Prosim o kontrolu logu - preventivka
Napsal: 31 kvě 2021 08:11
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-02-2021 01 (ATTENTION: ====> FRST version is 112 days old and could be outdated)
Ran by linco (administrator) on DESKTOP-J0PJPO6 (ASUSTeK COMPUTER INC. FX502VE) (31-05-2021 09:03:44)
Running from C:\Users\linco\OneDrive\Počítač
Loaded Profiles: linco
Platform: Windows 10 Home Version 20H2 19042.1023 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Battery Saver\BatterySvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnNM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(geek software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_c03e0d5968be7c61\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [122592 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [BatteryUI.exe] => C:\Program Files\Avast Software\Battery Saver\BatteryUI.exe [2702560 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2298117505-976418258-3832342613-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33770112 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2224096 2020-11-10] (TomTom International B.V. -> TomTom)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109961080 2021-05-25] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\linco\AppData\Local\slack\slack.exe [308368 2021-05-12] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [Facebook.MessengerDesktop] => C:\Users\linco\AppData\Local\Programs\Messenger\Messenger.exe messenger://openAtLogin
HKLM\...\Windows x64\Print Processors\Canon MG5100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAD.DLL [28672 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5100 series: C:\Windows\system32\CNMLMAD.DLL [361472 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-05-22]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11C04BB5-9BD8-4FF7-B3F1-2EF360FA3260} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {12742B7E-3103-463E-89AE-587BE05A7538} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {12D60FE6-6C77-4671-ACBF-C699A1A30C0B} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1197848 2021-05-21] (Avast Software s.r.o. -> AVAST Software)
Task: {17AEE891-F8A2-464E-9ABF-30707E12C61D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {188876BF-EDEE-4E8A-9387-CE265DA9046E} - System32\Tasks\ASUS Battery Health Charging Notification => C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe [2478776 2016-11-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {18F11252-F548-485A-A274-24DF4BB84E00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-31] (Google LLC -> Google LLC)
Task: {227E144B-F48C-43E5-9C1E-54483273D379} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2564D4DF-C850-4D58-9434-90FCAFD96E67} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {2667109A-05E7-4D3E-8067-D878D408C7DF} - System32\Tasks\Avast Software\Avast Battery Saver Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-bs\icarus.exe [5493472 2021-02-10] (Avast Software s.r.o. -> Avast Software)
Task: {2847894A-38F7-48E7-9BE3-C36D7DB486FD} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {290BEDB7-672D-4A81-9F91-5862579DE28B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {36535DC6-14B1-42EB-A962-BD22196A1949} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-02-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {3A46620C-881E-49A2-BB9C-311254E1D0EE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3AE04AC3-5F2B-4279-8E61-5CAA9F3E5197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-31] (Google LLC -> Google LLC)
Task: {42D5785A-35ED-43AA-AFA0-D6A8E6793A5A} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-02-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {50681298-4B57-4F3A-B223-305381CC35A9} - System32\Tasks\EOSv3 Scheduler onTime => D:\esetonlinescanner.exe [11697056 2021-05-13] (ESET, spol. s r.o. -> ESET)
Task: {50794EF1-D5B0-4DF3-8649-3D5403724570} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {541B230B-C939-4690-988A-F436943156EC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-05-20] (Piriform Software Ltd -> Piriform)
Task: {5620E5D1-3081-4726-B0A8-AE4E2049D1A0} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5865696 2021-05-20] (Avast Software s.r.o. -> Avast Software)
Task: {5D002C79-8F68-4323-ABC9-39E46EC740D7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {669BA5FE-B7DF-4A9D-AF12-4A8603F3A1D5} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [61752 2016-08-19] (GENESYS LOGIC, INC. -> )
Task: {71DF9112-B44A-431E-AEC6-1CB07103927F} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\esetonlinescanner.exe [11697056 2021-05-13] (ESET, spol. s r.o. -> ESET)
Task: {745A9824-2991-49ED-9698-C9E9403F566D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {868C9BEB-2F9D-40E6-BF29-5A7C33419DAA} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4866840 2021-05-21] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 7e6b0c2d-372b-43e7-96fd-19dd33bc0713
Task: {87BCFE0D-0D3D-4CCC-91F4-05AE00379784} - System32\Tasks\Avast Software\Avast Battery Saver BugReport => C:\Program Files\Avast Software\Battery Saver\AvBugReport.exe [4665568 2021-02-27] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 134 --programpath "C:\Program Files\Avast Software\Battery Saver\Setup\.." --configpath "C:\Program Files\Avast Software\Battery Saver\Setup" --path "C:\ProgramData\Avast Software\Battery Saver\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 113c070d-3ddc-4b77-aa7e-4a86a99715a8
Task: {95B6C707-EEC3-4992-9DAE-1C9189872243} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122552 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {9AC3B822-A126-4F56-8768-F12E5685B199} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-13] (Adobe Inc. -> Adobe)
Task: {9DE4561B-12A2-4861-B70D-80355F153286} - System32\Tasks\IcarusAvastVpnUpgrade => C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe -> /silent /ShowVpnGui=0 /RestartUpdaterTaskName=IcarusAvastVpnUpgrade /RestartUpdaterAppExe="C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe"
Task: {AEB63488-B184-44F6-9A95-2FD682825BE1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19967504 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {B7343D0A-A5AD-4345-985A-FA5E9D4BD62C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC41892C-860D-4898-A9DB-8C98DC996881} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122552 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {D288DF0A-B851-49C7-BF20-32C82981F42A} - System32\Tasks\ASUS HotfixChecker => C:\Program Files (x86)\ASUS\HotfixChecker\HotfixChecker.exe [140088 2019-04-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {E9041259-E6E4-40E0-88AC-2B8F6B877939} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4808928 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
Task: {F4A96CF6-78BB-427F-A1D5-B2DFDF7FEA24} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\WpsExternal_20161114022915.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{42582e72-4c63-4be9-a426-7f1e4414f4ae}: [NameServer] 100.120.76.1
Tcpip\..\Interfaces\{cb788683-62bb-49bd-a2bd-8c95f035c6d8}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{ce166e0c-1abd-4573-a63b-a0ac72c5ca8a}: [DhcpNameServer] 10.66.0.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\linco\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-31]
Edge Notifications: Default -> hxxps://teams.microsoft.com
FireFox:
========
FF DefaultProfile: a89791ok.default
FF ProfilePath: C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default [2021-05-31]
FF Session Restore: Mozilla\Firefox\Profiles\a89791ok.default -> is enabled.
FF Extension: (Facebook Container) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\@contain-facebook.xpi [2021-05-08]
FF Extension: (Avast AntiTrack Premium) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\antitrack@avast.com.xpi [2021-04-07]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-04-27]
FF Extension: (Easy Screenshot) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\easyscreenshot@mozillaonline.com.xpi [2021-05-19]
FF Extension: (To Google Translate) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11]
FF Extension: (Avast Passwords) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2020-02-10] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2021-04-19]
FF Extension: (Avast SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\safeprice@avast.com.xpi [2018-10-09]
FF Extension: (Avast SecureLine VPN) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\secureline-vpn@avast.com.xpi [2020-09-30]
FF Extension: (Avast SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\sp@avast.com.xpi [2020-07-03]
FF Extension: (Avast Online Security) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\wrc@avast.com.xpi [2019-11-26] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (Image Search Options) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\{4a313247-8330-4a81-948e-b79936516f78}.xpi [2020-08-21]
FF Extension: (Plná Peňaženka Líštička Lite) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\{5f383f45-0de3-43b3-838c-ea98916167e3}.xpi [2021-03-18]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-05-25]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-19]
FF Extension: (Picture-In-Picture) - C:\Program Files\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi [2021-04-19] [not signed]
FF HKLM\...\Firefox\Extensions: [sparalarm@chip.de] - C:\Program Files (x86)\sparalarm\ff\chip_sparalarm-14.39.1-fx.xpi
FF Extension: (CHIP Sparalarm) - C:\Program Files (x86)\sparalarm\ff\chip_sparalarm-14.39.1-fx.xpi [2019-09-11]
FF HKLM-x32\...\Firefox\Extensions: [sparalarm@chip.de] - C:\Program Files (x86)\sparalarm\ff\chip_sparalarm-14.39.1-fx.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-13] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-13] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-13] (Adobe Inc. -> Adobe)
S2 AsBhcService; C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe [114360 2016-10-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8150552 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [622816 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1353440 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [370400 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 BatterySvc; C:\Program Files\Avast Software\Battery Saver\BatterySvc.exe [6124768 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
S2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2356800 2021-04-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [409456 2021-03-30] (NVIDIA Corporation -> NVIDIA)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-11-19] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-24] (Huawei Technologies Co.,Ltd. -> )
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1347464 2021-03-06] (Rockstar Games, Inc. -> Rockstar Games)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [8613144 2021-05-21] (Avast Software s.r.o. -> AVAST Software)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_c03e0d5968be7c61\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_c03e0d5968be7c61\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-11-14] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 AsusHFilter; C:\WINDOWS\System32\drivers\AsusHFilter.sys [30200 2016-12-22] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [216360 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365536 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99296 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17328 2021-05-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180944 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522824 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82856 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851144 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471352 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215336 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2020-06-30] (Avast Software s.r.o. -> Avast Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [180776 2019-05-03] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
S1 netfilter2; system32\drivers\netfilter2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-28 01:03 - 2021-05-28 01:03 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-28 01:03 - 2021-05-28 01:03 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-28 01:03 - 2021-05-28 01:03 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-05-28 01:03 - 2021-05-28 01:03 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-28 01:03 - 2021-05-28 01:03 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-28 01:03 - 2021-05-28 01:03 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-28 01:03 - 2021-05-28 01:03 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-05-28 01:03 - 2021-05-28 01:03 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-05-28 01:03 - 2021-05-28 01:03 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-05-28 01:03 - 2021-05-28 01:03 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-05-28 01:03 - 2021-05-28 01:03 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-05-28 01:03 - 2021-05-28 01:03 - 000011327 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-28 01:02 - 2021-05-28 01:02 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-05-28 01:02 - 2021-05-28 01:02 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-05-28 01:02 - 2021-05-28 01:02 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-05-28 01:02 - 2021-05-28 01:02 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-05-28 01:02 - 2021-05-28 01:02 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-05-28 01:02 - 2021-05-28 01:02 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-05-22 08:16 - 2021-05-22 08:16 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-05-22 08:16 - 2021-05-22 08:16 - 000215336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-05-20 18:26 - 2021-05-13 20:19 - 000626968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-05-20 18:26 - 2021-05-13 20:17 - 005678360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-05-20 18:25 - 2021-05-13 20:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-05-20 18:25 - 2021-05-13 20:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-05-20 18:25 - 2021-05-13 20:22 - 001453360 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-05-20 18:25 - 2021-05-13 20:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-05-20 18:25 - 2021-05-13 20:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-05-20 18:25 - 2021-05-13 20:22 - 001192752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-05-20 18:25 - 2021-05-13 20:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-05-20 18:25 - 2021-05-13 20:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-05-20 18:25 - 2021-05-13 20:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-05-20 18:25 - 2021-05-13 20:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-05-20 18:25 - 2021-05-13 20:19 - 001514800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-05-20 18:25 - 2021-05-13 20:19 - 001166112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-05-20 18:25 - 2021-05-13 20:19 - 000715544 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-05-20 18:25 - 2021-05-13 20:19 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-05-20 18:25 - 2021-05-13 20:19 - 000575768 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-05-20 18:25 - 2021-05-13 20:19 - 000564000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-05-20 18:25 - 2021-05-13 20:18 - 002106144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-05-20 18:25 - 2021-05-13 20:18 - 001590576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-05-20 18:25 - 2021-05-13 20:18 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-05-20 18:25 - 2021-05-13 20:18 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-05-20 18:25 - 2021-05-13 20:18 - 000656176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-05-20 18:25 - 2021-05-13 20:18 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-05-20 18:25 - 2021-05-13 20:17 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-05-20 18:25 - 2021-05-13 20:17 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-05-20 18:25 - 2021-05-13 20:17 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-05-20 18:25 - 2021-05-13 20:17 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-05-20 18:25 - 2021-05-13 20:16 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-05-20 18:25 - 2021-05-13 20:15 - 006159152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-05-20 18:25 - 2021-05-13 12:38 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-05-11 19:54 - 2021-05-11 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2021-05-01 21:48 - 2021-05-01 21:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1
2021-05-01 21:42 - 2021-05-01 21:42 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-01 21:41 - 2021-05-01 21:41 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-01 21:41 - 2021-05-01 21:41 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-01 21:41 - 2021-05-01 21:41 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-01 21:41 - 2021-05-01 21:41 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-01 21:41 - 2021-05-01 21:41 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-31 09:04 - 2020-08-22 14:05 - 000000000 ____D C:\FRST
2021-05-31 09:03 - 2019-02-03 20:31 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-31 09:03 - 2018-09-15 21:01 - 000000000 ____D C:\Users\linco\AppData\Local\AVAST Software
2021-05-31 09:02 - 2020-12-23 11:05 - 000000000 ____D C:\Users\linco\AppData\Roaming\Slack
2021-05-31 09:02 - 2020-07-01 09:23 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-05-31 09:02 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-31 09:02 - 2018-09-15 21:01 - 000000000 ____D C:\Users\linco\AppData\LocalLow\Mozilla
2021-05-31 09:02 - 2017-07-04 20:03 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-31 09:01 - 2020-08-08 09:05 - 000001380 _____ C:\Users\linco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-05-31 09:01 - 2020-06-20 23:03 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-31 09:01 - 2020-06-20 23:03 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2298117505-976418258-3832342613-1001
2021-05-31 09:01 - 2020-06-20 23:03 - 000002218 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-05-31 09:01 - 2020-06-20 23:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-05-31 07:39 - 2020-06-20 23:01 - 002229500 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-31 07:39 - 2020-06-20 21:24 - 000460920 _____ C:\WINDOWS\system32\perfh006.dat
2021-05-31 07:39 - 2020-06-20 21:24 - 000081102 _____ C:\WINDOWS\system32\perfc006.dat
2021-05-31 07:39 - 2019-12-07 16:41 - 000709160 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-31 07:39 - 2019-12-07 16:41 - 000145492 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-31 07:39 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-31 07:35 - 2018-09-15 22:08 - 000000000 ____D C:\Program Files\CCleaner
2021-05-31 07:33 - 2020-10-20 21:02 - 000000000 ____D C:\Users\linco\AppData\Roaming\Messenger
2021-05-31 07:33 - 2020-10-20 21:02 - 000000000 ____D C:\Users\linco\AppData\Local\Messenger
2021-05-31 07:32 - 2020-06-20 23:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-31 07:32 - 2020-06-20 22:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-31 07:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-31 07:32 - 2018-09-15 20:59 - 000000000 ____D C:\ProgramData\AVAST Software
2021-05-31 07:32 - 2018-09-15 20:57 - 000000000 ___RD C:\Users\linco\OneDrive
2021-05-31 07:32 - 2018-09-15 20:55 - 000000000 __SHD C:\Users\linco\IntelGraphicsProfiles
2021-05-31 00:15 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-31 00:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-30 23:32 - 2020-06-20 22:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-30 18:23 - 2018-12-05 20:58 - 000000000 ____D C:\Users\linco\AppData\Roaming\WhatsApp
2021-05-29 21:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-29 08:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-28 23:36 - 2020-06-20 21:45 - 000002353 _____ C:\Users\linco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-28 22:49 - 2020-06-10 10:47 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-28 11:35 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-28 11:33 - 2020-06-20 22:55 - 000635672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-27 12:38 - 2020-04-13 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-05-23 07:27 - 2020-06-20 23:03 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-05-22 08:16 - 2020-10-08 23:50 - 000180944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-05-22 08:16 - 2020-04-03 19:31 - 000522824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-05-22 08:16 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-22 08:16 - 2019-11-21 17:36 - 000851144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000471352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000365536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000216360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000099296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000082856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000017328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-05-22 08:11 - 2020-04-15 20:11 - 000000000 ____D C:\Users\linco\AppData\Local\WhatsApp
2021-05-22 08:10 - 2018-09-20 18:10 - 000000000 ____D C:\Users\linco\AppData\Local\CrashDumps
2021-05-21 16:27 - 2017-07-04 20:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-05-20 18:30 - 2019-02-04 18:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-05-20 18:30 - 2018-09-19 12:02 - 000000000 ____D C:\ProgramData\Packages
2021-05-20 18:30 - 2018-09-15 20:55 - 000000000 ____D C:\Users\linco\AppData\Local\Packages
2021-05-20 18:28 - 2017-07-04 20:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-05-20 11:50 - 2020-06-16 10:02 - 000081632 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-05-14 15:22 - 2021-04-21 15:23 - 000003444 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-14 15:22 - 2021-04-21 15:23 - 000003220 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-14 15:22 - 2020-06-20 23:03 - 000003564 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-14 15:22 - 2020-06-20 23:03 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003340 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-05-14 15:22 - 2020-06-20 23:03 - 000003256 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003212 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-13 20:15 - 2020-05-31 19:17 - 007212224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-05-12 08:11 - 2020-12-23 11:06 - 000000000 ____D C:\Users\linco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2021-05-12 08:11 - 2020-12-23 11:05 - 000000000 ____D C:\Users\linco\AppData\Local\slack
2021-05-12 08:11 - 2018-12-05 20:57 - 000000000 ____D C:\Users\linco\AppData\Local\SquirrelTemp
2021-05-11 22:57 - 2018-09-16 14:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-11 22:54 - 2018-09-16 14:50 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-11 19:54 - 2018-09-27 16:43 - 000000000 ____D C:\ProgramData\Foxit Software
2021-05-07 13:02 - 2018-09-15 20:59 - 000000000 ____D C:\Program Files\AVAST Software
2021-05-07 13:01 - 2021-04-07 08:36 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2021-05-07 13:01 - 2019-11-21 17:36 - 000000000 ____D C:\Users\linco\AppData\Roaming\AVAST Software
2021-05-06 12:09 - 2021-02-24 10:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-06 12:09 - 2018-09-15 21:01 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-01 21:49 - 2019-12-07 16:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-01 21:44 - 2019-12-07 16:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-01 21:13 - 2021-04-04 22:37 - 000000000 ____D C:\Users\linco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-01 21:13 - 2021-04-04 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-01 21:13 - 2021-04-04 22:37 - 000000000 ____D C:\Program Files\WinRAR
==================== Files in the root of some directories ========
2020-11-13 15:22 - 2020-11-13 15:22 - 000000046 _____ () C:\Users\linco\AppData\Roaming\Camdata.ini
2020-11-13 15:22 - 2020-11-13 15:22 - 000000408 _____ () C:\Users\linco\AppData\Roaming\CamLayout.ini
2020-11-13 15:22 - 2020-11-13 15:22 - 000000408 _____ () C:\Users\linco\AppData\Roaming\CamShapes.ini
2020-11-13 15:22 - 2020-11-13 15:22 - 000004536 _____ () C:\Users\linco\AppData\Roaming\CamStudio.cfg
2018-09-15 20:58 - 2019-07-07 11:46 - 000000200 _____ () C:\Users\linco\AppData\Roaming\sp_data.sys
2020-11-13 15:20 - 2020-11-13 15:20 - 000000096 _____ () C:\Users\linco\AppData\Roaming\version2.xml
2020-12-01 11:07 - 2020-12-01 11:07 - 000415507 _____ () C:\Users\linco\AppData\Local\ars.cache
2020-12-01 11:08 - 2020-12-01 11:08 - 001139162 _____ () C:\Users\linco\AppData\Local\census.cache
2020-12-01 10:38 - 2020-12-01 10:38 - 000000036 _____ () C:\Users\linco\AppData\Local\housecall.guid.cache
2020-12-01 10:42 - 2020-12-01 10:42 - 000000010 _____ () C:\Users\linco\AppData\Local\sponge.last.runtime.cache
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by linco (administrator) on DESKTOP-J0PJPO6 (ASUSTeK COMPUTER INC. FX502VE) (31-05-2021 09:03:44)
Running from C:\Users\linco\OneDrive\Počítač
Loaded Profiles: linco
Platform: Windows 10 Home Version 20H2 19042.1023 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Battery Saver\BatterySvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnNM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(geek software GmbH -> geek software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_c03e0d5968be7c61\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [122592 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [BatteryUI.exe] => C:\Program Files\Avast Software\Battery Saver\BatteryUI.exe [2702560 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2298117505-976418258-3832342613-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33770112 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2224096 2020-11-10] (TomTom International B.V. -> TomTom)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109961080 2021-05-25] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\linco\AppData\Local\slack\slack.exe [308368 2021-05-12] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-2298117505-976418258-3832342613-1001\...\Run: [Facebook.MessengerDesktop] => C:\Users\linco\AppData\Local\Programs\Messenger\Messenger.exe messenger://openAtLogin
HKLM\...\Windows x64\Print Processors\Canon MG5100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAD.DLL [28672 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5100 series: C:\Windows\system32\CNMLMAD.DLL [361472 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-05-22]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11C04BB5-9BD8-4FF7-B3F1-2EF360FA3260} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {12742B7E-3103-463E-89AE-587BE05A7538} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {12D60FE6-6C77-4671-ACBF-C699A1A30C0B} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1197848 2021-05-21] (Avast Software s.r.o. -> AVAST Software)
Task: {17AEE891-F8A2-464E-9ABF-30707E12C61D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3336560 2021-04-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {188876BF-EDEE-4E8A-9387-CE265DA9046E} - System32\Tasks\ASUS Battery Health Charging Notification => C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe [2478776 2016-11-28] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {18F11252-F548-485A-A274-24DF4BB84E00} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-31] (Google LLC -> Google LLC)
Task: {227E144B-F48C-43E5-9C1E-54483273D379} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2564D4DF-C850-4D58-9434-90FCAFD96E67} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {2667109A-05E7-4D3E-8067-D878D408C7DF} - System32\Tasks\Avast Software\Avast Battery Saver Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-bs\icarus.exe [5493472 2021-02-10] (Avast Software s.r.o. -> Avast Software)
Task: {2847894A-38F7-48E7-9BE3-C36D7DB486FD} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {290BEDB7-672D-4A81-9F91-5862579DE28B} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {36535DC6-14B1-42EB-A962-BD22196A1949} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-02-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {3A46620C-881E-49A2-BB9C-311254E1D0EE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3AE04AC3-5F2B-4279-8E61-5CAA9F3E5197} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-31] (Google LLC -> Google LLC)
Task: {42D5785A-35ED-43AA-AFA0-D6A8E6793A5A} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1485312 2017-02-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {50681298-4B57-4F3A-B223-305381CC35A9} - System32\Tasks\EOSv3 Scheduler onTime => D:\esetonlinescanner.exe [11697056 2021-05-13] (ESET, spol. s r.o. -> ESET)
Task: {50794EF1-D5B0-4DF3-8649-3D5403724570} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {541B230B-C939-4690-988A-F436943156EC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-05-20] (Piriform Software Ltd -> Piriform)
Task: {5620E5D1-3081-4726-B0A8-AE4E2049D1A0} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5865696 2021-05-20] (Avast Software s.r.o. -> Avast Software)
Task: {5D002C79-8F68-4323-ABC9-39E46EC740D7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905584 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {669BA5FE-B7DF-4A9D-AF12-4A8603F3A1D5} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [61752 2016-08-19] (GENESYS LOGIC, INC. -> )
Task: {71DF9112-B44A-431E-AEC6-1CB07103927F} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\esetonlinescanner.exe [11697056 2021-05-13] (ESET, spol. s r.o. -> ESET)
Task: {745A9824-2991-49ED-9698-C9E9403F566D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-09-29] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {868C9BEB-2F9D-40E6-BF29-5A7C33419DAA} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4866840 2021-05-21] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 7e6b0c2d-372b-43e7-96fd-19dd33bc0713
Task: {87BCFE0D-0D3D-4CCC-91F4-05AE00379784} - System32\Tasks\Avast Software\Avast Battery Saver BugReport => C:\Program Files\Avast Software\Battery Saver\AvBugReport.exe [4665568 2021-02-27] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 134 --programpath "C:\Program Files\Avast Software\Battery Saver\Setup\.." --configpath "C:\Program Files\Avast Software\Battery Saver\Setup" --path "C:\ProgramData\Avast Software\Battery Saver\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 113c070d-3ddc-4b77-aa7e-4a86a99715a8
Task: {95B6C707-EEC3-4992-9DAE-1C9189872243} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122552 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {9AC3B822-A126-4F56-8768-F12E5685B199} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-13] (Adobe Inc. -> Adobe)
Task: {9DE4561B-12A2-4861-B70D-80355F153286} - System32\Tasks\IcarusAvastVpnUpgrade => C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe -> /silent /ShowVpnGui=0 /RestartUpdaterTaskName=IcarusAvastVpnUpgrade /RestartUpdaterAppExe="C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe"
Task: {AEB63488-B184-44F6-9A95-2FD682825BE1} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19967504 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {B7343D0A-A5AD-4345-985A-FA5E9D4BD62C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1260400 2021-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CC41892C-860D-4898-A9DB-8C98DC996881} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122552 2016-11-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {D288DF0A-B851-49C7-BF20-32C82981F42A} - System32\Tasks\ASUS HotfixChecker => C:\Program Files (x86)\ASUS\HotfixChecker\HotfixChecker.exe [140088 2019-04-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {E9041259-E6E4-40E0-88AC-2B8F6B877939} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4808928 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
Task: {F4A96CF6-78BB-427F-A1D5-B2DFDF7FEA24} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\WpsExternal_20161114022915.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{42582e72-4c63-4be9-a426-7f1e4414f4ae}: [NameServer] 100.120.76.1
Tcpip\..\Interfaces\{cb788683-62bb-49bd-a2bd-8c95f035c6d8}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{ce166e0c-1abd-4573-a63b-a0ac72c5ca8a}: [DhcpNameServer] 10.66.0.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\linco\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-31]
Edge Notifications: Default -> hxxps://teams.microsoft.com
FireFox:
========
FF DefaultProfile: a89791ok.default
FF ProfilePath: C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default [2021-05-31]
FF Session Restore: Mozilla\Firefox\Profiles\a89791ok.default -> is enabled.
FF Extension: (Facebook Container) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\@contain-facebook.xpi [2021-05-08]
FF Extension: (Avast AntiTrack Premium) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\antitrack@avast.com.xpi [2021-04-07]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-04-27]
FF Extension: (Easy Screenshot) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\easyscreenshot@mozillaonline.com.xpi [2021-05-19]
FF Extension: (To Google Translate) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11]
FF Extension: (Avast Passwords) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2020-02-10] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2021-04-19]
FF Extension: (Avast SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\safeprice@avast.com.xpi [2018-10-09]
FF Extension: (Avast SecureLine VPN) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\secureline-vpn@avast.com.xpi [2020-09-30]
FF Extension: (Avast SafePrice | Porovnanie, ponuky, kupóny) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\sp@avast.com.xpi [2020-07-03]
FF Extension: (Avast Online Security) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\wrc@avast.com.xpi [2019-11-26] [UpdateUrl:hxxps://firefoxext.avcdn.net/firefoxext/avast/aos/update.json]
FF Extension: (Image Search Options) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\{4a313247-8330-4a81-948e-b79936516f78}.xpi [2020-08-21]
FF Extension: (Plná Peňaženka Líštička Lite) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\{5f383f45-0de3-43b3-838c-ea98916167e3}.xpi [2021-03-18]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-05-25]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\linco\AppData\Roaming\Mozilla\Firefox\Profiles\a89791ok.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-19]
FF Extension: (Picture-In-Picture) - C:\Program Files\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi [2021-04-19] [not signed]
FF HKLM\...\Firefox\Extensions: [sparalarm@chip.de] - C:\Program Files (x86)\sparalarm\ff\chip_sparalarm-14.39.1-fx.xpi
FF Extension: (CHIP Sparalarm) - C:\Program Files (x86)\sparalarm\ff\chip_sparalarm-14.39.1-fx.xpi [2019-09-11]
FF HKLM-x32\...\Firefox\Extensions: [sparalarm@chip.de] - C:\Program Files (x86)\sparalarm\ff\chip_sparalarm-14.39.1-fx.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-13] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-13] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-13] (Adobe Inc. -> Adobe)
S2 AsBhcService; C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe [114360 2016-10-20] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8150552 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [622816 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1353440 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [370400 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 BatterySvc; C:\Program Files\Avast Software\Battery Saver\BatterySvc.exe [6124768 2021-02-27] (Avast Software s.r.o. -> AVAST Software)
S2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2356800 2021-04-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [409456 2021-03-30] (NVIDIA Corporation -> NVIDIA)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-11-19] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-24] (Huawei Technologies Co.,Ltd. -> )
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [486464 2020-10-01] (geek software GmbH -> geek software GmbH)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1347464 2021-03-06] (Rockstar Games, Inc. -> Rockstar Games)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [8613144 2021-05-21] (Avast Software s.r.o. -> AVAST Software)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_c03e0d5968be7c61\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_c03e0d5968be7c61\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-11-14] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 AsusHFilter; C:\WINDOWS\System32\drivers\AsusHFilter.sys [30200 2016-12-22] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [216360 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365536 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250336 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99296 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17328 2021-05-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41296 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [180944 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522824 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107792 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82856 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851144 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471352 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215336 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-05] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-05-22] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2020-06-30] (Avast Software s.r.o. -> Avast Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [180776 2019-05-03] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
S1 netfilter2; system32\drivers\netfilter2.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-28 01:03 - 2021-05-28 01:03 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-28 01:03 - 2021-05-28 01:03 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-28 01:03 - 2021-05-28 01:03 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-05-28 01:03 - 2021-05-28 01:03 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-28 01:03 - 2021-05-28 01:03 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-28 01:03 - 2021-05-28 01:03 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-28 01:03 - 2021-05-28 01:03 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-05-28 01:03 - 2021-05-28 01:03 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-05-28 01:03 - 2021-05-28 01:03 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-05-28 01:03 - 2021-05-28 01:03 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-05-28 01:03 - 2021-05-28 01:03 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-05-28 01:03 - 2021-05-28 01:03 - 000011327 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-28 01:02 - 2021-05-28 01:02 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-05-28 01:02 - 2021-05-28 01:02 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-05-28 01:02 - 2021-05-28 01:02 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-05-28 01:02 - 2021-05-28 01:02 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-05-28 01:02 - 2021-05-28 01:02 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-05-28 01:02 - 2021-05-28 01:02 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-05-22 08:16 - 2021-05-22 08:16 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-05-22 08:16 - 2021-05-22 08:16 - 000215336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-05-20 18:26 - 2021-05-13 20:19 - 000626968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-05-20 18:26 - 2021-05-13 20:17 - 005678360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-05-20 18:25 - 2021-05-13 20:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-05-20 18:25 - 2021-05-13 20:22 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-05-20 18:25 - 2021-05-13 20:22 - 001453360 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-05-20 18:25 - 2021-05-13 20:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-05-20 18:25 - 2021-05-13 20:22 - 001435880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-05-20 18:25 - 2021-05-13 20:22 - 001192752 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-05-20 18:25 - 2021-05-13 20:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-05-20 18:25 - 2021-05-13 20:22 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-05-20 18:25 - 2021-05-13 20:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-05-20 18:25 - 2021-05-13 20:22 - 000948968 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-05-20 18:25 - 2021-05-13 20:19 - 001514800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-05-20 18:25 - 2021-05-13 20:19 - 001166112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-05-20 18:25 - 2021-05-13 20:19 - 000715544 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-05-20 18:25 - 2021-05-13 20:19 - 000675104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-05-20 18:25 - 2021-05-13 20:19 - 000575768 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-05-20 18:25 - 2021-05-13 20:19 - 000564000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-05-20 18:25 - 2021-05-13 20:18 - 002106144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-05-20 18:25 - 2021-05-13 20:18 - 001590576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-05-20 18:25 - 2021-05-13 20:18 - 000811824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-05-20 18:25 - 2021-05-13 20:18 - 000689952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-05-20 18:25 - 2021-05-13 20:18 - 000656176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-05-20 18:25 - 2021-05-13 20:18 - 000445744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-05-20 18:25 - 2021-05-13 20:17 - 008317232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-05-20 18:25 - 2021-05-13 20:17 - 007434032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-05-20 18:25 - 2021-05-13 20:17 - 004795184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-05-20 18:25 - 2021-05-13 20:17 - 002823472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-05-20 18:25 - 2021-05-13 20:16 - 000848688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-05-20 18:25 - 2021-05-13 20:15 - 006159152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-05-20 18:25 - 2021-05-13 12:38 - 000087164 _____ C:\WINDOWS\system32\nvinfo.pb
2021-05-11 19:54 - 2021-05-11 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2021-05-01 21:48 - 2021-05-01 21:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.1
2021-05-01 21:42 - 2021-05-01 21:42 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-01 21:41 - 2021-05-01 21:41 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-01 21:41 - 2021-05-01 21:41 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-01 21:41 - 2021-05-01 21:41 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-01 21:41 - 2021-05-01 21:41 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-01 21:41 - 2021-05-01 21:41 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-31 09:04 - 2020-08-22 14:05 - 000000000 ____D C:\FRST
2021-05-31 09:03 - 2019-02-03 20:31 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-31 09:03 - 2018-09-15 21:01 - 000000000 ____D C:\Users\linco\AppData\Local\AVAST Software
2021-05-31 09:02 - 2020-12-23 11:05 - 000000000 ____D C:\Users\linco\AppData\Roaming\Slack
2021-05-31 09:02 - 2020-07-01 09:23 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-05-31 09:02 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-31 09:02 - 2018-09-15 21:01 - 000000000 ____D C:\Users\linco\AppData\LocalLow\Mozilla
2021-05-31 09:02 - 2017-07-04 20:03 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-31 09:01 - 2020-08-08 09:05 - 000001380 _____ C:\Users\linco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-05-31 09:01 - 2020-06-20 23:03 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-31 09:01 - 2020-06-20 23:03 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2298117505-976418258-3832342613-1001
2021-05-31 09:01 - 2020-06-20 23:03 - 000002218 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-05-31 09:01 - 2020-06-20 23:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-05-31 07:39 - 2020-06-20 23:01 - 002229500 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-31 07:39 - 2020-06-20 21:24 - 000460920 _____ C:\WINDOWS\system32\perfh006.dat
2021-05-31 07:39 - 2020-06-20 21:24 - 000081102 _____ C:\WINDOWS\system32\perfc006.dat
2021-05-31 07:39 - 2019-12-07 16:41 - 000709160 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-31 07:39 - 2019-12-07 16:41 - 000145492 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-31 07:39 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-31 07:35 - 2018-09-15 22:08 - 000000000 ____D C:\Program Files\CCleaner
2021-05-31 07:33 - 2020-10-20 21:02 - 000000000 ____D C:\Users\linco\AppData\Roaming\Messenger
2021-05-31 07:33 - 2020-10-20 21:02 - 000000000 ____D C:\Users\linco\AppData\Local\Messenger
2021-05-31 07:32 - 2020-06-20 23:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-31 07:32 - 2020-06-20 22:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-31 07:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-31 07:32 - 2018-09-15 20:59 - 000000000 ____D C:\ProgramData\AVAST Software
2021-05-31 07:32 - 2018-09-15 20:57 - 000000000 ___RD C:\Users\linco\OneDrive
2021-05-31 07:32 - 2018-09-15 20:55 - 000000000 __SHD C:\Users\linco\IntelGraphicsProfiles
2021-05-31 00:15 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-31 00:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-30 23:32 - 2020-06-20 22:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-30 18:23 - 2018-12-05 20:58 - 000000000 ____D C:\Users\linco\AppData\Roaming\WhatsApp
2021-05-29 21:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-29 08:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-28 23:36 - 2020-06-20 21:45 - 000002353 _____ C:\Users\linco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-28 22:49 - 2020-06-10 10:47 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-28 11:35 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-28 11:33 - 2020-06-20 22:55 - 000635672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-28 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-27 12:38 - 2020-04-13 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-05-23 07:27 - 2020-06-20 23:03 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-05-22 08:16 - 2020-10-08 23:50 - 000180944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-05-22 08:16 - 2020-04-03 19:31 - 000522824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-05-22 08:16 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-22 08:16 - 2019-11-21 17:36 - 000851144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000471352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000365536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000250336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000216360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000099296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000082856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000041296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-05-22 08:16 - 2019-11-21 17:36 - 000017328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-05-22 08:11 - 2020-04-15 20:11 - 000000000 ____D C:\Users\linco\AppData\Local\WhatsApp
2021-05-22 08:10 - 2018-09-20 18:10 - 000000000 ____D C:\Users\linco\AppData\Local\CrashDumps
2021-05-21 16:27 - 2017-07-04 20:01 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2021-05-20 18:30 - 2019-02-04 18:52 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-05-20 18:30 - 2018-09-19 12:02 - 000000000 ____D C:\ProgramData\Packages
2021-05-20 18:30 - 2018-09-15 20:55 - 000000000 ____D C:\Users\linco\AppData\Local\Packages
2021-05-20 18:28 - 2017-07-04 20:03 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-05-20 11:50 - 2020-06-16 10:02 - 000081632 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-05-14 15:22 - 2021-04-21 15:23 - 000003444 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-14 15:22 - 2021-04-21 15:23 - 000003220 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-14 15:22 - 2020-06-20 23:03 - 000003564 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-14 15:22 - 2020-06-20 23:03 - 000003458 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003340 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-05-14 15:22 - 2020-06-20 23:03 - 000003256 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003212 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003044 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000003008 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000002974 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-14 15:22 - 2020-06-20 23:03 - 000002804 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-05-13 20:15 - 2020-05-31 19:17 - 007212224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-05-12 08:11 - 2020-12-23 11:06 - 000000000 ____D C:\Users\linco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2021-05-12 08:11 - 2020-12-23 11:05 - 000000000 ____D C:\Users\linco\AppData\Local\slack
2021-05-12 08:11 - 2018-12-05 20:57 - 000000000 ____D C:\Users\linco\AppData\Local\SquirrelTemp
2021-05-11 22:57 - 2018-09-16 14:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-11 22:54 - 2018-09-16 14:50 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-11 19:54 - 2018-09-27 16:43 - 000000000 ____D C:\ProgramData\Foxit Software
2021-05-07 13:02 - 2018-09-15 20:59 - 000000000 ____D C:\Program Files\AVAST Software
2021-05-07 13:01 - 2021-04-07 08:36 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2021-05-07 13:01 - 2019-11-21 17:36 - 000000000 ____D C:\Users\linco\AppData\Roaming\AVAST Software
2021-05-06 12:09 - 2021-02-24 10:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-06 12:09 - 2018-09-15 21:01 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-01 21:49 - 2019-12-07 16:42 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-01 21:44 - 2019-12-07 16:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-01 21:13 - 2021-04-04 22:37 - 000000000 ____D C:\Users\linco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-01 21:13 - 2021-04-04 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-01 21:13 - 2021-04-04 22:37 - 000000000 ____D C:\Program Files\WinRAR
==================== Files in the root of some directories ========
2020-11-13 15:22 - 2020-11-13 15:22 - 000000046 _____ () C:\Users\linco\AppData\Roaming\Camdata.ini
2020-11-13 15:22 - 2020-11-13 15:22 - 000000408 _____ () C:\Users\linco\AppData\Roaming\CamLayout.ini
2020-11-13 15:22 - 2020-11-13 15:22 - 000000408 _____ () C:\Users\linco\AppData\Roaming\CamShapes.ini
2020-11-13 15:22 - 2020-11-13 15:22 - 000004536 _____ () C:\Users\linco\AppData\Roaming\CamStudio.cfg
2018-09-15 20:58 - 2019-07-07 11:46 - 000000200 _____ () C:\Users\linco\AppData\Roaming\sp_data.sys
2020-11-13 15:20 - 2020-11-13 15:20 - 000000096 _____ () C:\Users\linco\AppData\Roaming\version2.xml
2020-12-01 11:07 - 2020-12-01 11:07 - 000415507 _____ () C:\Users\linco\AppData\Local\ars.cache
2020-12-01 11:08 - 2020-12-01 11:08 - 001139162 _____ () C:\Users\linco\AppData\Local\census.cache
2020-12-01 10:38 - 2020-12-01 10:38 - 000000036 _____ () C:\Users\linco\AppData\Local\housecall.guid.cache
2020-12-01 10:42 - 2020-12-01 10:42 - 000000010 _____ () C:\Users\linco\AppData\Local\sponge.last.runtime.cache
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================