VIRY.CZ

Dobrý den, chci Vás požádat o kontrolu notebooku. Je zpomalený a využití HDD je kolem 100%, vymazal jsem nějaké programy a lištičky a opravil stahování aktualizací, tak se stavtrochu zlepšil alenení to dobré.
Děkuji předem za pomoc
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021
Ran by lea (06-04-2021 17:59:42)
Running from C:\Users\lea\Desktop
Windows 10 Home Version 20H2 19042.867 (X64) (2021-04-05 22:52:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4143993030-3762550760-4189436703-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4143993030-3762550760-4189436703-503 - Limited - Disabled)
Guest (S-1-5-21-4143993030-3762550760-4189436703-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4143993030-3762550760-4189436703-1002 - Limited - Enabled)
lea (S-1-5-21-4143993030-3762550760-4189436703-1000 - Administrator - Enabled) => C:\Users\lea
WDAGUtilityAccount (S-1-5-21-4143993030-3762550760-4189436703-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 87.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 87.0 (x86 cs)) (Version: 87.0 - Mozilla)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23214 - Microsoft Corporation)
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Revo Uninstaller 2.2.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.5 - VS Revo Group, Ltd.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F9B2D86A-2BB4-4373-8298-6D1D0BEBBF7B}) (Version: 2.71.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{76A22428-2400-4521-96AF-7AC4A6174CA5}) (Version: 1.25.0.0 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.91 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Packages:
=========
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2016-08-12] (Acer Incorporated)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-04-06] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2021-04-06] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-01-28] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers1: [STShellMenu64] -> {41C7F3AE-3A88-4CFE-A604-BCEC449ACB4D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll [2011-04-02] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2011-03-29] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2009-01-22 01:45 - 2009-01-22 01:45 - 001401856 _____ () [File not signed] C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2015-08-21 22:09 - 2015-08-21 22:09 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-08-21 22:09 - 2015-08-21 22:09 - 000102400 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-08-21 22:06 - 2015-08-21 22:06 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4143993030-3762550760-4189436703-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-05 11:24 - 000000072 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-09-16 20:32 - 2017-09-16 20:34 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\EgisTec MyWinLocker\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4143993030-3762550760-4189436703-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "BackupManagerTray"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C25FAD40-5696-4BDE-B464-1489E2FD8340}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{8B408D69-2D0F-461D-AF0E-0B2876678460}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{897FDDB0-EFC7-4E4B-9D47-1EFAC0F765D1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{84C840DB-8933-413A-9742-D942F82BB3D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6F1CCA3E-CE74-4BD5-A6DA-0564C5C77C0E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C5E38216-4298-437B-895B-B38A6AD1A1AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79F26D1D-CFA9-487C-8E26-52FC9E3DADD5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F24A4129-F193-443E-ADED-66EE4DB5FC8E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D91BC5B3-54E5-4132-9262-87D376D3AC83}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink -> CyberLink)
FirewallRules: [{A149696C-16FC-4ABE-A022-F2A77C2B237D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink -> CyberLink)
FirewallRules: [{FEFBB596-6589-4E53-B03B-8DA93FE79E4C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (CyberLink -> CyberLink)
FirewallRules: [{294AE8BD-0625-4313-A67E-F7F04B6A0780}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{C3A45A85-041A-48FB-8377-55DF807D799D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{69D05C7C-E7FA-4622-8465-FE867E0AECAE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe (CyberLink -> Acer Incorporated)
FirewallRules: [{63E44CE5-BB47-4729-B773-397E77B891CC}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E313B918-154B-466B-892A-B3EA98C183AA}] => (Allow) LPort=1900
FirewallRules: [{1C557814-959C-44E4-A61B-BAE21B1B6EEA}] => (Allow) LPort=2869
FirewallRules: [{0ED4E91B-386A-48E6-8492-D60FD9F1753E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

06-04-2021 03:04:47 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/06/2021 03:06:24 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (04/06/2021 01:05:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WhatsNew.Store.exe verze 8.2.1910.21002 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1c1c

Čas spuštění: 01d72a6fe5ad85b8

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Getstarted_8.2.22942.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe

ID hlášení: 9803a498-f005-40e6-a958-f5ccad96e752

Úplný název balíčku s chybou: Microsoft.Getstarted_8.2.22942.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Cross-thread

Error: (04/06/2021 12:21:02 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (04/06/2021 12:20:49 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (04/06/2021 12:20:49 AM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (04/06/2021 12:20:48 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (04/05/2021 11:56:10 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\AMD\WU-CCC2\ccc2_install\VC12RTx64\vcredist_x64.exe /q /norestart; Popis = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727; Chyba = 0x80042302).

Error: (04/05/2021 11:56:10 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
.


Operace:
Vytvoření instance serveru VSS


System errors:
=============
Error: (04/06/2021 05:23:54 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (04/06/2021 03:46:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NTI IScheduleSvc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/06/2021 03:46:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby NTI IScheduleSvc bylo dosaženo časového limitu (45000 ms).

Error: (04/06/2021 03:46:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DsiWMIService neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/06/2021 03:46:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby DsiWMIService bylo dosaženo časového limitu (45000 ms).

Error: (04/06/2021 03:46:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AdobeARMservice bylo dosaženo časového limitu (45000 ms).

Error: (04/06/2021 03:46:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Live Updater Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/06/2021 03:46:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Live Updater Service bylo dosaženo časového limitu (45000 ms).


==================== Memory info ===========================

BIOS: Acer V1.03 06/10/2011
Motherboard: Acer HMA51-BZ
Processor: AMD E-300 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 88%
Total physical RAM: 1770.9 MB
Available physical RAM: 210.71 MB
Total Virtual: 4631.74 MB
Available Virtual: 642.03 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:222.52 GB) NTFS

\\?\Volume{f9eb5f9e-d654-11e0-9e77-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{f9eb5f9d-d654-11e0-9e77-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:15 GB) (Free:1.41 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 9DF5F7D0)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Ran by lea (administrator) on LEA-PC (Acer Aspire 5250) (06-04-2021 17:03:46)
Running from C:\Users\lea\Desktop
Loaded Profiles: lea
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Language: Čeština (Česko)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(EGIS TECHNOLOGY INC. -> Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(EGIS TECHNOLOGY INC. -> Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(EGIS TECHNOLOGY INC. -> Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.141.63\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{F19F9231-A719-47B3-83FF-AFB5F6B51DE9}\MicrosoftEdgeUpdateSetup_X86_1.3.141.63.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <9>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated -> Acer Incorporated)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation -> NTI Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-05] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {004F59C7-0FDF-490A-8D16-99C61BC36B2E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {02D0D1FC-094F-4384-801C-7722707A7C51} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {05A12CEC-1706-4F73-AE99-816A23363826} - System32\Tasks\{FB006ADA-9AC6-45D2-B1F3-DBEF1885044B} => C:\Program Files\AVAST Software\Avast\AvastUI.exe
Task: {06FBCE04-A990-472A-8E77-FFCA75DD3438} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [471888 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
Task: {0BD159AB-D364-494F-B181-2FD35E2C9035} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0FF36B4F-9FDB-4DCC-99A2-B4D13A9BB543} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {131F8DCD-B25D-4E76-A69E-FBE135C965B8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16887E82-16BE-49BB-8803-A81226A40545} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {18BE646F-2326-4B10-8152-E76F3F795A6D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {1F750320-FFA5-4D7B-815C-CADC8660687E} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [120104 2011-05-20] (CyberLink -> CyberLink Corp.)
Task: {2C030D7B-89B0-4462-ABC0-C21E316CDDA9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2DF13A04-E1B5-434C-955B-0F58848FCBDB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3480DC26-ECCF-474E-9889-F553AF3366D3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3786D077-7105-4486-A9AE-57368B12C5CA} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [471888 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
Task: {45658262-C2E1-4257-9F4C-5C404C346732} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {480F25D3-21BB-4BF9-BCFA-54C6A7DC3138} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4D08E9AF-3E7A-43C1-9A45-036B22DC4F09} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {506C4CD3-537B-4A87-8775-84A148CD28AA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {532E18E3-42B2-4BDB-AC30-6ED3926ADAAE} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [642544 2021-03-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5D6C0B92-9FE2-4019-8FFF-10A39838F9B9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {5D8CC017-0428-4772-AF5D-83A238195B64} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5DD761C5-246F-47C4-955E-A02710AC64B7} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [264760 2011-05-20] (CyberLink -> Acer Incorporated)
Task: {5E8C4EA6-503A-4250-9E11-243F1CF77F86} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {689D161A-4E7B-449F-A1DB-F13D7D226F9D} - System32\Tasks\{751E46FF-7303-4F8E-AAC5-884BBA6FA61F} => C:\Program Files\AVAST Software\Avast\AvastUI.exe
Task: {6CE339A6-1503-48FD-81B7-1873BC7329C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-02-28] (Google Inc -> Google Inc.)
Task: {6F34AF33-515E-446D-9170-DA8C51703377} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7741DC4D-4D23-4A08-B8E2-1B532A872C78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {79FE0466-B3D1-4E94-A1F3-F6021AE02DCC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {7FB7F4C3-C0A9-41AF-9760-46FEF1342FB8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {827EDAA6-CBED-4845-9434-3814F72A98DC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {8798A394-E6DE-4FA8-9BF4-74B72665F629} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8D965542-BC1E-4E1B-8F32-106E96DCB50D} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [169352 2011-05-20] (CyberLink -> CyberLink)
Task: {8DEDDC8B-D95D-468D-8661-9384D616A71A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {8E28D321-1BB0-4D56-AD5A-43605223FF72} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8E732332-EF0F-4D3F-B9B4-6B0D54F18E96} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {915DC789-C569-47DD-B755-63B8B4CA5510} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {976ED789-D667-4BC1-BF36-58B1A2D20E3D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {97F621AC-DBD2-4020-A9A4-09DBC768B659} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9DA43639-B462-4E77-A79C-79B1E55CE803} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-02-28] (Google Inc -> Google Inc.)
Task: {A06DEDAB-4338-4196-B991-530AEB4E6DF7} - System32\Tasks\{5879E59F-285D-4BEC-8A6E-C2B6BE595192} => C:\Program Files\AVAST Software\Avast\AvastUI.exe
Task: {A2BF9C74-660E-4A94-8F62-D3345E9D88C4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A67919DE-6DD1-4311-AA0F-FD25BD755DA4} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {A8C54B1D-047B-4FFB-B205-C9FC446BDBD0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {ABB0D4CA-0765-430E-B54A-6D87A94FB5E3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B1507920-23B8-4359-8FD5-674707DAFF96} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B6D840F8-1E8C-48F7-974D-95D415FE34D9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B9F22E5E-9C5C-487F-B124-2B8C3D7770D5} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {BC4C2C3B-8A77-466A-9641-65D42AEF1DAD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {BF064954-243A-4618-ADD3-A9A139FF1C06} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {C88C9777-80CD-4847-9578-403643BD81D3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C9574DB8-6811-4C02-80FE-BCCDE7AFDF7E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CE78777E-95D7-48B1-8B13-D6948EAEAEE2} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {DAEAB0A7-A857-4B54-885E-4C0F96272510} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DD91AB67-D4AD-4891-942F-F9ADD64BCD9D} - System32\Tasks\avastBCLRestartS-1-5-21-4143993030-3762550760-4189436703-1000 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 0
Task: {DDB9A2DC-05D9-4CD6-8AF5-C5413E074562} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {DE2F2D8F-990C-4D05-B136-95584230913D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E16C2380-A31D-4366-A84B-E277BF54C1B4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {E173452F-1036-492F-B572-AEA001E6498A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E7DFE9CB-B067-4C67-B44A-AC3B9226DE87} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {E7F84054-EE13-464A-B7FB-F671BC4A5481} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {ECA0F535-960B-4932-AD45-D01006D4F9F6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {EF5FCD2F-F26A-4FB5-A88F-6A297A0A7AA7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F3A8FF82-3FFC-43AC-BBE3-31BCDEECCE26} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FED2098D-A325-42CD-9481-E06E43D3B698} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9da4f389-4267-419d-ac56-ae6d2c5ca9b1}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f6d1b49e-9cf8-4d73-b47d-17df7055f7d0}: [DhcpNameServer] 192.168.2.1

Edge:
=======
Edge Profile: C:\Users\lea\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-06]

FireFox:
========
FF DefaultProfile: 23bj5fqu.default
FF ProfilePath: C:\Users\lea\AppData\Roaming\Mozilla\Firefox\Profiles\23bj5fqu.default [2021-04-06]
FF Notifications: Mozilla\Firefox\Profiles\23bj5fqu.default -> hxxps://www.flipo.pl; hxxps://www.facebook.com; hxxps://www.ceskyali.cz
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) [File not signed]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\8\NP_wtapp.dll [2013-10-01] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-11] (WildTangent Inc -> WildTangent)
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation -> NTI Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-11-17] (Martin Malik - REALiX -> REALiX(tm))
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-04-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-04-06] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-06 17:04 - 2021-04-06 17:04 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-06 17:04 - 2021-04-06 17:04 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d72a66a64d41bf
2021-04-06 17:03 - 2021-04-06 17:09 - 000020264 _____ C:\Users\lea\Desktop\FRST.txt
2021-04-06 16:55 - 2021-04-06 16:56 - 002298368 _____ (Farbar) C:\Users\lea\Desktop\FRST64.exe
2021-04-06 05:21 - 2021-04-06 05:21 - 000000000 ____D C:\Users\lea\AppData\Local\D3DSCache
2021-04-06 04:39 - 2021-04-06 04:39 - 000000000 ____D C:\ProgramData\ATI
2021-04-06 04:38 - 2021-04-06 04:38 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-04-06 03:16 - 2021-04-06 03:16 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-06 03:11 - 2020-10-03 02:33 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2021-04-06 03:11 - 2020-10-03 02:33 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2021-04-06 02:54 - 2021-04-06 03:48 - 000000000 ____D C:\Users\lea\AppData\Local\PlaceholderTileLogoFolder
2021-04-06 00:56 - 2021-04-06 00:56 - 000002401 _____ C:\Users\lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-06 00:56 - 2021-04-06 00:56 - 000002342 _____ C:\Users\lea\Desktop\Google Chrome.lnk
2021-04-06 00:53 - 2021-04-06 00:53 - 000000020 ___SH C:\Users\lea\ntuser.ini
2021-04-06 00:47 - 2021-04-06 16:24 - 000004190 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F86FF75A-3AD9-48CE-BFF7-3CC245E59CB6}
2021-04-06 00:47 - 2021-04-06 03:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-06 00:47 - 2021-04-06 00:49 - 000003438 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2021-04-06 00:47 - 2021-04-06 00:49 - 000002542 _____ C:\WINDOWS\system32\Tasks\avastBCLRestartS-1-5-21-4143993030-3762550760-4189436703-1000
2021-04-06 00:47 - 2021-04-06 00:49 - 000002114 _____ C:\WINDOWS\system32\Tasks\{5879E59F-285D-4BEC-8A6E-C2B6BE595192}
2021-04-06 00:47 - 2021-04-06 00:48 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-04-06 00:47 - 2021-04-06 00:48 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-06 00:47 - 2021-04-06 00:48 - 000003248 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-06 00:47 - 2021-04-06 00:48 - 000003214 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2021-04-06 00:47 - 2021-04-06 00:48 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-06 00:47 - 2021-04-06 00:48 - 000002792 _____ C:\WINDOWS\system32\Tasks\clear.fi
2021-04-06 00:47 - 2021-04-06 00:48 - 000002740 _____ C:\WINDOWS\system32\Tasks\DMREngine
2021-04-06 00:47 - 2021-04-06 00:48 - 000002722 _____ C:\WINDOWS\system32\Tasks\clear.fiAgent
2021-04-06 00:47 - 2021-04-06 00:48 - 000002114 _____ C:\WINDOWS\system32\Tasks\{FB006ADA-9AC6-45D2-B1F3-DBEF1885044B}
2021-04-06 00:47 - 2021-04-06 00:48 - 000002114 _____ C:\WINDOWS\system32\Tasks\{751E46FF-7303-4F8E-AAC5-884BBA6FA61F}
2021-04-06 00:47 - 2021-04-06 00:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\WPD
2021-04-06 00:47 - 2021-04-06 00:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-06 00:47 - 2021-04-06 00:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-04-06 00:45 - 2021-04-06 00:52 - 000000000 ____D C:\Windows.old
2021-04-06 00:43 - 2021-04-06 00:47 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-04-06 00:43 - 2021-04-06 00:47 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-04-06 00:29 - 2021-04-06 00:45 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-04-06 00:29 - 2021-04-06 00:29 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2021-04-06 00:16 - 2021-04-06 16:24 - 001920936 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-06 00:01 - 2021-04-06 00:53 - 000000000 ____D C:\Users\lea
2021-04-06 00:01 - 2021-04-06 00:15 - 000000000 ____D C:\Users\DefaultAppPool
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Šablony
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Soubory cookie
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Poslední
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Okolní tiskárny
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Okolní síť
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Nabídka Start
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Dokumenty
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Documents\Obrázky
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Documents\Hudba
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Documents\Filmy
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Data aplikací
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\AppData\Local\Data aplikací
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Šablony
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Soubory cookie
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Poslední
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Okolní tiskárny
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Okolní síť
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Nabídka Start
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Dokumenty
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Obrázky
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Hudba
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Filmy
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Data aplikací
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Data aplikací
2021-04-06 00:01 - 2019-12-07 11:10 - 000001105 _____ C:\Users\lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-06 00:01 - 2019-12-07 11:10 - 000001105 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-05 23:59 - 2021-04-05 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2021-04-05 23:58 - 2021-04-06 17:47 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-05 23:58 - 2021-04-06 17:47 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-05 23:58 - 2021-04-06 00:28 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-04-05 23:58 - 2021-04-05 23:58 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-04-05 23:58 - 2021-04-05 23:58 - 000000000 ____D C:\Program Files\ATI Technologies
2021-04-05 23:47 - 2021-04-06 05:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-05 23:47 - 2021-04-05 23:48 - 000279960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-05 23:46 - 2021-04-06 03:45 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-05 23:23 - 2021-04-05 23:23 - 000000000 ____D C:\ProgramData\ssh
2021-04-05 22:52 - 2021-04-05 22:52 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-04-05 22:52 - 2021-04-05 22:52 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-04-05 22:52 - 2021-04-05 22:52 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-04-05 22:52 - 2021-04-05 22:52 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-04-05 22:52 - 2021-04-05 22:52 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-04-05 22:52 - 2021-04-05 22:52 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-04-05 22:52 - 2021-04-05 22:52 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-04-05 22:51 - 2021-04-05 22:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-04-05 22:51 - 2021-04-05 22:51 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-04-05 22:51 - 2021-04-05 22:51 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-04-05 22:51 - 2021-04-05 22:51 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-04-05 22:51 - 2021-04-05 22:51 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-04-05 22:51 - 2021-04-05 22:51 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-04-05 22:50 - 2021-04-05 22:50 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-04-05 22:50 - 2021-04-05 22:50 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-04-05 22:50 - 2021-04-05 22:50 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-04-05 22:50 - 2021-04-05 22:50 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-04-05 22:49 - 2021-04-05 22:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-04-05 22:49 - 2021-04-05 22:49 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-04-05 22:49 - 2021-04-05 22:49 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-04-05 22:49 - 2021-04-05 22:49 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-04-05 22:49 - 2021-04-05 22:49 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-04-05 22:49 - 2021-04-05 22:49 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-04-05 22:49 - 2021-04-05 22:49 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-05 22:48 - 2021-04-05 22:48 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-04-05 22:48 - 2021-04-05 22:48 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-04-05 22:48 - 2021-04-05 22:48 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-04-05 22:48 - 2021-04-05 22:48 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-04-05 22:48 - 2021-04-05 22:48 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-04-05 22:48 - 2021-04-05 22:48 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-04-05 22:48 - 2021-04-05 22:48 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-04-05 22:48 - 2021-04-05 22:48 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-04-05 22:47 - 2021-04-05 22:47 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-04-05 22:47 - 2021-04-05 22:47 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-04-05 22:47 - 2021-04-05 22:47 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-04-05 22:47 - 2021-04-05 22:47 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-04-05 22:47 - 2021-04-05 22:47 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-04-05 22:46 - 2021-04-05 22:46 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-04-05 22:46 - 2021-04-05 22:46 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-04-05 22:46 - 2021-04-05 22:46 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-05 22:46 - 2021-04-05 22:46 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-04-05 22:45 - 2021-04-05 22:45 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-04-05 22:45 - 2021-04-05 22:45 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-04-05 22:45 - 2021-04-05 22:45 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-04-05 22:45 - 2021-04-05 22:45 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-04-05 22:44 - 2021-04-05 22:44 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-04-05 22:44 - 2021-04-05 22:44 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-04-05 22:43 - 2021-04-05 22:43 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-04-05 22:43 - 2021-04-05 22:43 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-04-05 22:43 - 2021-04-05 22:43 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-04-05 22:42 - 2021-04-05 22:42 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-04-05 22:42 - 2021-04-05 22:42 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-05 22:42 - 2021-04-05 22:42 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-04-05 22:42 - 2021-04-05 22:42 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-04-05 22:42 - 2021-04-05 22:42 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-04-05 22:42 - 2021-04-05 22:42 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-04-05 22:42 - 2021-04-05 22:42 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-04-05 22:42 - 2021-04-05 22:42 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-04-05 22:41 - 2021-04-05 22:41 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-04-05 22:41 - 2021-04-05 22:41 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-04-05 22:41 - 2021-04-05 22:41 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-05 22:41 - 2021-04-05 22:41 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-04-05 22:41 - 2021-04-05 22:41 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-04-05 22:41 - 2021-04-05 22:41 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-04-05 22:40 - 2021-04-05 22:40 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-04-05 22:40 - 2021-04-05 22:40 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-04-05 22:40 - 2021-04-05 22:40 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-04-05 22:39 - 2021-04-05 22:39 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-05 22:39 - 2021-04-05 22:39 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-04-05 22:38 - 2021-04-05 22:38 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-04-05 22:38 - 2021-04-05 22:38 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-04-05 22:38 - 2021-04-05 22:38 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-04-05 22:38 - 2021-04-05 22:38 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-04-05 22:38 - 2021-04-05 22:38 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-04-05 22:38 - 2021-04-05 22:38 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-04-05 22:38 - 2021-04-05 22:38 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-04-05 22:38 - 2021-04-05 22:38 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-04-05 22:38 - 2021-04-05 22:38 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-04-05 22:38 - 2021-04-05 22:38 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-04-05 22:38 - 2021-04-05 22:38 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-04-05 22:37 - 2021-04-05 22:37 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-04-05 21:48 - 2021-04-05 21:48 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-04-05 21:48 - 2021-04-05 21:48 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\WINDOWS\system32\msmq
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\Program Files\MSBuild
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\inetpub
2021-04-05 13:51 - 2021-04-06 02:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-05 12:51 - 2021-04-06 00:54 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-05 11:23 - 2021-04-05 11:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-04-05 11:21 - 2021-04-05 11:25 - 000104402 _____ C:\WINDOWS\ntbtlog.txt
2021-04-04 12:11 - 2021-04-06 00:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2021-04-04 12:11 - 2021-04-04 12:11 - 000001775 _____ C:\Users\Public\Desktop\Defraggler.lnk
2021-04-04 12:11 - 2021-04-04 12:11 - 000000000 ____D C:\Program Files\Defraggler
2021-04-04 11:30 - 2021-04-04 16:45 - 000000000 ___HD C:\$GetCurrent
2021-03-26 19:18 - 2021-03-26 20:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-26 19:02 - 2021-03-26 19:02 - 000085520 _____ C:\Users\lea\Documents\cc_20210326_180201.reg
2021-03-24 20:08 - 2021-03-24 20:08 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-24 19:09 - 2021-04-06 00:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-03-24 19:09 - 2021-03-24 19:09 - 000001095 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2021-03-24 19:08 - 2021-03-24 19:08 - 000000000 ____D C:\Program Files\VS Revo Group
2021-03-23 21:52 - 2021-03-23 21:52 - 000000962 _____ C:\Users\lea\Documents\cc_20210323_205250.reg
2021-03-23 21:51 - 2021-03-23 21:51 - 000036430 _____ C:\Users\lea\Documents\cc_20210323_205140.reg
2021-03-23 21:22 - 2021-03-24 17:43 - 000000000 ____D C:\Program Files\ruxim
2021-03-11 14:34 - 2021-03-11 14:34 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-06 17:49 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-06 17:06 - 2015-11-07 12:18 - 000000000 ____D C:\FRST
2021-04-06 16:44 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-06 16:28 - 2012-05-05 18:30 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-06 16:27 - 2016-11-21 15:33 - 000000000 ____D C:\Users\lea\AppData\LocalLow\Mozilla
2021-04-06 16:24 - 2019-12-07 16:41 - 000783098 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-06 16:24 - 2019-12-07 16:41 - 000172796 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-06 04:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-06 04:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-06 04:44 - 2018-02-04 20:01 - 000000000 ____D C:\Users\lea\AppData\Local\Packages
2021-04-06 04:42 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-04-06 03:44 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-06 03:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-04-06 03:26 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-06 03:26 - 2019-07-21 23:50 - 000000000 ____D C:\ProgramData\Packages
2021-04-06 03:16 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-06 01:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-06 01:00 - 2018-01-18 17:40 - 000000000 ____D C:\Program Files\rempl
2021-04-06 00:56 - 2018-02-04 20:56 - 000000000 ___RD C:\Users\lea\3D Objects
2021-04-06 00:56 - 2016-01-27 23:07 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-04-06 00:55 - 2016-10-11 21:30 - 000000000 ____D C:\Users\lea\AppData\Local\ConnectedDevicesPlatform
2021-04-06 00:55 - 2014-07-27 20:20 - 000000000 ____D C:\Users\lea\AppData\Local\Google
2021-04-06 00:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-06 00:51 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-04-06 00:49 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2021-04-06 00:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-04-06 00:48 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-04-06 00:47 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-04-06 00:46 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-04-06 00:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-04-06 00:45 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 __SHD C:\Program Files\Windows Sidebar
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\IME
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\schemas
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-04-06 00:45 - 2017-11-10 11:55 - 000000000 ____D C:\WINDOWS\SysWOW64\17111000_stream
2021-04-06 00:45 - 2017-11-10 11:54 - 000000000 ____D C:\WINDOWS\SysWOW64\17110902_stream
2021-04-06 00:45 - 2017-11-10 11:54 - 000000000 ____D C:\WINDOWS\SysWOW64\17110900_stream
2021-04-06 00:45 - 2017-11-08 21:30 - 000000000 ____D C:\WINDOWS\SysWOW64\17110802_stream
2021-04-06 00:45 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-04-06 00:45 - 2017-07-07 21:43 - 000000000 ____D C:\Program Files\UNP
2021-04-06 00:45 - 2016-01-28 12:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-06 00:45 - 2011-12-20 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-06 00:45 - 2011-11-02 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2021-04-06 00:45 - 2011-11-02 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
2021-04-06 00:45 - 2011-09-03 20:24 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
2021-04-06 00:45 - 2011-09-03 20:13 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clear.fi
2021-04-06 00:45 - 2011-09-03 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2021-04-06 00:45 - 2011-07-19 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\newsXpresso
2021-04-06 00:45 - 2011-07-19 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2021-04-06 00:45 - 2011-07-19 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2021-04-06 00:45 - 2011-07-19 19:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2021-04-06 00:45 - 2011-07-19 19:21 - 000000000 ____D C:\WINDOWS\eu
2021-04-06 00:45 - 2011-07-19 19:20 - 000000000 ____D C:\WINDOWS\tr
2021-04-06 00:45 - 2011-07-19 19:20 - 000000000 ____D C:\WINDOWS\th
2021-04-06 00:45 - 2011-07-19 19:20 - 000000000 ____D C:\WINDOWS\sv
2021-04-06 00:45 - 2011-07-19 19:20 - 000000000 ____D C:\WINDOWS\ca
2021-04-06 00:45 - 2011-07-19 19:19 - 000000000 ____D C:\WINDOWS\sl
2021-04-06 00:45 - 2011-07-19 19:19 - 000000000 ____D C:\WINDOWS\sk
2021-04-06 00:45 - 2011-07-19 19:19 - 000000000 ____D C:\WINDOWS\ru
2021-04-06 00:45 - 2011-07-19 19:19 - 000000000 ____D C:\WINDOWS\ro
2021-04-06 00:45 - 2011-07-19 19:18 - 000000000 ____D C:\WINDOWS\pl
2021-04-06 00:45 - 2011-07-19 19:18 - 000000000 ____D C:\WINDOWS\no
2021-04-06 00:45 - 2011-07-19 19:18 - 000000000 ____D C:\WINDOWS\nl
2021-04-06 00:45 - 2011-07-19 19:18 - 000000000 ____D C:\WINDOWS\it
2021-04-06 00:45 - 2011-07-19 19:18 - 000000000 ____D C:\WINDOWS\hu
2021-04-06 00:45 - 2011-07-19 19:17 - 000000000 ____D C:\WINDOWS\hr
2021-04-06 00:45 - 2011-07-19 19:17 - 000000000 ____D C:\WINDOWS\he
2021-04-06 00:45 - 2011-07-19 19:17 - 000000000 ____D C:\WINDOWS\fr
2021-04-06 00:45 - 2011-07-19 19:17 - 000000000 ____D C:\WINDOWS\fi
2021-04-06 00:45 - 2011-07-19 19:17 - 000000000 ____D C:\WINDOWS\es
2021-04-06 00:45 - 2011-07-19 19:16 - 000000000 ____D C:\WINDOWS\en
2021-04-06 00:45 - 2011-07-19 19:16 - 000000000 ____D C:\WINDOWS\el
2021-04-06 00:45 - 2011-07-19 19:16 - 000000000 ____D C:\WINDOWS\de
2021-04-06 00:45 - 2011-07-19 19:16 - 000000000 ____D C:\WINDOWS\da
2021-04-06 00:45 - 2011-07-19 19:16 - 000000000 ____D C:\WINDOWS\cs
2021-04-06 00:45 - 2011-07-19 19:15 - 000000000 ____D C:\WINDOWS\bg
2021-04-06 00:45 - 2011-07-19 19:15 - 000000000 ____D C:\WINDOWS\ar
2021-04-06 00:45 - 2011-07-19 18:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2021-04-06 00:45 - 2011-07-19 18:51 - 000000000 ____D C:\WINDOWS\oem
2021-04-06 00:45 - 2011-07-19 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2021-04-06 00:45 - 2011-07-19 18:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2021-04-06 00:45 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2021-04-06 00:43 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-04-06 00:43 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\InfusedApps
2021-04-06 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources
2021-04-06 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2021-04-06 00:29 - 2017-09-01 12:54 - 000000000 ____D C:\Program Files\AMD
2021-04-06 00:29 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files\Microsoft Games
2021-04-06 00:21 - 2016-01-27 22:58 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-04-06 00:20 - 2019-12-07 11:14 - 000000000 __RSD C:\WINDOWS\Media
2021-04-06 00:09 - 2012-02-12 23:23 - 000000000 ____D C:\Users\lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2021-04-06 00:05 - 2011-12-20 13:44 - 000000000 ____D C:\Users\lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-05 23:58 - 2017-09-01 12:57 - 000000000 ____D C:\ProgramData\AMD
2021-04-05 23:56 - 2017-09-01 12:56 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2021-04-05 23:55 - 2017-09-01 12:53 - 000000000 ____D C:\Program Files\Elantech
2021-04-05 23:54 - 2016-01-27 22:27 - 000000000 ____D C:\AMD
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-04-05 23:23 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-04-05 23:23 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-04-05 23:23 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-04-05 23:15 - 2019-12-07 16:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-04-05 23:15 - 2019-12-07 16:44 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-04-05 21:50 - 2019-12-07 16:43 - 000000000 ____D C:\WINDOWS\OCR
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-04-05 21:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-04-05 21:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-04-05 13:40 - 2012-06-04 19:46 - 000000000 ____D C:\Users\lea\AppData\Local\ElevatedDiagnostics
2021-04-05 12:00 - 2014-11-21 09:50 - 000799104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-04-05 11:33 - 2012-03-23 11:49 - 000000000 ____D C:\ProgramData\AVAST Software
2021-04-04 18:37 - 2019-09-05 13:28 - 000000036 _____ C:\WINDOWS\progress.ini
2021-04-04 16:45 - 2018-08-26 16:33 - 000000000 ____D C:\Windows10Upgrade
2021-04-04 11:05 - 2018-06-07 13:34 - 000000000 ____D C:\Users\lea\AppData\Local\AVAST Software
2021-03-26 20:56 - 2018-06-23 14:39 - 000000000 ____D C:\Users\lea\AppData\Local\CrashDumps
2021-03-26 20:41 - 2012-05-05 18:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-26 19:36 - 2015-04-07 23:10 - 000017016 _____ C:\WINDOWS\wininit.ini
2021-03-26 19:36 - 2012-01-29 15:51 - 000001143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-23 21:27 - 2018-11-17 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2021-03-23 21:27 - 2018-11-17 18:04 - 000000000 ____D C:\Program Files (x86)\IObit
2021-03-23 19:55 - 2018-11-17 18:05 - 000000000 ____D C:\ProgramData\ProductData
2021-03-23 19:01 - 2016-01-28 12:05 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2014-06-19 12:58 - 2014-06-27 12:21 - 000007680 _____ () C:\Users\lea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-20 13:59 - 2020-08-20 13:59 - 000000000 _____ () C:\Users\lea\AppData\Local\{258815F9-3AAE-4562-9906-34531F5AB327}
2018-11-08 01:18 - 2018-11-08 01:18 - 000000000 _____ () C:\Users\lea\AppData\Local\{88162A60-9EE0-4243-80EA-28C11314C22C}
2020-08-20 13:59 - 2020-08-20 13:59 - 000000000 _____ () C:\Users\lea\AppData\Local\{BFCBE308-B71F-4405-8685-F7C54E257C31}
2015-08-19 21:34 - 2015-08-19 21:34 - 000000000 _____ () C:\Users\lea\AppData\Local\{C7457E69-1537-49DE-A364-DDAA2AF1984A}
2019-05-21 09:13 - 2019-05-21 09:13 - 000000000 _____ () C:\Users\lea\AppData\Local\{F67247BC-88E9-42C2-97C0-BBDA985D79FD}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Stahl jsem AdwCleaner, dal skenovat, něco to našlo..ale další nabídka byla karanténa místo cistení a opravy. Dal jsem karantenu ted to 5minut "čistí" hned dam vysledek jak bude

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-01.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-06-2021
# Duration: 00:03:38
# OS: Windows 10 Home
# Cleaned: 50
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Deleted C:\Users\lea\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\lea\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

Deleted C:\Users\lea\AppData\Roaming\Mozilla\Firefox\Profiles\vxts0wqe.default\invalidprefs.js

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Advanced SystemCare 12
Deleted HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare
Deleted HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\Advanced SystemCare
Deleted HKLM\Software\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{BA935377-E17C-4475-B1BF-DE3110613A99}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.AcerGames Folder C:\Program Files (x86)\ACER GAMES
Deleted Preinstalled.AcerIdentityCard Folder C:\Program Files (x86)\ACER\IDENTITY CARD
Deleted Preinstalled.AcerPowerManagement Folder C:\Program Files\ACER\ACER EPOWER MANAGEMENT
Deleted Preinstalled.AcerUpdater Folder C:\Program Files\ACER\ACER UPDATER
Deleted Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Deleted Preinstalled.Acerclear.fiMovie Folder C:\Program Files (x86)\ACER\CLEAR.FI\MEDIAESPRESSO
Deleted Preinstalled.Acerclear.fiMovie Folder C:\Program Files (x86)\ACER\CLEAR.FI\MOVIE
Deleted Preinstalled.Acerclear.fiMovie Folder C:\Program Files (x86)\ACER\CLEAR.FI\MVP
Deleted Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F750320-FFA5-4D7B-815C-CADC8660687E}
Deleted Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DD761C5-246F-47C4-955E-A02710AC64B7}
Deleted Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D965542-BC1E-4E1B-8F32-106E96DCB50D}
Deleted Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DMREngine
Deleted Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\clear.fi
Deleted Preinstalled.Acerclear.fiMovie Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\clear.fiAgent
Deleted Preinstalled.Acerclear.fiMovie Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}
Deleted Preinstalled.Acerclear.fiMovie Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}
Deleted Preinstalled.Acerclear.fiMovie Task C:\Windows\System32\Tasks\CLEAR.FI
Deleted Preinstalled.Acerclear.fiMovie Task C:\Windows\System32\Tasks\CLEAR.FIAGENT
Deleted Preinstalled.Acerclear.fiMovie Task C:\Windows\System32\Tasks\DMRENGINE
Deleted Preinstalled.GatewayMyBackup Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BackupManagerTray
Deleted Preinstalled.GatewayMyBackup Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|BackupManagerTray
Deleted Preinstalled.GatewayWelcomeCenter File C:\Users\lea\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Welcome Center.lnk
Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
Deleted Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Power Management
Deleted Preinstalled.PackardBellPowerManagement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Power Management
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Deleted Preinstalled.WildTangentGamesBundle Registry HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6981 octets] - [06/04/2021 19:43:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dejte nové logy FRST+Addition.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021
Ran by lea (06-04-2021 21:17:26)
Running from C:\Users\lea\Desktop
Windows 10 Home Version 20H2 19042.867 (X64) (2021-04-05 22:52:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4143993030-3762550760-4189436703-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4143993030-3762550760-4189436703-503 - Limited - Disabled)
Guest (S-1-5-21-4143993030-3762550760-4189436703-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4143993030-3762550760-4189436703-1002 - Limited - Enabled)
lea (S-1-5-21-4143993030-3762550760-4189436703-1000 - Administrator - Enabled) => C:\Users\lea
WDAGUtilityAccount (S-1-5-21-4143993030-3762550760-4189436703-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 87.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 87.0 (x86 cs)) (Version: 87.0 - Mozilla)
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23214 - Microsoft Corporation)
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Revo Uninstaller 2.2.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.2.5 - VS Revo Group, Ltd.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F9B2D86A-2BB4-4373-8298-6D1D0BEBBF7B}) (Version: 2.71.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{76A22428-2400-4521-96AF-7AC4A6174CA5}) (Version: 1.25.0.0 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.91 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Packages:
=========
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2016-08-12] (Acer Incorporated)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-04-06] (Microsoft Studios) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2021-04-06] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-01-28] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [STShellMenu64] -> {41C7F3AE-3A88-4CFE-A604-BCEC449ACB4D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll [2011-04-02] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2011-03-29] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-08-21 22:06 - 2015-08-21 22:06 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-4143993030-3762550760-4189436703-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2019-01-05 11:24 - 000000072 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-09-16 20:32 - 2017-09-16 20:34 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\EgisTec MyWinLocker\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-4143993030-3762550760-4189436703-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AvastUI.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C25FAD40-5696-4BDE-B464-1489E2FD8340}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{8B408D69-2D0F-461D-AF0E-0B2876678460}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{897FDDB0-EFC7-4E4B-9D47-1EFAC0F765D1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{84C840DB-8933-413A-9742-D942F82BB3D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6F1CCA3E-CE74-4BD5-A6DA-0564C5C77C0E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C5E38216-4298-437B-895B-B38A6AD1A1AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79F26D1D-CFA9-487C-8E26-52FC9E3DADD5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F24A4129-F193-443E-ADED-66EE4DB5FC8E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D91BC5B3-54E5-4132-9262-87D376D3AC83}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe => No File
FirewallRules: [{A149696C-16FC-4ABE-A022-F2A77C2B237D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe => No File
FirewallRules: [{FEFBB596-6589-4E53-B03B-8DA93FE79E4C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe => No File
FirewallRules: [{294AE8BD-0625-4313-A67E-F7F04B6A0780}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe => No File
FirewallRules: [{C3A45A85-041A-48FB-8377-55DF807D799D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe => No File
FirewallRules: [{69D05C7C-E7FA-4622-8465-FE867E0AECAE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe => No File
FirewallRules: [{63E44CE5-BB47-4729-B773-397E77B891CC}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E313B918-154B-466B-892A-B3EA98C183AA}] => (Allow) LPort=1900
FirewallRules: [{1C557814-959C-44E4-A61B-BAE21B1B6EEA}] => (Allow) LPort=2869
FirewallRules: [{0ED4E91B-386A-48E6-8492-D60FD9F1753E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

06-04-2021 03:04:47 Instalační služba modulů systému Windows
06-04-2021 19:46:30 AdwCleaner_BeforeCleaning_06/04/2021_19:46:28

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/06/2021 07:47:23 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (04/06/2021 03:06:24 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (04/06/2021 01:05:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program WhatsNew.Store.exe verze 8.2.1910.21002 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1c1c

Čas spuštění: 01d72a6fe5ad85b8

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Getstarted_8.2.22942.0_x64__8wekyb3d8bbwe\WhatsNew.Store.exe

ID hlášení: 9803a498-f005-40e6-a958-f5ccad96e752

Úplný název balíčku s chybou: Microsoft.Getstarted_8.2.22942.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Cross-thread

Error: (04/06/2021 12:21:02 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (04/06/2021 12:20:49 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (04/06/2021 12:20:49 AM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (04/06/2021 12:20:48 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (04/05/2021 11:56:10 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\AMD\WU-CCC2\ccc2_install\VC12RTx64\vcredist_x64.exe /q /norestart; Popis = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727; Chyba = 0x80042302).


System errors:
=============
Error: (04/06/2021 07:48:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Řízení front zpráv byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (04/06/2021 07:48:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/06/2021 07:48:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/06/2021 07:48:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Elan Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/06/2021 07:48:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant Audio Message Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/06/2021 05:23:54 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (04/06/2021 03:46:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NTI IScheduleSvc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/06/2021 03:46:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby NTI IScheduleSvc bylo dosaženo časového limitu (45000 ms).


==================== Memory info ===========================

BIOS: Acer V1.03 06/10/2011
Motherboard: Acer HMA51-BZ
Processor: AMD E-300 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 87%
Total physical RAM: 1770.9 MB
Available physical RAM: 217.16 MB
Total Virtual: 4629.57 MB
Available Virtual: 1906.66 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:222.47 GB) NTFS

\\?\Volume{f9eb5f9e-d654-11e0-9e77-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{f9eb5f9d-d654-11e0-9e77-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:15 GB) (Free:1.41 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 9DF5F7D0)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Ran by lea (administrator) on LEA-PC (Acer Aspire 5250) (06-04-2021 20:59:09)
Running from C:\Users\lea\Desktop
Loaded Profiles: lea
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Language: Čeština (Česko)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <6>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-05] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {004F59C7-0FDF-490A-8D16-99C61BC36B2E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {02D0D1FC-094F-4384-801C-7722707A7C51} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {05A12CEC-1706-4F73-AE99-816A23363826} - System32\Tasks\{FB006ADA-9AC6-45D2-B1F3-DBEF1885044B} => C:\Program Files\AVAST Software\Avast\AvastUI.exe
Task: {06FBCE04-A990-472A-8E77-FFCA75DD3438} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [471888 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
Task: {0BD159AB-D364-494F-B181-2FD35E2C9035} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0FF36B4F-9FDB-4DCC-99A2-B4D13A9BB543} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {131F8DCD-B25D-4E76-A69E-FBE135C965B8} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16887E82-16BE-49BB-8803-A81226A40545} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {18BE646F-2326-4B10-8152-E76F3F795A6D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {2C030D7B-89B0-4462-ABC0-C21E316CDDA9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2DF13A04-E1B5-434C-955B-0F58848FCBDB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3480DC26-ECCF-474E-9889-F553AF3366D3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3786D077-7105-4486-A9AE-57368B12C5CA} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [471888 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
Task: {45658262-C2E1-4257-9F4C-5C404C346732} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {480F25D3-21BB-4BF9-BCFA-54C6A7DC3138} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4D08E9AF-3E7A-43C1-9A45-036B22DC4F09} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {506C4CD3-537B-4A87-8775-84A148CD28AA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {532E18E3-42B2-4BDB-AC30-6ED3926ADAAE} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [642544 2021-03-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5D6C0B92-9FE2-4019-8FFF-10A39838F9B9} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {5D8CC017-0428-4772-AF5D-83A238195B64} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5E8C4EA6-503A-4250-9E11-243F1CF77F86} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {689D161A-4E7B-449F-A1DB-F13D7D226F9D} - System32\Tasks\{751E46FF-7303-4F8E-AAC5-884BBA6FA61F} => C:\Program Files\AVAST Software\Avast\AvastUI.exe
Task: {6CE339A6-1503-48FD-81B7-1873BC7329C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-02-28] (Google Inc -> Google Inc.)
Task: {6F34AF33-515E-446D-9170-DA8C51703377} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7741DC4D-4D23-4A08-B8E2-1B532A872C78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {79FE0466-B3D1-4E94-A1F3-F6021AE02DCC} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {7FB7F4C3-C0A9-41AF-9760-46FEF1342FB8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {827EDAA6-CBED-4845-9434-3814F72A98DC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {8798A394-E6DE-4FA8-9BF4-74B72665F629} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8DEDDC8B-D95D-468D-8661-9384D616A71A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {8E28D321-1BB0-4D56-AD5A-43605223FF72} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8E732332-EF0F-4D3F-B9B4-6B0D54F18E96} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {915DC789-C569-47DD-B755-63B8B4CA5510} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {976ED789-D667-4BC1-BF36-58B1A2D20E3D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {97F621AC-DBD2-4020-A9A4-09DBC768B659} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9DA43639-B462-4E77-A79C-79B1E55CE803} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-02-28] (Google Inc -> Google Inc.)
Task: {A06DEDAB-4338-4196-B991-530AEB4E6DF7} - System32\Tasks\{5879E59F-285D-4BEC-8A6E-C2B6BE595192} => C:\Program Files\AVAST Software\Avast\AvastUI.exe
Task: {A2BF9C74-660E-4A94-8F62-D3345E9D88C4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A67919DE-6DD1-4311-AA0F-FD25BD755DA4} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {A8C54B1D-047B-4FFB-B205-C9FC446BDBD0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe
Task: {ABB0D4CA-0765-430E-B54A-6D87A94FB5E3} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B1507920-23B8-4359-8FD5-674707DAFF96} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B6D840F8-1E8C-48F7-974D-95D415FE34D9} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B9F22E5E-9C5C-487F-B124-2B8C3D7770D5} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {BC4C2C3B-8A77-466A-9641-65D42AEF1DAD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {BF064954-243A-4618-ADD3-A9A139FF1C06} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {C88C9777-80CD-4847-9578-403643BD81D3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C9574DB8-6811-4C02-80FE-BCCDE7AFDF7E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CE78777E-95D7-48B1-8B13-D6948EAEAEE2} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {DAEAB0A7-A857-4B54-885E-4C0F96272510} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DD91AB67-D4AD-4891-942F-F9ADD64BCD9D} - System32\Tasks\avastBCLRestartS-1-5-21-4143993030-3762550760-4189436703-1000 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe 0
Task: {DDB9A2DC-05D9-4CD6-8AF5-C5413E074562} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {DE2F2D8F-990C-4D05-B136-95584230913D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E16C2380-A31D-4366-A84B-E277BF54C1B4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {E173452F-1036-492F-B572-AEA001E6498A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E7DFE9CB-B067-4C67-B44A-AC3B9226DE87} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {E7F84054-EE13-464A-B7FB-F671BC4A5481} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {ECA0F535-960B-4932-AD45-D01006D4F9F6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {EF5FCD2F-F26A-4FB5-A88F-6A297A0A7AA7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F3A8FF82-3FFC-43AC-BBE3-31BCDEECCE26} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FED2098D-A325-42CD-9481-E06E43D3B698} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9da4f389-4267-419d-ac56-ae6d2c5ca9b1}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{f6d1b49e-9cf8-4d73-b47d-17df7055f7d0}: [DhcpNameServer] 192.168.2.1

Edge:
=======
Edge Profile: C:\Users\lea\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-06]

FireFox:
========
FF DefaultProfile: 23bj5fqu.default
FF ProfilePath: C:\Users\lea\AppData\Roaming\Mozilla\Firefox\Profiles\23bj5fqu.default [2021-04-06]
FF Notifications: Mozilla\Firefox\Profiles\23bj5fqu.default -> hxxps://www.flipo.pl; hxxps://www.facebook.com; hxxps://www.ceskyali.cz
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation) [File not signed]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\8\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
S2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation -> NTI Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ePowerSvc; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [X]
S3 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
S2 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-11-17] (Martin Malik - REALiX -> REALiX(tm))
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-04-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-04-06] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-06 20:59 - 2021-04-06 21:03 - 000017860 _____ C:\Users\lea\Desktop\FRST.txt
2021-04-06 19:41 - 2021-04-06 19:48 - 000000000 ____D C:\AdwCleaner
2021-04-06 19:38 - 2021-04-06 19:39 - 008534696 _____ (Malwarebytes) C:\Users\lea\Desktop\AdwCleaner.exe
2021-04-06 17:04 - 2021-04-06 17:04 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-06 17:04 - 2021-04-06 17:04 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d72a66a64d41bf
2021-04-06 16:55 - 2021-04-06 16:56 - 002298368 _____ (Farbar) C:\Users\lea\Desktop\FRST64.exe
2021-04-06 05:21 - 2021-04-06 05:21 - 000000000 ____D C:\Users\lea\AppData\Local\D3DSCache
2021-04-06 04:39 - 2021-04-06 04:39 - 000000000 ____D C:\ProgramData\ATI
2021-04-06 04:38 - 2021-04-06 04:38 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-04-06 03:16 - 2021-04-06 03:16 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-06 03:11 - 2020-10-03 02:33 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2021-04-06 03:11 - 2020-10-03 02:33 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2021-04-06 02:54 - 2021-04-06 03:48 - 000000000 ____D C:\Users\lea\AppData\Local\PlaceholderTileLogoFolder
2021-04-06 00:56 - 2021-04-06 00:56 - 000002401 _____ C:\Users\lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-06 00:56 - 2021-04-06 00:56 - 000002342 _____ C:\Users\lea\Desktop\Google Chrome.lnk
2021-04-06 00:53 - 2021-04-06 00:53 - 000000020 ___SH C:\Users\lea\ntuser.ini
2021-04-06 00:47 - 2021-04-06 16:24 - 000004190 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{F86FF75A-3AD9-48CE-BFF7-3CC245E59CB6}
2021-04-06 00:47 - 2021-04-06 03:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-06 00:47 - 2021-04-06 00:49 - 000003438 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineUA
2021-04-06 00:47 - 2021-04-06 00:49 - 000002542 _____ C:\WINDOWS\system32\Tasks\avastBCLRestartS-1-5-21-4143993030-3762550760-4189436703-1000
2021-04-06 00:47 - 2021-04-06 00:49 - 000002114 _____ C:\WINDOWS\system32\Tasks\{5879E59F-285D-4BEC-8A6E-C2B6BE595192}
2021-04-06 00:47 - 2021-04-06 00:48 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-04-06 00:47 - 2021-04-06 00:48 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-06 00:47 - 2021-04-06 00:48 - 000003248 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-06 00:47 - 2021-04-06 00:48 - 000003214 _____ C:\WINDOWS\system32\Tasks\AvastUpdateTaskMachineCore
2021-04-06 00:47 - 2021-04-06 00:48 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-06 00:47 - 2021-04-06 00:48 - 000002114 _____ C:\WINDOWS\system32\Tasks\{FB006ADA-9AC6-45D2-B1F3-DBEF1885044B}
2021-04-06 00:47 - 2021-04-06 00:48 - 000002114 _____ C:\WINDOWS\system32\Tasks\{751E46FF-7303-4F8E-AAC5-884BBA6FA61F}
2021-04-06 00:47 - 2021-04-06 00:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\WPD
2021-04-06 00:47 - 2021-04-06 00:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-06 00:47 - 2021-04-06 00:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-04-06 00:45 - 2021-04-06 00:52 - 000000000 ____D C:\Windows.old
2021-04-06 00:43 - 2021-04-06 00:47 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-04-06 00:43 - 2021-04-06 00:47 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-04-06 00:29 - 2021-04-06 00:45 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-04-06 00:29 - 2021-04-06 00:29 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2021-04-06 00:16 - 2021-04-06 16:24 - 001920936 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-06 00:01 - 2021-04-06 00:53 - 000000000 ____D C:\Users\lea
2021-04-06 00:01 - 2021-04-06 00:15 - 000000000 ____D C:\Users\DefaultAppPool
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Šablony
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Soubory cookie
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Poslední
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Okolní tiskárny
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Okolní síť
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Nabídka Start
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Dokumenty
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Documents\Obrázky
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Documents\Hudba
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Documents\Filmy
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\Data aplikací
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\lea\AppData\Local\Data aplikací
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Šablony
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Soubory cookie
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Poslední
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Okolní tiskárny
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Okolní síť
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Nabídka Start
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Dokumenty
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Obrázky
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Hudba
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Filmy
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\Data aplikací
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-04-06 00:01 - 2021-04-06 00:01 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Data aplikací
2021-04-06 00:01 - 2019-12-07 11:10 - 000001105 _____ C:\Users\lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-06 00:01 - 2019-12-07 11:10 - 000001105 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-05 23:59 - 2021-04-05 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2021-04-05 23:58 - 2021-04-06 17:47 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-05 23:58 - 2021-04-06 17:47 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-05 23:58 - 2021-04-06 00:28 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-04-05 23:58 - 2021-04-05 23:58 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-04-05 23:58 - 2021-04-05 23:58 - 000000000 ____D C:\Program Files\ATI Technologies
2021-04-05 23:47 - 2021-04-06 19:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-05 23:47 - 2021-04-05 23:48 - 000279960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-05 23:46 - 2021-04-06 03:45 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-05 23:23 - 2021-04-05 23:23 - 000000000 ____D C:\ProgramData\ssh
2021-04-05 22:52 - 2021-04-05 22:52 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-04-05 22:52 - 2021-04-05 22:52 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-04-05 22:52 - 2021-04-05 22:52 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-04-05 22:52 - 2021-04-05 22:52 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-04-05 22:52 - 2021-04-05 22:52 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-04-05 22:52 - 2021-04-05 22:52 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-04-05 22:52 - 2021-04-05 22:52 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-04-05 22:51 - 2021-04-05 22:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-04-05 22:51 - 2021-04-05 22:51 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-04-05 22:51 - 2021-04-05 22:51 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-04-05 22:51 - 2021-04-05 22:51 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-04-05 22:51 - 2021-04-05 22:51 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-04-05 22:51 - 2021-04-05 22:51 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-04-05 22:50 - 2021-04-05 22:50 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-04-05 22:50 - 2021-04-05 22:50 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-04-05 22:50 - 2021-04-05 22:50 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-04-05 22:50 - 2021-04-05 22:50 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-04-05 22:49 - 2021-04-05 22:49 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-04-05 22:49 - 2021-04-05 22:49 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-04-05 22:49 - 2021-04-05 22:49 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-04-05 22:49 - 2021-04-05 22:49 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-04-05 22:49 - 2021-04-05 22:49 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-04-05 22:49 - 2021-04-05 22:49 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-04-05 22:49 - 2021-04-05 22:49 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-05 22:48 - 2021-04-05 22:48 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-04-05 22:48 - 2021-04-05 22:48 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-04-05 22:48 - 2021-04-05 22:48 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-04-05 22:48 - 2021-04-05 22:48 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-04-05 22:48 - 2021-04-05 22:48 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-04-05 22:48 - 2021-04-05 22:48 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-04-05 22:48 - 2021-04-05 22:48 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-04-05 22:48 - 2021-04-05 22:48 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-04-05 22:47 - 2021-04-05 22:47 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-04-05 22:47 - 2021-04-05 22:47 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-04-05 22:47 - 2021-04-05 22:47 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-04-05 22:47 - 2021-04-05 22:47 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-04-05 22:47 - 2021-04-05 22:47 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-04-05 22:46 - 2021-04-05 22:46 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-04-05 22:46 - 2021-04-05 22:46 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-04-05 22:46 - 2021-04-05 22:46 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-05 22:46 - 2021-04-05 22:46 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-04-05 22:45 - 2021-04-05 22:45 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-04-05 22:45 - 2021-04-05 22:45 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-04-05 22:45 - 2021-04-05 22:45 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-04-05 22:45 - 2021-04-05 22:45 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-04-05 22:45 - 2021-04-05 22:45 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-04-05 22:44 - 2021-04-05 22:44 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-04-05 22:44 - 2021-04-05 22:44 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-04-05 22:43 - 2021-04-05 22:43 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-04-05 22:43 - 2021-04-05 22:43 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-04-05 22:43 - 2021-04-05 22:43 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-04-05 22:42 - 2021-04-05 22:42 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-04-05 22:42 - 2021-04-05 22:42 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-05 22:42 - 2021-04-05 22:42 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-04-05 22:42 - 2021-04-05 22:42 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-04-05 22:42 - 2021-04-05 22:42 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-04-05 22:42 - 2021-04-05 22:42 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-04-05 22:42 - 2021-04-05 22:42 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-04-05 22:42 - 2021-04-05 22:42 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-04-05 22:41 - 2021-04-05 22:41 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-04-05 22:41 - 2021-04-05 22:41 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-04-05 22:41 - 2021-04-05 22:41 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-05 22:41 - 2021-04-05 22:41 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-04-05 22:41 - 2021-04-05 22:41 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-04-05 22:41 - 2021-04-05 22:41 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-04-05 22:40 - 2021-04-05 22:40 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-04-05 22:40 - 2021-04-05 22:40 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-04-05 22:40 - 2021-04-05 22:40 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-04-05 22:39 - 2021-04-05 22:39 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-04-05 22:39 - 2021-04-05 22:39 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-04-05 22:38 - 2021-04-05 22:38 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-04-05 22:38 - 2021-04-05 22:38 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-04-05 22:38 - 2021-04-05 22:38 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-04-05 22:38 - 2021-04-05 22:38 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-04-05 22:38 - 2021-04-05 22:38 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-04-05 22:38 - 2021-04-05 22:38 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-04-05 22:38 - 2021-04-05 22:38 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-04-05 22:38 - 2021-04-05 22:38 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-04-05 22:38 - 2021-04-05 22:38 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-04-05 22:38 - 2021-04-05 22:38 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-04-05 22:38 - 2021-04-05 22:38 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-04-05 22:37 - 2021-04-05 22:37 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-04-05 21:48 - 2021-04-05 21:48 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-04-05 21:48 - 2021-04-05 21:48 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\WINDOWS\system32\msmq
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\Program Files\MSBuild
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-04-05 21:25 - 2021-04-05 21:25 - 000000000 ____D C:\inetpub
2021-04-05 13:51 - 2021-04-06 02:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-05 12:51 - 2021-04-06 00:54 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-05 11:23 - 2021-04-05 11:23 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-04-05 11:21 - 2021-04-05 11:25 - 000104402 _____ C:\WINDOWS\ntbtlog.txt
2021-04-04 12:11 - 2021-04-06 00:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2021-04-04 12:11 - 2021-04-04 12:11 - 000001775 _____ C:\Users\Public\Desktop\Defraggler.lnk
2021-04-04 12:11 - 2021-04-04 12:11 - 000000000 ____D C:\Program Files\Defraggler
2021-04-04 11:30 - 2021-04-04 16:45 - 000000000 ___HD C:\$GetCurrent
2021-03-26 19:18 - 2021-03-26 20:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-26 19:02 - 2021-03-26 19:02 - 000085520 _____ C:\Users\lea\Documents\cc_20210326_180201.reg
2021-03-24 20:08 - 2021-03-24 20:08 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-24 19:09 - 2021-04-06 00:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-03-24 19:09 - 2021-03-24 19:09 - 000001095 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2021-03-24 19:08 - 2021-03-24 19:08 - 000000000 ____D C:\Program Files\VS Revo Group
2021-03-23 21:52 - 2021-03-23 21:52 - 000000962 _____ C:\Users\lea\Documents\cc_20210323_205250.reg
2021-03-23 21:51 - 2021-03-23 21:51 - 000036430 _____ C:\Users\lea\Documents\cc_20210323_205140.reg
2021-03-23 21:22 - 2021-03-24 17:43 - 000000000 ____D C:\Program Files\ruxim
2021-03-11 14:34 - 2021-03-11 14:34 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-06 21:01 - 2015-11-07 12:18 - 000000000 ____D C:\FRST
2021-04-06 21:00 - 2016-11-21 15:33 - 000000000 ____D C:\Users\lea\AppData\LocalLow\Mozilla
2021-04-06 21:00 - 2012-05-05 18:30 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-06 19:49 - 2011-07-19 18:53 - 000000000 ____D C:\ProgramData\Acer
2021-04-06 19:49 - 2011-07-19 18:53 - 000000000 ____D C:\Program Files\Acer
2021-04-06 19:49 - 2011-07-19 18:51 - 000000000 ____D C:\Program Files (x86)\Acer
2021-04-06 19:48 - 2018-11-17 18:05 - 000000000 ____D C:\Users\lea\AppData\LocalLow\IObit
2021-04-06 19:48 - 2018-11-17 18:04 - 000000000 ____D C:\Users\lea\AppData\Roaming\IObit
2021-04-06 19:48 - 2018-11-17 18:03 - 000000000 ____D C:\ProgramData\IObit
2021-04-06 17:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-06 17:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-06 17:49 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-06 16:44 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-06 16:24 - 2019-12-07 16:41 - 000783098 _____ C:\WINDOWS\system32\perfh005.dat
2021-04-06 16:24 - 2019-12-07 16:41 - 000172796 _____ C:\WINDOWS\system32\perfc005.dat
2021-04-06 04:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-06 04:44 - 2018-02-04 20:01 - 000000000 ____D C:\Users\lea\AppData\Local\Packages
2021-04-06 04:42 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-04-06 03:44 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-06 03:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-04-06 03:26 - 2019-07-21 23:50 - 000000000 ____D C:\ProgramData\Packages
2021-04-06 03:16 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-06 01:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-06 01:00 - 2018-01-18 17:40 - 000000000 ____D C:\Program Files\rempl
2021-04-06 00:56 - 2018-02-04 20:56 - 000000000 ___RD C:\Users\lea\3D Objects
2021-04-06 00:56 - 2016-01-27 23:07 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-04-06 00:55 - 2016-10-11 21:30 - 000000000 ____D C:\Users\lea\AppData\Local\ConnectedDevicesPlatform
2021-04-06 00:55 - 2014-07-27 20:20 - 000000000 ____D C:\Users\lea\AppData\Local\Google
2021-04-06 00:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-06 00:51 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-04-06 00:49 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2021-04-06 00:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-04-06 00:48 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-04-06 00:47 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-04-06 00:46 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-04-06 00:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-04-06 00:45 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 __SHD C:\Program Files\Windows Sidebar
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\IME
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\schemas
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-06 00:45 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-04-06 00:45 - 2017-11-10 11:55 - 000000000 ____D C:\WINDOWS\SysWOW64\17111000_stream
2021-04-06 00:45 - 2017-11-10 11:54 - 000000000 ____D C:\WINDOWS\SysWOW64\17110902_stream
2021-04-06 00:45 - 2017-11-10 11:54 - 000000000 ____D C:\WINDOWS\SysWOW64\17110900_stream
2021-04-06 00:45 - 2017-11-08 21:30 - 000000000 ____D C:\WINDOWS\SysWOW64\17110802_stream
2021-04-06 00:45 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-04-06 00:45 - 2017-07-07 21:43 - 000000000 ____D C:\Program Files\UNP
2021-04-06 00:45 - 2016-01-28 12:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-06 00:45 - 2011-12-20 13:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-06 00:45 - 2011-11-02 11:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2021-04-06 00:45 - 2011-11-02 11:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
2021-04-06 00:45 - 2011-09-03 20:24 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
2021-04-06 00:45 - 2011-09-03 20:13 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clear.fi
2021-04-06 00:45 - 2011-09-03 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2021-04-06 00:45 - 2011-07-19 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\newsXpresso
2021-04-06 00:45 - 2011-07-19 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
2021-04-06 00:45 - 2011-07-19 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2021-04-06 00:45 - 2011-07-19 19:21 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2021-04-06 00:45 - 2011-07-19 19:21 - 000000000 ____D C:\WINDOWS\eu
2021-04-06 00:45 - 2011-07-19 19:20 - 000000000 ____D C:\WINDOWS\tr
2021-04-06 00:45 - 2011-07-19 19:20 - 000000000 ____D C:\WINDOWS\th
2021-04-06 00:45 - 2011-07-19 19:20 - 000000000 ____D C:\WINDOWS\sv
2021-04-06 00:45 - 2011-07-19 19:20 - 000000000 ____D C:\WINDOWS\ca
2021-04-06 00:45 - 2011-07-19 19:19 - 000000000 ____D C:\WINDOWS\sl
2021-04-06 00:45 - 2011-07-19 19:19 - 000000000 ____D C:\WINDOWS\sk
2021-04-06 00:45 - 2011-07-19 19:19 - 000000000 ____D C:\WINDOWS\ru
2021-04-06 00:45 - 2011-07-19 19:19 - 000000000 ____D C:\WINDOWS\ro
2021-04-06 00:45 - 2011-07-19 19:18 - 000000000 ____D C:\WINDOWS\pl
2021-04-06 00:45 - 2011-07-19 19:18 - 000000000 ____D C:\WINDOWS\no
2021-04-06 00:45 - 2011-07-19 19:18 - 000000000 ____D C:\WINDOWS\nl
2021-04-06 00:45 - 2011-07-19 19:18 - 000000000 ____D C:\WINDOWS\it
2021-04-06 00:45 - 2011-07-19 19:18 - 000000000 ____D C:\WINDOWS\hu
2021-04-06 00:45 - 2011-07-19 19:17 - 000000000 ____D C:\WINDOWS\hr
2021-04-06 00:45 - 2011-07-19 19:17 - 000000000 ____D C:\WINDOWS\he
2021-04-06 00:45 - 2011-07-19 19:17 - 000000000 ____D C:\WINDOWS\fr
2021-04-06 00:45 - 2011-07-19 19:17 - 000000000 ____D C:\WINDOWS\fi
2021-04-06 00:45 - 2011-07-19 19:17 - 000000000 ____D C:\WINDOWS\es
2021-04-06 00:45 - 2011-07-19 19:16 - 000000000 ____D C:\WINDOWS\en
2021-04-06 00:45 - 2011-07-19 19:16 - 000000000 ____D C:\WINDOWS\el
2021-04-06 00:45 - 2011-07-19 19:16 - 000000000 ____D C:\WINDOWS\de
2021-04-06 00:45 - 2011-07-19 19:16 - 000000000 ____D C:\WINDOWS\da
2021-04-06 00:45 - 2011-07-19 19:16 - 000000000 ____D C:\WINDOWS\cs
2021-04-06 00:45 - 2011-07-19 19:15 - 000000000 ____D C:\WINDOWS\bg
2021-04-06 00:45 - 2011-07-19 19:15 - 000000000 ____D C:\WINDOWS\ar
2021-04-06 00:45 - 2011-07-19 18:51 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2021-04-06 00:45 - 2011-07-19 18:51 - 000000000 ____D C:\WINDOWS\oem
2021-04-06 00:45 - 2011-07-19 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2021-04-06 00:45 - 2011-07-19 18:11 - 000000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2021-04-06 00:45 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2021-04-06 00:43 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-04-06 00:43 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\InfusedApps
2021-04-06 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources
2021-04-06 00:30 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2021-04-06 00:29 - 2017-09-01 12:54 - 000000000 ____D C:\Program Files\AMD
2021-04-06 00:29 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files\Microsoft Games
2021-04-06 00:21 - 2016-01-27 22:58 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-04-06 00:20 - 2019-12-07 11:14 - 000000000 __RSD C:\WINDOWS\Media
2021-04-06 00:09 - 2012-02-12 23:23 - 000000000 ____D C:\Users\lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2021-04-06 00:05 - 2011-12-20 13:44 - 000000000 ____D C:\Users\lea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-04-05 23:58 - 2017-09-01 12:57 - 000000000 ____D C:\ProgramData\AMD
2021-04-05 23:56 - 2017-09-01 12:56 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2021-04-05 23:55 - 2017-09-01 12:53 - 000000000 ____D C:\Program Files\Elantech
2021-04-05 23:54 - 2016-01-27 22:27 - 000000000 ____D C:\AMD
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-04-05 23:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-04-05 23:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-04-05 23:23 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-04-05 23:23 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-04-05 23:23 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-04-05 23:23 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-04-05 23:15 - 2019-12-07 16:44 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-04-05 23:15 - 2019-12-07 16:44 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-04-05 21:50 - 2019-12-07 16:43 - 000000000 ____D C:\WINDOWS\OCR
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-05 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-04-05 21:46 - 2019-12-07 16:41 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-04-05 21:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-04-05 21:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-04-05 13:40 - 2012-06-04 19:46 - 000000000 ____D C:\Users\lea\AppData\Local\ElevatedDiagnostics
2021-04-05 12:00 - 2014-11-21 09:50 - 000799104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-04-05 11:33 - 2012-03-23 11:49 - 000000000 ____D C:\ProgramData\AVAST Software
2021-04-04 18:37 - 2019-09-05 13:28 - 000000036 _____ C:\WINDOWS\progress.ini
2021-04-04 16:45 - 2018-08-26 16:33 - 000000000 ____D C:\Windows10Upgrade
2021-04-04 11:05 - 2018-06-07 13:34 - 000000000 ____D C:\Users\lea\AppData\Local\AVAST Software
2021-03-26 20:56 - 2018-06-23 14:39 - 000000000 ____D C:\Users\lea\AppData\Local\CrashDumps
2021-03-26 20:41 - 2012-05-05 18:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-26 19:36 - 2015-04-07 23:10 - 000017016 _____ C:\WINDOWS\wininit.ini
2021-03-26 19:36 - 2012-01-29 15:51 - 000001143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-23 21:27 - 2018-11-17 18:04 - 000000000 ____D C:\Program Files (x86)\IObit
2021-03-23 19:55 - 2018-11-17 18:05 - 000000000 ____D C:\ProgramData\ProductData
2021-03-23 19:01 - 2016-01-28 12:05 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2014-06-19 12:58 - 2014-06-27 12:21 - 000007680 _____ () C:\Users\lea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-08-20 13:59 - 2020-08-20 13:59 - 000000000 _____ () C:\Users\lea\AppData\Local\{258815F9-3AAE-4562-9906-34531F5AB327}
2018-11-08 01:18 - 2018-11-08 01:18 - 000000000 _____ () C:\Users\lea\AppData\Local\{88162A60-9EE0-4243-80EA-28C11314C22C}
2020-08-20 13:59 - 2020-08-20 13:59 - 000000000 _____ () C:\Users\lea\AppData\Local\{BFCBE308-B71F-4405-8685-F7C54E257C31}
2015-08-19 21:34 - 2015-08-19 21:34 - 000000000 _____ () C:\Users\lea\AppData\Local\{C7457E69-1537-49DE-A364-DDAA2AF1984A}
2019-05-21 09:13 - 2019-05-21 09:13 - 000000000 _____ () C:\Users\lea\AppData\Local\{F67247BC-88E9-42C2-97C0-BBDA985D79FD}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [STShellMenu64] -> {41C7F3AE-3A88-4CFE-A604-BCEC449ACB4D} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{D91BC5B3-54E5-4132-9262-87D376D3AC83}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe => No File
FirewallRules: [{A149696C-16FC-4ABE-A022-F2A77C2B237D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe => No File
FirewallRules: [{FEFBB596-6589-4E53-B03B-8DA93FE79E4C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe => No File
FirewallRules: [{294AE8BD-0625-4313-A67E-F7F04B6A0780}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe => No File
FirewallRules: [{C3A45A85-041A-48FB-8377-55DF807D799D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe => No File
FirewallRules: [{69D05C7C-E7FA-4622-8465-FE867E0AECAE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe => No File
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {02D0D1FC-094F-4384-801C-7722707A7C51} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0BD159AB-D364-494F-B181-2FD35E2C9035} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2C030D7B-89B0-4462-ABC0-C21E316CDDA9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2DF13A04-E1B5-434C-955B-0F58848FCBDB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {506C4CD3-537B-4A87-8775-84A148CD28AA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {5E8C4EA6-503A-4250-9E11-243F1CF77F86} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7FB7F4C3-C0A9-41AF-9760-46FEF1342FB8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {827EDAA6-CBED-4845-9434-3814F72A98DC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {9DA43639-B462-4E77-A79C-79B1E55CE803} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-02-28] (Google Inc -> Google Inc.)
Task: {C88C9777-80CD-4847-9578-403643BD81D3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DAEAB0A7-A857-4B54-885E-4C0F96272510} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DE2F2D8F-990C-4D05-B136-95584230913D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6CE339A6-1503-48FD-81B7-1873BC7329C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-02-28] (Google Inc -> Google Inc.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\8\NP_wtapp.dll [No File]
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\{FB006ADA-9AC6-45D2-B1F3-DBEF1885044B}
C:\WINDOWS\system32\Tasks\{751E46FF-7303-4F8E-AAC5-884BBA6FA61F}
C:\Users\lea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\lea\AppData\Local\{258815F9-3AAE-4562-9906-34531F5AB327}
C:\Users\lea\AppData\Local\{88162A60-9EE0-4243-80EA-28C11314C22C}
C:\Users\lea\AppData\Local\{BFCBE308-B71F-4405-8685-F7C54E257C31}
C:\Users\lea\AppData\Local\{C7457E69-1537-49DE-A364-DDAA2AF1984A}
C:\Users\lea\AppData\Local\{F67247BC-88E9-42C2-97C0-BBDA985D79FD}

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021
Ran by lea (07-04-2021 15:31:24) Run:1
Running from C:\Users\lea\Desktop
Loaded Profiles: lea
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [STShellMenu64] -> {41C7F3AE-3A88-4CFE-A604-BCEC449ACB4D} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{D91BC5B3-54E5-4132-9262-87D376D3AC83}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe => No File
FirewallRules: [{A149696C-16FC-4ABE-A022-F2A77C2B237D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe => No File
FirewallRules: [{FEFBB596-6589-4E53-B03B-8DA93FE79E4C}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe => No File
FirewallRules: [{294AE8BD-0625-4313-A67E-F7F04B6A0780}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe => No File
FirewallRules: [{C3A45A85-041A-48FB-8377-55DF807D799D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe => No File
FirewallRules: [{69D05C7C-E7FA-4622-8465-FE867E0AECAE}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe => No File
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {02D0D1FC-094F-4384-801C-7722707A7C51} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0BD159AB-D364-494F-B181-2FD35E2C9035} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2C030D7B-89B0-4462-ABC0-C21E316CDDA9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {2DF13A04-E1B5-434C-955B-0F58848FCBDB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {506C4CD3-537B-4A87-8775-84A148CD28AA} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {5E8C4EA6-503A-4250-9E11-243F1CF77F86} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7FB7F4C3-C0A9-41AF-9760-46FEF1342FB8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {827EDAA6-CBED-4845-9434-3814F72A98DC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {9DA43639-B462-4E77-A79C-79B1E55CE803} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-02-28] (Google Inc -> Google Inc.)
Task: {C88C9777-80CD-4847-9578-403643BD81D3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {DAEAB0A7-A857-4B54-885E-4C0F96272510} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DE2F2D8F-990C-4D05-B136-95584230913D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6CE339A6-1503-48FD-81B7-1873BC7329C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [152216 2017-02-28] (Google Inc -> Google Inc.)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\8\NP_wtapp.dll [No File]
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\{FB006ADA-9AC6-45D2-B1F3-DBEF1885044B}
C:\WINDOWS\system32\Tasks\{751E46FF-7303-4F8E-AAC5-884BBA6FA61F}
C:\Users\lea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\lea\AppData\Local\{258815F9-3AAE-4562-9906-34531F5AB327}
C:\Users\lea\AppData\Local\{88162A60-9EE0-4243-80EA-28C11314C22C}
C:\Users\lea\AppData\Local\{BFCBE308-B71F-4405-8685-F7C54E257C31}
C:\Users\lea\AppData\Local\{C7457E69-1537-49DE-A364-DDAA2AF1984A}
C:\Users\lea\AppData\Local\{F67247BC-88E9-42C2-97C0-BBDA985D79FD}

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\STShellMenu64 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D91BC5B3-54E5-4132-9262-87D376D3AC83}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A149696C-16FC-4ABE-A022-F2A77C2B237D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FEFBB596-6589-4E53-B03B-8DA93FE79E4C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{294AE8BD-0625-4313-A67E-F7F04B6A0780}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C3A45A85-041A-48FB-8377-55DF807D799D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{69D05C7C-E7FA-4622-8465-FE867E0AECAE}" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02D0D1FC-094F-4384-801C-7722707A7C51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02D0D1FC-094F-4384-801C-7722707A7C51}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BD159AB-D364-494F-B181-2FD35E2C9035} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BD159AB-D364-494F-B181-2FD35E2C9035} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C030D7B-89B0-4462-ABC0-C21E316CDDA9} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C030D7B-89B0-4462-ABC0-C21E316CDDA9} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2DF13A04-E1B5-434C-955B-0F58848FCBDB} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DF13A04-E1B5-434C-955B-0F58848FCBDB} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{506C4CD3-537B-4A87-8775-84A148CD28AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{506C4CD3-537B-4A87-8775-84A148CD28AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5E8C4EA6-503A-4250-9E11-243F1CF77F86}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E8C4EA6-503A-4250-9E11-243F1CF77F86}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FB7F4C3-C0A9-41AF-9760-46FEF1342FB8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FB7F4C3-C0A9-41AF-9760-46FEF1342FB8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{827EDAA6-CBED-4845-9434-3814F72A98DC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{827EDAA6-CBED-4845-9434-3814F72A98DC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-URT" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DA43639-B462-4E77-A79C-79B1E55CE803}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DA43639-B462-4E77-A79C-79B1E55CE803}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C88C9777-80CD-4847-9578-403643BD81D3} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C88C9777-80CD-4847-9578-403643BD81D3} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAEAB0A7-A857-4B54-885E-4C0F96272510}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAEAB0A7-A857-4B54-885E-4C0F96272510}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DE2F2D8F-990C-4D05-B136-95584230913D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE2F2D8F-990C-4D05-B136-95584230913D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6CE339A6-1503-48FD-81B7-1873BC7329C0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CE339A6-1503-48FD-81B7-1873BC7329C0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@update.avastbrowser.com/Avast Browser;version=3 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@update.avastbrowser.com/Avast Browser;version=9 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0 => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\WINDOWS\system32\Tasks\{FB006ADA-9AC6-45D2-B1F3-DBEF1885044B} => moved successfully
C:\WINDOWS\system32\Tasks\{751E46FF-7303-4F8E-AAC5-884BBA6FA61F} => moved successfully
C:\Users\lea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\lea\AppData\Local\{258815F9-3AAE-4562-9906-34531F5AB327} => moved successfully
C:\Users\lea\AppData\Local\{88162A60-9EE0-4243-80EA-28C11314C22C} => moved successfully
C:\Users\lea\AppData\Local\{BFCBE308-B71F-4405-8685-F7C54E257C31} => moved successfully
C:\Users\lea\AppData\Local\{C7457E69-1537-49DE-A364-DDAA2AF1984A} => moved successfully
C:\Users\lea\AppData\Local\{F67247BC-88E9-42C2-97C0-BBDA985D79FD} => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29415852 B
Java, Flash, Steam htmlcache => 1285 B
Windows/system/drivers => 1284895 B
Edge => 33015 B
Chrome => 0 B
Firefox => 110913218 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 9022 B
NetworkService => 14036 B
lea => 11864627 B
DefaultAppPool => 11871283 B

RecycleBin => 81383 B
EmptyTemp: => 163.6 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:33:16 ====

Smazáno. Nastala nějaká změna?

Vypadá to docela dobře, disk konečněn není pořád na 100, jen občas při spouštění programů. Trochu se zadýchává při procházení START -> NASTAVENÍ ale je to použitelné, bude to i tím že je to starší stroj upg.z w7 na 10. Stím už asi moc nenaděláme. jen ještě dotaz, odinstaloval jsem Chrom a když jsem zprovoznil aktualizace win objevil se znova. Bylo to před čištěním, jak ho nejlépe odinstalovat?

Můžete ještě defragmentovat disk. Chrome odstraníte zcela pomocí např. TotalUninstal: https://www.instaluj.cz/total-uninstall . Chrome ale musí být pro tento program viditelný. Tzn. možná jej budete muset nejdřív znovu nainstalovat.

no on se "sam" zase nainstaloval. vyzkošim zase odinstalovat. Defrag.jsem dělal před čištěním trvalo to přez noc uvidím teď. děkuju. Příspěvek pošlu.

Rádo se stalo a za příspěvek předem děkujeme!