHR Extension: (Google Contacts) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pmcngklofgngifnoceehmchjlildnhkj [2021-01-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128 2015-10-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\89.0.8689.90\elevation_service.exe [1504864 2021-03-14] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-12] (Malwarebytes Inc -> Malwarebytes)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-28] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-11-09] (Disc Soft Ltd -> Disc Soft Ltd)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-12] (Malwarebytes Inc -> Malwarebytes)
S3 MTsensor; C:\WINDOWS\system32\drivers\ASACPI.sys [8192 2008-01-20] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-16] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-21 20:24 - 2021-03-21 20:26 - 000017321 _____ C:\Users\Kapucky\Desktop\FRST.txt
2021-03-21 20:21 - 2021-03-21 20:25 - 000000000 ____D C:\FRST
2021-03-21 20:21 - 2021-03-21 20:21 - 002300928 _____ (Farbar) C:\Users\Kapucky\Desktop\FRST64.exe
2021-03-17 21:07 - 2021-03-17 21:07 - 000000000 ____D C:\Users\Kapucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-03-15 12:41 - 2021-03-15 12:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-15 10:03 - 2021-03-15 18:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-13 12:29 - 2021-03-19 02:01 - 000002972 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-03-13 12:29 - 2021-03-19 02:01 - 000002592 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-03-13 11:46 - 2021-03-21 18:45 - 000000820 _____ C:\Users\Kapucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-03-13 11:46 - 2021-03-21 18:45 - 000000692 _____ C:\Users\Kapucky\Desktop\ESET Online Scanner.lnk
2021-03-13 11:46 - 2021-03-13 11:46 - 015019488 _____ (ESET spol. s r.o.) C:\Users\Kapucky\Downloads\esetonlinescanner.exe
2021-03-13 05:23 - 2021-03-13 05:23 - 000000000 ____D C:\WINDOWS\Panther
2021-03-12 15:54 - 2021-03-21 18:33 - 000000536 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task d5eff3e6-6e65-4663-9216-5e7f6e1953cc.job
2021-03-12 15:54 - 2021-03-21 18:33 - 000000536 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task bb76ce7e-b42c-4243-9a16-8891b0cab302.job
2021-03-12 15:54 - 2021-03-19 02:01 - 000003380 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task bb76ce7e-b42c-4243-9a16-8891b0cab302
2021-03-12 15:54 - 2021-03-19 02:01 - 000003122 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task d5eff3e6-6e65-4663-9216-5e7f6e1953cc
2021-03-12 15:53 - 2021-03-12 15:53 - 000000000 ____D C:\Users\Kapucky\AppData\Roaming\SUPERAntiSpyware.com
2021-03-12 15:53 - 2021-03-12 15:53 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2021-03-12 15:53 - 2021-03-12 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2021-03-12 15:53 - 2021-03-12 15:53 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2021-03-12 15:50 - 2021-03-12 15:51 - 171773720 _____ (SUPERAntiSpyware) C:\Users\Kapucky\Downloads\SUPERAntiSpyware.exe
2021-03-12 15:46 - 2021-03-12 15:46 - 049470048 _____ (IObit ) C:\Users\Kapucky\Downloads\advanced-systemcare-setup.exe
2021-03-12 15:36 - 2021-03-12 15:36 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-03-12 15:36 - 2021-03-12 15:36 - 000000000 ____D C:\Users\Kapucky\AppData\Local\mbam
2021-03-12 15:35 - 2021-03-12 15:35 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-03-12 15:35 - 2021-03-12 15:35 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-03-12 15:35 - 2021-03-12 15:35 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-03-12 15:35 - 2021-03-12 15:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-12 15:35 - 2021-03-12 15:35 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-12 15:33 - 2021-03-12 15:33 - 002084016 _____ (Malwarebytes) C:\Users\Kapucky\Downloads\MBSetup.exe
2021-03-10 01:16 - 2021-03-10 01:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-10 01:16 - 2021-03-10 01:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-10 01:16 - 2021-03-10 01:16 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-10 01:16 - 2021-03-10 01:16 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-10 01:16 - 2021-03-10 01:16 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-10 01:15 - 2021-03-10 01:15 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-10 01:15 - 2021-03-10 01:15 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-10 01:15 - 2021-03-10 01:15 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-10 01:15 - 2021-03-10 01:15 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-10 01:15 - 2021-03-10 01:15 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-10 01:15 - 2021-03-10 01:15 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-02-19 16:48 - 2021-02-19 16:48 - 000888030 _____ C:\Users\Kapucky\Downloads\Terrifying_Shadows_-_Guide (1).pdf
2021-02-19 15:28 - 2021-02-19 15:28 - 000888030 _____ C:\Users\Kapucky\Downloads\Terrifying_Shadows_-_Guide.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-21 20:22 - 2020-02-29 19:44 - 000000000 ____D C:\Users\Kapucky\AppData\Local\CrashDumps
2021-03-21 20:18 - 2016-11-20 19:07 - 000000000 ____D C:\Users\Kapucky\AppData\LocalLow\Mozilla
2021-03-21 20:18 - 2014-01-10 16:42 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-21 20:16 - 2021-01-17 16:02 - 000000000 ____D C:\Users\Kapucky\Desktop\22.-26.3. F9
2021-03-21 20:16 - 2020-01-15 16:30 - 000000000 ____D C:\Users\Kapucky\AppData\Roaming\Discord
2021-03-21 20:14 - 2021-01-17 16:01 - 000000000 ____D C:\Users\Kapucky\Desktop\22.-26.3. F8
2021-03-21 20:09 - 2018-03-04 08:15 - 000000000 ____D C:\Users\Kapucky\AppData\Local\AVAST Software
2021-03-21 20:08 - 2014-01-10 17:06 - 000000000 ____D C:\Program Files\CCleaner
2021-03-21 20:07 - 2020-11-10 07:44 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-03-21 20:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-21 20:05 - 2019-07-05 15:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-21 20:04 - 2020-11-10 07:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-21 20:04 - 2020-11-10 07:26 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-21 20:04 - 2020-11-10 07:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-21 19:09 - 2021-01-17 16:00 - 000000000 ____D C:\Users\Kapucky\Desktop\22.-26.3. F7
2021-03-21 18:44 - 2014-02-07 10:47 - 000000000 ____D C:\Users\Kapucky\AppData\Local\ESET
2021-03-21 18:42 - 2020-11-10 05:43 - 000000000 ____D C:\Users\Kapucky
2021-03-21 18:37 - 2015-01-07 09:47 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-21 18:33 - 2020-01-29 09:59 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2525883802-2620883698-3047885965-1001UA1d5d682754deaec.job
2021-03-21 18:33 - 2020-01-29 09:59 - 000000896 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2525883802-2620883698-3047885965-1001Core1d5d6827545c4a1.job
2021-03-21 18:32 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-21 18:32 - 2019-01-11 16:33 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-03-21 17:35 - 2021-01-17 16:02 - 000000000 ____D C:\Users\Kapucky\Desktop\22.-26.3. Ch9
2021-03-21 17:34 - 2020-11-11 01:44 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-20 08:55 - 2020-06-10 22:09 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-20 08:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-20 08:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-19 02:01 - 2020-11-30 05:28 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b72c43fe3fcf
2021-03-19 02:01 - 2020-11-10 07:44 - 000003658 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskUserS-1-5-21-2525883802-2620883698-3047885965-1001UA1d5d682754deaec
2021-03-19 02:01 - 2020-11-10 07:44 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-19 02:01 - 2020-11-10 07:44 - 000003430 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d132872b3abd06
2021-03-19 02:01 - 2020-11-10 07:44 - 000003390 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskUserS-1-5-21-2525883802-2620883698-3047885965-1001Core1d5d6827545c4a1
2021-03-19 02:01 - 2020-11-10 07:44 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-19 02:01 - 2020-11-10 07:44 - 000003206 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d13287275ed3ef
2021-03-19 02:01 - 2020-11-10 07:44 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-19 02:01 - 2020-11-10 07:44 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2525883802-2620883698-3047885965-1001
2021-03-19 02:01 - 2020-11-10 07:44 - 000002444 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2021-03-19 02:01 - 2020-11-10 07:44 - 000002392 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2021-03-19 02:01 - 2020-11-10 07:44 - 000002388 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2021-03-19 02:01 - 2020-11-10 07:44 - 000002184 _____ C:\WINDOWS\system32\Tasks\{30C1D411-698D-4B3C-A42C-300A16AB7600}
2021-03-19 02:01 - 2020-11-10 07:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-03-18 19:08 - 2018-05-13 14:52 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-03-18 11:22 - 2021-01-04 09:02 - 000000000 ____D C:\Users\Kapucky\Downloads\teams 2021
2021-03-18 01:18 - 2014-01-10 16:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-17 21:08 - 2014-01-15 16:26 - 000000000 ____D C:\Users\Kapucky\AppData\Roaming\Dropbox
2021-03-15 18:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-15 18:11 - 2014-01-10 16:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-15 17:18 - 2020-12-13 17:06 - 000000000 ___RD C:\Users\Kapucky\OneDrive - ZŠ Týniště nad Orlicí
2021-03-15 17:18 - 2020-11-10 05:43 - 000002411 _____ C:\Users\Kapucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 12:41 - 2014-01-10 16:42 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-14 19:49 - 2020-03-18 15:26 - 000000000 ____D C:\Users\Kapucky\AppData\Local\D3DSCache
2021-03-13 01:41 - 2020-01-16 00:12 - 000000000 ____D C:\Users\Kapucky\AppData\Local\Packages
2021-03-12 15:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-12 14:23 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-10 04:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-10 02:15 - 2020-11-10 07:26 - 000475008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-10 00:40 - 2014-01-21 19:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 00:34 - 2013-05-06 14:27 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-07 18:58 - 2016-01-03 01:46 - 000000000 ____D C:\Users\Kapucky\AppData\Local\PokerStars.CZ
2021-02-28 14:23 - 2018-12-05 07:15 - 000002539 _____ C:\Users\Kapucky\Desktop\Avast Secure Browser.lnk
2021-02-24 17:50 - 2016-01-03 01:45 - 000000000 ____D C:\Program Files (x86)\PokerStars.EU
2021-02-22 01:11 - 2020-08-21 07:51 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-21 14:22 - 2018-02-04 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== Files in the root of some directories ========

2016-01-07 17:07 - 2016-01-07 17:07 - 000000016 ____H () C:\Users\Kapucky\AppData\Local\citpt.dat
2014-06-16 15:36 - 2018-11-21 22:45 - 000019456 _____ () C:\Users\Kapucky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-11-13 17:22 - 2020-11-13 17:22 - 000007615 _____ () C:\Users\Kapucky\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 21 bře 2021 21:01
od Rudy
Zdravím!
Otevřte adresář C:\windows\minidump a pokud v něm najdete nějaké soubory, zabalte je do raru a přiložte k vašemu příštímu postu.

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 21 bře 2021 21:04
od kaaposch
Dobrý den,
složka je prázdná...

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 21 bře 2021 21:53
od Rudy
Tak ti není moc dobré. Bkuescreeny totiž ukládají o sobě zprávu do toho adresáře a analýzou těch souborů se dá přibližně zjistit, co je způsobuje. Může to být softwre i hardware. Takhle budeme "střílet"naslepo. Vyčistíme tedy PC. Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 22 bře 2021 00:14
od kaaposch
# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-22-2021
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1422 octets] - [22/03/2021 00:10:37]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-22-2021
# Duration: 00:00:33
# OS: Windows 10 Home
# Scanned: 2746
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1422 octets] - [22/03/2021 00:10:37]
AdwCleaner[C00].txt - [1593 octets] - [22/03/2021 00:11:37]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 22 bře 2021 00:16
od kaaposch
pro jistotu ještě jednou...

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-22-2021
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1422 octets] - [22/03/2021 00:10:37]
AdwCleaner[C00].txt - [1593 octets] - [22/03/2021 00:11:37]
AdwCleaner[S01].txt - [1527 octets] - [22/03/2021 00:12:40]
AdwCleaner[S02].txt - [1588 octets] - [22/03/2021 00:15:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 22 bře 2021 09:32
od kaaposch
...ješte chrom nechce načíst youtube - při načítání na chvilku naskočí, ale pak hodí chybu (ale třeba to s tím nesouvisí...)

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 22 bře 2021 10:24
od Rudy
Dejte nové logy FRST+Addition.

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 22 bře 2021 11:06
od kaaposch
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-03-2021
Ran by Kapucky (administrator) on KAPUCKY-PC (MSI MS-7721) (22-03-2021 10:57:21)
Running from C:\Users\Kapucky\Desktop
Loaded Profiles: Kapucky
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\Kapucky\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Support.com Inc -> SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6469736 2012-03-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [NUSB3MON] => C:\Program Files (x86)\ATI Technologies\AMDUSB3DeviceDetector\nusb3mon.exe [97280 2012-04-11] (Advanced Micro Devices, Inc.) [File not signed]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe
HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\Run: [Dropbox Update] => C:\Users\Kapucky\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109945728 2021-02-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\Run: [Discord] => C:\Users\Kapucky\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [11221496 2021-03-09] (Support.com Inc -> SUPERAntiSpyware)
HKLM\...\Windows x64\Print Processors\Canon iP4300 Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD86.DLL [27136 2006-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP4300: C:\WINDOWS\system32\CNMLM86.DLL [234496 2006-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [110264 2013-04-09] (pdfforge GmbH -> pdfforge GmbH)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\89.0.8689.90\Installer\chrmstp.exe [2021-03-18] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.90\Installer\chrmstp.exe [2021-03-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7980.150\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\Kapucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2021-03-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05AE7AAF-52A4-4A47-882B-C3AC1682A175} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
Task: {068F8D46-2E12-4E13-B2A9-CFE43DDFDB8F} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {069B7225-C480-405D-9B88-BE2749362F0F} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {06B4E9E9-E811-43D4-A3C9-CF95E5FE2045} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0B169463-1727-46AC-AB88-6E88C993D615} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {13630C59-C6AD-4F3E-887A-3715AB0AE2B0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {1BF8157C-E92E-4A57-A7EF-266D676D583E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {244C0C17-1DA8-48D7-AEE3-101116297E8F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {277481F7-373C-432B-B252-5E055B9F7EF1} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe
Task: {288CCB3B-1D85-46CA-9E7A-2BD5CD0A3FA7} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8efec4ce9532 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {31D41BB7-4551-4631-804D-9213FC59D4C7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {352D4A04-2EBD-41F0-AF91-8721401011B3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {36158D52-A61D-41E1-B60B-253D20AB4D2C} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {3AC42B23-D73B-4C65-AFE1-E3CA8ED30C9E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {48378666-DF5B-4333-9BB7-35AC0662BD91} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2256960 2021-03-14] (Avast Software s.r.o. -> AVAST Software)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {49F76AFC-C70D-4F8F-BD8C-AB5AA5118FA5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {531B827A-614D-4D9D-AF54-DB7D19AD9546} - System32\Tasks\{30C1D411-698D-4B3C-A42C-300A16AB7600} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {55104DB8-63B8-454D-BF47-1485DF892952} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {55232466-AF38-4182-91C2-ED1E56CEE026} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BB01242-3714-47FF-91CE-A42ECAF10008} - System32\Tasks\SUPERAntiSpyware Scheduled Task d5eff3e6-6e65-4663-9216-5e7f6e1953cc => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2021-01-09] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:d5eff3e6-6e65-4663-9216-5e7f6e1953cc
Task: {5D752CC3-E658-4EB6-B4EF-3BD3B629C7D1} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {60CA047E-C2F2-4973-BB32-C8D46014486C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {61889AB3-7464-4D81-A818-20E10736AE79} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {6A9027A0-5682-4CF1-8F8A-1BC2769D4EEF} - System32\Tasks\GoogleUpdateTaskMachineCore1d13287275ed3ef => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {70052EC1-ECC7-493E-AA19-E46BFAA1E5CB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {753324D8-CC82-4AB9-9F39-AF6FE6933191} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
Task: {7641BDE9-F3A6-4BF9-867C-3FDD640E6E68} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2256960 2021-03-14] (Avast Software s.r.o. -> AVAST Software)
Task: {8900FA50-B90C-411B-9B83-39C32E35F685} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {8AE35C16-A597-4F88-A5C2-10C453961F38} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8C2A7BD0-C23C-4008-A81A-94D9B4BE551F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8D3935FF-0A0B-4411-8886-BCB676885BC3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {94E6DD1F-AEAF-4342-9A7E-64502D946081} - System32\Tasks\GoogleUpdateTaskMachineUA1d132872b3abd06 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {98ADA09D-9D43-4857-86DF-29BA331745C4} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9FB21CDB-DAEB-42A8-95CD-AF1736E5217F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736 2015-10-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {A3D08273-3E13-4285-A960-5498A0340EAD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A5412E87-5C94-487F-A0D6-2A7B71F3C9D6} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A7041309-44E7-4010-813B-0E8F2D306584} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A78B23D1-1811-4A09-B5C7-14E9CC9BC3DD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2525883802-2620883698-3047885965-1001UA1d5d682754deaec => C:\Users\Kapucky\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AE890B5E-4AB7-4CCC-890E-CABA224C1F15} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {B0A4576D-3E14-443B-A952-7631899B0BE8} - System32\Tasks\SUPERAntiSpyware Scheduled Task bb76ce7e-b42c-4243-9a16-8891b0cab302 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [49944 2021-01-09] (SUPERAntiSpyware.com -> SUPERAdBlocker.com) -> "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" /TASK:bb76ce7e-b42c-4243-9a16-8891b0cab302
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B427BDCF-0624-4FE1-A4CE-7BBF67AB5AAA} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {B66C100E-71AC-4DB5-A8A2-C19C11EFCC3F} - System32\Tasks\GoogleUpdateTaskMachineUA1cfff784c491cd1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {B81C3C5D-9CA5-419E-9F64-EC023517981B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B9C840AE-6719-4681-817F-D2A7C779EAEF} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Kapucky\Downloads\esetonlinescanner.exe [15019488 2021-03-13] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {BBDEFAD0-DF8B-4F9E-9BDF-28C33EDE537B} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {BEF99ECA-3DE9-4A9D-98D7-F7EC67FAFF0C} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8efec4e662f5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {C0197512-7FC5-4DF5-8C96-30EBFC5ECE0A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C55DFDC0-23A5-4C55-9F83-132DF6EDD960} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {CA3E3C98-6229-4D72-819C-1916233F4D23} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2525883802-2620883698-3047885965-1001Core1d5d6827545c4a1 => C:\Users\Kapucky\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {CEF586B9-CB2C-4AD8-9B91-E391247A3A0C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D8726BA8-79DF-41DA-AB86-35B8E6B33A85} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {DCE79BA6-FF41-4E60-B49F-CA54914118E1} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {E1CF7DA5-4EBF-4BCE-A131-BA9059DECBAB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {E881BA8B-7078-4933-86ED-98AE5BC4A73F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Kapucky\Downloads\esetonlinescanner.exe [15019488 2021-03-13] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {EABEA10A-9BD7-425D-BF4A-3BC47F9A5D52} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F175242B-7649-43DD-A7EB-7793A3D34C08} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {FA72F760-4D99-4B24-833F-F0FE34B2DD92} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FB587EA6-F56E-44FF-924E-38017F187C97} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FF42CC52-27EC-4E77-8951-0713EBEB225F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2525883802-2620883698-3047885965-1001Core1d5d6827545c4a1.job => C:\Users\Kapucky\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2525883802-2620883698-3047885965-1001UA1d5d682754deaec.job => C:\Users\Kapucky\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf8efec4ce9532.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf8efec4e662f5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cfff784c491cd1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task bb76ce7e-b42c-4243-9a16-8891b0cab302.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task d5eff3e6-6e65-4663-9216-5e7f6e1953cc.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{AFB56B13-34DA-4383-8E69-4B5B032DC94A}: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{D5562BC4-A715-4AEA-A9A3-C04A259A9312}: [DhcpNameServer] 77.48.254.254 77.48.100.254

Edge:
=======
DownloadDir: C:\Users\Kapucky\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001 -> hxxps://www.seznam.cz/
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kapucky\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-22]
Edge DownloadDir: C:\Users\Kapucky\Downloads
Edge HomePage: Default -> hxxps://www.seznam.cz/
Edge Session Restore: Default -> is enabled.
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Kapucky\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-18]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 2zizny6g.default
FF ProfilePath: C:\Users\Kapucky\AppData\Roaming\Oxford University Press\OxfordGrammarForSchools1\Profiles\gkl5qly9.default [2014-12-16]
FF ProfilePath: C:\Users\Kapucky\AppData\Roaming\Mozilla\Firefox\Profiles\2zizny6g.default [2021-03-22]
FF Homepage: Mozilla\Firefox\Profiles\2zizny6g.default -> seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\2zizny6g.default -> is enabled.
FF Extension: (Avast Passwords) - C:\Users\Kapucky\AppData\Roaming\Mozilla\Firefox\Profiles\2zizny6g.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2020-02-12] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Kapucky\AppData\Roaming\Mozilla\Firefox\Profiles\2zizny6g.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-03-17]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-10-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2525883802-2620883698-3047885965-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kapucky\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-23] (Unity Technologies ApS -> Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default [2021-03-21]
CHR Extension: (Prezentace) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-08]
CHR Extension: (Dokumenty) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-08]
CHR Extension: (Disk Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-08]
CHR Extension: (YouTube) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-08]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-02-08]
CHR Extension: (Tabulky) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-08]
CHR Extension: (Gmail) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-08]
CHR Extension: (Chrome Media Router) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-21]
CHR Profile: C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-03-22]
CHR HomePage: Profile 1 -> hxxp://seznam.cz/
CHR StartupUrls: Profile 1 -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://email.seznam.cz/?hp#search/label-id%3A258%20flags%3Aunread"
CHR DefaultSearchURL: Profile 1 -> hxxps://ssl.gstatic.com/apps-notify/drive_96_1x.png
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-17]
CHR Extension: (Google Drive) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aghbiahbpaijignceidepookljebhfak [2021-01-17]
CHR Extension: (Bakaláři - mezi školou a rodinou) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agjamnfolfcbaipgblhelohhmpldbjmb [2021-01-17]
CHR Extension: (Dokumenty) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-17]
CHR Extension: (Disk Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-17]
CHR Extension: (YouTube) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-17]
CHR Extension: (Učebna Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\codkagpomgchjpmnolpoapjdaflomkbf [2021-01-17]
CHR Extension: (Google+) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dcdbodpaldbchkfinnjphocleggfceip [2021-01-17]
CHR Extension: (Mapy Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ebaakkhnommmgmlbagjehhjfhkkmhhaa [2021-01-17]
CHR Extension: (Bakaláři - mezi školou a rodinou) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ebgfdpiiinmcnijiejgkmmmogeobbgbn [2021-01-17]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efmjfjelnicpmdcmfikempdhlmainjcb [2021-01-17]
CHR Extension: (Avast Passwords) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2021-01-17]
CHR Extension: (Tabulky) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-13]
CHR Extension: (Google Keep) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hcfcmgpnmpinpidjdgejehjchlbglpde [2021-01-17]
CHR Extension: (Messages) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hpfldicfbfomlpcikngkocigghgafkph [2021-01-17]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-16]
CHR Extension: (Google Duo) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\imgohncinckhbblnlmaedahepnnpmdma [2021-01-17]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-01-17]
CHR Extension: (Formuláře Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jkdlbdnmmndeckliookkkcbgindcjpme [2021-01-17]
CHR Extension: (Zprávy Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kfgapjallbhpciobgmlhlhokknljkgho [2021-01-17]
CHR Extension: (Google Earth) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kkgcdmfbmbiedhopdiejkdepbnboeeoa [2021-01-17]
CHR Extension: (Hangouts Google) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2021-01-17]
CHR Extension: (Network File Share for Chrome OS) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndjpildffkeodjdaeebdhnncfhopkajk [2021-01-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Gmail) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-17]
CHR Extension: (Chrome Media Router) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-11]
CHR Extension: (Google Contacts) - C:\Users\Kapucky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pmcngklofgngifnoceehmchjlildnhkj [2021-01-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2021-01-09] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com)
S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128 2015-10-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-10-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\89.0.8689.90\elevation_service.exe [1504864 2021-03-14] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-12] (Malwarebytes Inc -> Malwarebytes)
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12727576 2021-02-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [229056 2015-04-03] (AppEx Networks Corporation -> AppEx Networks Corporation)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-28] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-11-09] (Disc Soft Ltd -> Disc Soft Ltd)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-03-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-12] (Malwarebytes Inc -> Malwarebytes)
S3 MTsensor; C:\WINDOWS\system32\drivers\ASACPI.sys [8192 2008-01-20] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2021-01-09] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-16] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-22 00:09 - 2021-03-22 00:11 - 000000000 ____D C:\AdwCleaner
2021-03-22 00:08 - 2021-03-22 00:08 - 008463216 _____ (Malwarebytes) C:\Users\Kapucky\Desktop\adwcleaner_8.1.exe
2021-03-21 20:24 - 2021-03-22 10:58 - 000036309 _____ C:\Users\Kapucky\Desktop\FRST.txt
2021-03-21 20:21 - 2021-03-22 10:58 - 000000000 ____D C:\FRST
2021-03-21 20:21 - 2021-03-21 20:21 - 002300928 _____ (Farbar) C:\Users\Kapucky\Desktop\FRST64.exe
2021-03-17 21:07 - 2021-03-17 21:07 - 000000000 ____D C:\Users\Kapucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-03-15 12:41 - 2021-03-15 12:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-15 10:03 - 2021-03-15 18:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-13 12:29 - 2021-03-22 10:55 - 000002972 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-03-13 12:29 - 2021-03-22 10:55 - 000002592 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-03-13 11:46 - 2021-03-21 18:45 - 000000820 _____ C:\Users\Kapucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-03-13 11:46 - 2021-03-21 18:45 - 000000692 _____ C:\Users\Kapucky\Desktop\ESET Online Scanner.lnk
2021-03-13 11:46 - 2021-03-13 11:46 - 015019488 _____ (ESET spol. s r.o.) C:\Users\Kapucky\Downloads\esetonlinescanner.exe
2021-03-13 05:23 - 2021-03-13 05:23 - 000000000 ____D C:\WINDOWS\Panther
2021-03-12 15:54 - 2021-03-22 10:55 - 000003380 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task bb76ce7e-b42c-4243-9a16-8891b0cab302
2021-03-12 15:54 - 2021-03-22 10:55 - 000003122 _____ C:\WINDOWS\system32\Tasks\SUPERAntiSpyware Scheduled Task d5eff3e6-6e65-4663-9216-5e7f6e1953cc
2021-03-12 15:54 - 2021-03-22 10:55 - 000000536 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task d5eff3e6-6e65-4663-9216-5e7f6e1953cc.job
2021-03-12 15:54 - 2021-03-22 10:55 - 000000536 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task bb76ce7e-b42c-4243-9a16-8891b0cab302.job
2021-03-12 15:53 - 2021-03-12 15:53 - 000000000 ____D C:\Users\Kapucky\AppData\Roaming\SUPERAntiSpyware.com
2021-03-12 15:53 - 2021-03-12 15:53 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2021-03-12 15:53 - 2021-03-12 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2021-03-12 15:53 - 2021-03-12 15:53 - 000000000 ____D C:\Program Files\SUPERAntiSpyware
2021-03-12 15:50 - 2021-03-12 15:51 - 171773720 _____ (SUPERAntiSpyware) C:\Users\Kapucky\Downloads\SUPERAntiSpyware.exe
2021-03-12 15:46 - 2021-03-12 15:46 - 049470048 _____ (IObit ) C:\Users\Kapucky\Downloads\advanced-systemcare-setup.exe
2021-03-12 15:36 - 2021-03-12 15:36 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-03-12 15:36 - 2021-03-12 15:36 - 000000000 ____D C:\Users\Kapucky\AppData\Local\mbam
2021-03-12 15:35 - 2021-03-12 15:35 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-03-12 15:35 - 2021-03-12 15:35 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-03-12 15:35 - 2021-03-12 15:35 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-03-12 15:35 - 2021-03-12 15:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-12 15:35 - 2021-03-12 15:35 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-12 15:33 - 2021-03-12 15:33 - 002084016 _____ (Malwarebytes) C:\Users\Kapucky\Downloads\MBSetup.exe
2021-03-10 01:16 - 2021-03-10 01:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-10 01:16 - 2021-03-10 01:16 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-10 01:16 - 2021-03-10 01:16 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-10 01:16 - 2021-03-10 01:16 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-10 01:16 - 2021-03-10 01:16 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-10 01:15 - 2021-03-10 01:15 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-10 01:15 - 2021-03-10 01:15 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-10 01:15 - 2021-03-10 01:15 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-10 01:15 - 2021-03-10 01:15 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-10 01:15 - 2021-03-10 01:15 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-10 01:15 - 2021-03-10 01:15 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-22 10:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-22 10:55 - 2020-11-30 05:28 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b72c43fe3fcf
2021-03-22 10:55 - 2020-11-10 07:44 - 000003658 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskUserS-1-5-21-2525883802-2620883698-3047885965-1001UA1d5d682754deaec
2021-03-22 10:55 - 2020-11-10 07:44 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-22 10:55 - 2020-11-10 07:44 - 000003430 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d132872b3abd06
2021-03-22 10:55 - 2020-11-10 07:44 - 000003390 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskUserS-1-5-21-2525883802-2620883698-3047885965-1001Core1d5d6827545c4a1
2021-03-22 10:55 - 2020-11-10 07:44 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-22 10:55 - 2020-11-10 07:44 - 000003206 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d13287275ed3ef
2021-03-22 10:55 - 2020-11-10 07:44 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-22 10:55 - 2020-11-10 07:44 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2525883802-2620883698-3047885965-1001
2021-03-22 10:55 - 2020-11-10 07:44 - 000002444 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2021-03-22 10:55 - 2020-11-10 07:44 - 000002392 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2021-03-22 10:55 - 2020-11-10 07:44 - 000002388 _____ C:\WINDOWS\system32\Tasks\Microsoft_Hardware_Launch_itype_exe
2021-03-22 10:55 - 2020-11-10 07:44 - 000002184 _____ C:\WINDOWS\system32\Tasks\{30C1D411-698D-4B3C-A42C-300A16AB7600}
2021-03-22 10:55 - 2020-01-29 09:59 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2525883802-2620883698-3047885965-1001UA1d5d682754deaec.job
2021-03-22 10:55 - 2020-01-29 09:59 - 000000896 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2525883802-2620883698-3047885965-1001Core1d5d6827545c4a1.job
2021-03-22 10:55 - 2016-11-20 19:07 - 000000000 ____D C:\Users\Kapucky\AppData\LocalLow\Mozilla
2021-03-22 10:55 - 2014-01-10 16:42 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-22 10:50 - 2020-11-10 07:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-03-22 10:19 - 2020-11-10 07:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-22 09:43 - 2018-03-04 08:15 - 000000000 ____D C:\Users\Kapucky\AppData\Local\AVAST Software
2021-03-22 09:26 - 2021-01-04 09:02 - 000000000 ____D C:\Users\Kapucky\Downloads\teams 2021
2021-03-22 02:26 - 2014-01-10 17:06 - 000000000 ____D C:\Program Files\CCleaner
2021-03-21 20:46 - 2021-01-17 16:02 - 000000000 ____D C:\Users\Kapucky\Desktop\22.-26.3. Ch9
2021-03-21 20:39 - 2021-01-17 16:02 - 000000000 ____D C:\Users\Kapucky\Desktop\22.-26.3. F9
2021-03-21 20:22 - 2020-02-29 19:44 - 000000000 ____D C:\Users\Kapucky\AppData\Local\CrashDumps
2021-03-21 20:16 - 2020-01-15 16:30 - 000000000 ____D C:\Users\Kapucky\AppData\Roaming\Discord
2021-03-21 20:14 - 2021-01-17 16:01 - 000000000 ____D C:\Users\Kapucky\Desktop\22.-26.3. F8
2021-03-21 20:07 - 2020-11-10 07:44 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-03-21 20:05 - 2019-07-05 15:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-03-21 20:04 - 2020-11-10 07:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-21 20:04 - 2020-11-10 07:26 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-21 19:09 - 2021-01-17 16:00 - 000000000 ____D C:\Users\Kapucky\Desktop\22.-26.3. F7
2021-03-21 18:44 - 2014-02-07 10:47 - 000000000 ____D C:\Users\Kapucky\AppData\Local\ESET
2021-03-21 18:42 - 2020-11-10 05:43 - 000000000 ____D C:\Users\Kapucky
2021-03-21 18:37 - 2015-01-07 09:47 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-21 18:32 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-21 18:32 - 2019-01-11 16:33 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-03-21 17:34 - 2020-11-11 01:44 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-20 08:55 - 2020-06-10 22:09 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-20 08:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-20 08:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-18 19:08 - 2018-05-13 14:52 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-03-18 01:18 - 2014-01-10 16:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-17 21:08 - 2014-01-15 16:26 - 000000000 ____D C:\Users\Kapucky\AppData\Roaming\Dropbox
2021-03-15 18:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-15 18:11 - 2014-01-10 16:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-15 17:18 - 2020-12-13 17:06 - 000000000 ___RD C:\Users\Kapucky\OneDrive - ZŠ Týniště nad Orlicí
2021-03-15 17:18 - 2020-11-10 05:43 - 000002411 _____ C:\Users\Kapucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 12:41 - 2014-01-10 16:42 - 000001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-14 19:49 - 2020-03-18 15:26 - 000000000 ____D C:\Users\Kapucky\AppData\Local\D3DSCache
2021-03-13 01:41 - 2020-01-16 00:12 - 000000000 ____D C:\Users\Kapucky\AppData\Local\Packages
2021-03-12 15:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-12 14:23 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-10 04:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-10 02:15 - 2020-11-10 07:26 - 000475008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-10 02:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-10 00:40 - 2014-01-21 19:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 00:34 - 2013-05-06 14:27 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-07 18:58 - 2016-01-03 01:46 - 000000000 ____D C:\Users\Kapucky\AppData\Local\PokerStars.CZ
2021-02-28 14:23 - 2018-12-05 07:15 - 000002539 _____ C:\Users\Kapucky\Desktop\Avast Secure Browser.lnk
2021-02-24 17:50 - 2016-01-03 01:45 - 000000000 ____D C:\Program Files (x86)\PokerStars.EU
2021-02-22 01:11 - 2020-08-21 07:51 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-21 14:22 - 2018-02-04 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== Files in the root of some directories ========

2016-01-07 17:07 - 2016-01-07 17:07 - 000000016 ____H () C:\Users\Kapucky\AppData\Local\citpt.dat
2014-06-16 15:36 - 2018-11-21 22:45 - 000019456 _____ () C:\Users\Kapucky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-11-13 17:22 - 2020-11-13 17:22 - 000007615 _____ () C:\Users\Kapucky\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-03-2021
Ran by Kapucky (22-03-2021 11:00:50)
Running from C:\Users\Kapucky\Desktop
Windows 10 Home Version 2004 19041.867 (X64) (2020-11-10 06:45:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2525883802-2620883698-3047885965-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2525883802-2620883698-3047885965-503 - Limited - Disabled)
Guest (S-1-5-21-2525883802-2620883698-3047885965-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2525883802-2620883698-3047885965-1003 - Limited - Enabled)
Kapucky (S-1-5-21-2525883802-2620883698-3047885965-1001 - Administrator - Enabled) => C:\Users\Kapucky
WDAGUtilityAccount (S-1-5-21-2525883802-2620883698-3047885965-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 18.05 (HKLM-x32\...\{23170F69-40C1-2701-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Reader XI (11.0.13) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{7E5DC2C5-115A-322B-976C-219237FAED66}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 89.0.8689.90 - AVAST Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.68.1077 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Cubify Invent (HKLM-x32\...\{603AFBD1-85BB-4BCD-B42E-E1BD1C34652C}) (Version: 1.0.0.10007 - 3D Systems)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Discord (HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DolbyFiles (HKLM-x32\...\{b1adf008-e898-4fe2-8a1f-690d9a06acaf}) (Version: 0.1 - Nero AG) Hidden
Drakensang Online (HKLM-x32\...\Drakensang Online) (Version: - )
Dropbox (HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\Dropbox) (Version: 118.4.460 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
K-Lite Codec Pack 9.4.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.4.0 - )
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.57 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MotionDV STUDIO 5.3E LE for DV (HKLM-x32\...\{43F8F1E5-C740-4293-A309-EA9DD6474DB1}) (Version: - )
Mozilla Firefox 86.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 86.0.1 (x64 cs)) (Version: 86.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 86.0.1.7739 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Tag (HKLM-x32\...\{2ADBD0DD-F146-413E-8C3A-285592BD10F0}) (Version: 2.08 - Wide Angle Software)
Nero 9 Essentials (HKLM-x32\...\{baf459c9-fe42-429a-ab4f-7fab4348549c}) (Version: - Nero AG)
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
Oxford Grammar for Schools 1 (HKLM-x32\...\Oxford Grammar for Schools 1 1.0) (Version: 1.0 - Oxford University Press)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.)
Recepty doma (HKLM-x32\...\Recepty doma_is1) (Version: - Martin Roubec)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.69 (HKLM-x32\...\Skype_is1) (Version: 8.69 - Skype Technologies S.A.)
Splash Lite (HKLM-x32\...\{8B4A6011-BB10-4918-B561-3F6CF5712B37}) (Version: 1.7.1 - Mirillis)
Stamp ID3 Tag Editor (HKLM-x32\...\Stamp) (Version: 2.39 - NCH Software)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 10.0.1220 - SUPERAntiSpyware.com)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.15.5 - TeamViewer)
TL-WN751ND Driver (HKLM-x32\...\{14770694-6C1C-4137-95F9-6F934D8491B4}) (Version: 1.00.0000 - TP-LINK)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zacek v2.1 (HKLM-x32\...\Zacek v2.1) (Version: - )

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0 [2021-03-07] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{04271989-C4D2-B969-45A7-C10075E5CB10} -> [OneDrive - ZŠ Týniště nad Orlicí] => C:\Users\Kapucky\OneDrive - ZŠ Týniště nad Orlicí [2020-12-13 17:06]
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Kapucky\Dropbox [2014-01-15 16:28]
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1B} -> [dropbox-NamespaceExtensionRole.Business] => 0
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [2009-07-16] (Nero AG -> Nero AG)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-12] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2525883802-2620883698-3047885965-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2525883802-2620883698-3047885965-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2525883802-2620883698-3047885965-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\DropboxExt64.47.0.dll [2021-03-03] (Dropbox, Inc -> Dropbox, Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.DVSD] => C:\Windows\SysWOW64\pdvcodec.dll [215552 2000-11-21] (Matsushita Electric Industrial Co., Ltd.) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Kapucky\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\Kapucky\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co
ShortcutWithArgument: C:\Users\Kapucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Network File Share for Chrome OS.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=ndjpildffkeodjdaeebdhnncfhopkajk
ShortcutWithArgument: C:\Users\Kapucky\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2015-11-04 16:40 - 2015-11-04 16:40 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2013-09-20 13:50 - 2013-09-20 13:50 - 000518144 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll
2018-04-30 16:00 - 2018-04-30 16:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files (x86)\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH -> pdfforge GmbH)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
IE Session Restore: HKU\S-1-5-21-2525883802-2620883698-3047885965-1001 -> is enabled.
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-09 23:22 - 000000035 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kapucky\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 77.48.254.254 - 77.48.100.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

Network Binding:
=============
Připojení k místní síti: AppEx Networks Accelerator -> appex_acc (enabled)
Bezdrátové připojení k síti: AppEx Networks Accelerator -> appex_acc (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_9AF5A7FCB2476DC252D04F6964C90B14"
HKU\S-1-5-21-2525883802-2620883698-3047885965-1001\...\StartupApproved\Run: => "OfficeSyncProcess"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F2E1FA47-F50C-4ABC-A535-4B7381667040}] => (Allow) C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{187E555F-5530-4B8B-A2B8-0A075E1E2975}] => (Allow) C:\Users\Kapucky\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{DC901452-A5BB-4169-8A54-969F3819FC72}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DD45A6E7-E89A-4366-A7E5-DBF334FFB764}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{4974BDCE-E7E1-4056-B452-F75BC641BC03}C:\users\kapucky\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kapucky\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [UDP Query User{6C13A6CD-0297-470D-9615-3FCCDE8B225E}C:\users\kapucky\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\kapucky\appdata\roaming\dropbox\bin\dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{2A5F8BDD-999B-4577-BD14-284DC831FD7B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B9C35F5E-352C-4A6A-A465-9DD6B143A16E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2DA3FE81-5CED-41BA-9BDF-AAD444139318}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [{97C90EE2-C152-406E-92F7-CD835AA8D173}] => (Allow) C:\Windows\SysWOW64\muzapp.exe (Musiccity Co.Ltd.) [File not signed]
FirewallRules: [TCP Query User{8392FB0C-6568-4128-9906-B64BFD8B1213}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{1AE69F48-14DA-4CA3-8E26-A60130C70AF5}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [{028A0FF3-16EB-4627-8BEB-D0EF3CE99AA0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{55B43BEB-56C1-47F7-8BBD-7FAF62B760BF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{3E6260DA-1B7D-482D-9450-E628D03506EE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{E97F36CA-BA90-4A55-9113-3872B675A547}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BAB101BD-7605-470E-BED2-0B6C38975DB4}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{238DDFBE-7D72-478C-A703-449AE84F739A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1858E1A4-75C5-4364-BEA4-68BDA75DCD50}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F0013875-C328-429B-9B06-2A21797CE3FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{96901338-B5F9-4A38-87E0-F8F8E69351EE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0B11B27E-4DAA-44E7-903B-D5B991CDAAC0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9983636B-6EC4-481E-AA5F-501A9C7CF84D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{208F4237-885E-40FC-9667-8A11870C51B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1520151-08EF-431B-9391-16E90F76FBE1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{578AAFC1-16B0-41D9-AC18-0E809BCDA794}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9D77BBDD-12FC-47F8-BAAA-4EBAF71B08D9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1DB1E74C-7EC7-407F-BB3F-FA67A68797FA}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC9C2D40-1C38-4512-A142-31AD95512A54}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{74455E8A-4B83-40E8-A350-DAB43A216368}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{94B69976-DDA4-4FBA-814A-9C278FFC5A41}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{831570E1-67E5-4F32-96C8-48600CEE2AC1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2EFB0DB9-A037-450A-9865-63B18FDFE583}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A9D18FDB-D259-4AC7-ADCF-FA8591C4A4E8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5C03C0C0-13FE-437E-A20F-0F5EB10FC621}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0FB78D2B-946B-44C5-B369-196F0E0525CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{582B9F53-BB96-485D-AE89-52A7857E602F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F439F573-A72F-4585-95DE-483C36BB7BCD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DEBA3CBF-EE09-4D9B-BA65-8E4CEAA28BBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3FE15F6B-D070-4FED-9667-135238491AF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8CCCD198-45EB-4C1F-9397-D007CB6DAE9D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1FC7A0A5-EE4A-425B-AAF9-95CDA708ED39}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

21-03-2021 19:03:14 Windows Zálohování

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/21/2021 08:22:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.844, časové razítko: 0x69441820
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x2f54
Čas spuštění chybující aplikace: 0x01d71e86c03eec06
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 74713f4a-196c-484f-97d2-00cdb466dcad
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI

Error: (03/21/2021 08:22:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.844 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1fb0

Čas spuštění: 01d71e852f16da3a

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 9d8a20dd-1779-4470-af4e-3eaece1b46fc

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-process

Error: (03/17/2021 09:52:10 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/17/2021 09:26:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Bebuscha&Kaaposch (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/17/2021 09:26:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{29c9d0b5-7a05-11e3-a8cc-806e6f6e6963}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/17/2021 09:21:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Bebuscha&Kaaposch (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/17/2021 09:20:59 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na \\?\Volume{29c9d0b5-7a05-11e3-a8cc-806e6f6e6963}\, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/17/2021 09:14:40 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Bebuscha&Kaaposch (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (03/22/2021 12:15:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Řízení front zpráv byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (03/22/2021 12:15:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Nero BackItUp Scheduler 4.0 byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (03/22/2021 12:15:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SAS Core Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/22/2021 12:11:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Řízení front zpráv byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (03/22/2021 12:11:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PDF Architect Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/22/2021 12:11:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Nero BackItUp Scheduler 4.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (03/22/2021 12:11:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/22/2021 12:11:35 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===============
Date: 2021-03-22 10:58:20
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-03-22 10:56:26
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V2.2 07/15/2013
Motherboard: MSI FM2-A75MA-E35 (MS-7721)
Processor: AMD A10-6800K APU with Radeon(tm) HD Graphics
Percentage of memory in use: 54%
Total physical RAM: 7374.98 MB
Available physical RAM: 3326.39 MB
Total Virtual: 14798.98 MB
Available Virtual: 10645.42 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.77 GB) (Free:804.66 GB) NTFS
Drive f: (Bebuscha&Kaaposch) (Fixed) (Total:931.48 GB) (Free:22.22 GB) NTFS

\\?\Volume{29c9d0b5-7a05-11e3-a8cc-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.12 GB) NTFS
\\?\Volume{d3829413-0000-0000-0000-b0bde8000000}\ () (Fixed) (Total:0.55 GB) (Free:0.09 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D3829413)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=561 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: FC622B53)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 22 bře 2021 14:38
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {288CCB3B-1D85-46CA-9E7A-2BD5CD0A3FA7} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8efec4ce9532 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {531B827A-614D-4D9D-AF54-DB7D19AD9546} - System32\Tasks\{30C1D411-698D-4B3C-A42C-300A16AB7600} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {6A9027A0-5682-4CF1-8F8A-1BC2769D4EEF} - System32\Tasks\GoogleUpdateTaskMachineCore1d13287275ed3ef => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {B427BDCF-0624-4FE1-A4CE-7BBF67AB5AAA} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {BBDEFAD0-DF8B-4F9E-9BDF-28C33EDE537B} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {B66C100E-71AC-4DB5-A8A2-C19C11EFCC3F} - System32\Tasks\GoogleUpdateTaskMachineUA1cfff784c491cd1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {BEF99ECA-3DE9-4A9D-98D7-F7EC67FAFF0C} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8efec4e662f5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf8efec4ce9532.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf8efec4e662f5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cfff784c491cd1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d132872b3abd06
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d13287275ed3ef
C:\WINDOWS\system32\Tasks\{30C1D411-698D-4B3C-A42C-300A16AB7600}
C:\Users\Kapucky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 22 bře 2021 17:39
od kaaposch
Fix result of Farbar Recovery Scan Tool (x64) Version: 21-03-2021
Ran by Kapucky (22-03-2021 17:34:15) Run:1
Running from C:\Users\Kapucky\Desktop
Loaded Profiles: Kapucky
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {288CCB3B-1D85-46CA-9E7A-2BD5CD0A3FA7} - System32\Tasks\GoogleUpdateTaskMachineCore1cf8efec4ce9532 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {531B827A-614D-4D9D-AF54-DB7D19AD9546} - System32\Tasks\{30C1D411-698D-4B3C-A42C-300A16AB7600} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {6A9027A0-5682-4CF1-8F8A-1BC2769D4EEF} - System32\Tasks\GoogleUpdateTaskMachineCore1d13287275ed3ef => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {B427BDCF-0624-4FE1-A4CE-7BBF67AB5AAA} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {BBDEFAD0-DF8B-4F9E-9BDF-28C33EDE537B} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {B66C100E-71AC-4DB5-A8A2-C19C11EFCC3F} - System32\Tasks\GoogleUpdateTaskMachineUA1cfff784c491cd1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {BEF99ECA-3DE9-4A9D-98D7-F7EC67FAFF0C} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8efec4e662f5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf8efec4ce9532.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf8efec4e662f5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cfff784c491cd1.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d132872b3abd06
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d13287275ed3ef
C:\WINDOWS\system32\Tasks\{30C1D411-698D-4B3C-A42C-300A16AB7600}
C:\Users\Kapucky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{288CCB3B-1D85-46CA-9E7A-2BD5CD0A3FA7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{288CCB3B-1D85-46CA-9E7A-2BD5CD0A3FA7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cf8efec4ce9532 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1cf8efec4ce9532" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{531B827A-614D-4D9D-AF54-DB7D19AD9546}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{531B827A-614D-4D9D-AF54-DB7D19AD9546}" => removed successfully
C:\WINDOWS\System32\Tasks\{30C1D411-698D-4B3C-A42C-300A16AB7600} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{30C1D411-698D-4B3C-A42C-300A16AB7600}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6A9027A0-5682-4CF1-8F8A-1BC2769D4EEF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A9027A0-5682-4CF1-8F8A-1BC2769D4EEF}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d13287275ed3ef => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d13287275ed3ef" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B427BDCF-0624-4FE1-A4CE-7BBF67AB5AAA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B427BDCF-0624-4FE1-A4CE-7BBF67AB5AAA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BBDEFAD0-DF8B-4F9E-9BDF-28C33EDE537B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BBDEFAD0-DF8B-4F9E-9BDF-28C33EDE537B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B66C100E-71AC-4DB5-A8A2-C19C11EFCC3F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B66C100E-71AC-4DB5-A8A2-C19C11EFCC3F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cfff784c491cd1 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1cfff784c491cd1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEF99ECA-3DE9-4A9D-98D7-F7EC67FAFF0C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEF99ECA-3DE9-4A9D-98D7-F7EC67FAFF0C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf8efec4e662f5 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1cf8efec4e662f5" => removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf8efec4ce9532.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf8efec4e662f5.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cfff784c491cd1.job => moved successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d132872b3abd06 => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d13287275ed3ef" => not found
"C:\WINDOWS\system32\Tasks\{30C1D411-698D-4B3C-A42C-300A16AB7600}" => not found
C:\Users\Kapucky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 11821056 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 97955442 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 188159735 B
Edge => 283362 B
Chrome => 1222012929 B
Firefox => 1092527637 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 185238 B
NetworkService => 185238 B
Kapucky => 4032384535 B

RecycleBin => 27790336 B
EmptyTemp: => 6.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:38:15 ====

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 22 bře 2021 17:50
od Rudy
Smazáno. Nastala nějaká změna?

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 22 bře 2021 18:58
od kaaposch
zatím k žádnému pádu nedošlo, YT už v chromu jede... tak nejspíš OK ;)

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 22 bře 2021 19:02
od Rudy
To jsem rád. V PC ake žádný malware nebyl, pouze zbyrečnosti. :)

Re: bluescreeny a restarty - prosím o kontrolu

Napsal: 22 bře 2021 20:40
od kaaposch
Pak tedy mnohokrát děkuji, pokud by se to vrátilo, určitě se zase ozvu ;-)
Mějte se fajn.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz