prosím o kontrolu logu Adition + FRST

[rpivodova]

Dobrý den, moc prosím o kontrolu logu a pomoc.
Při otevření se mi vždy otevře prohlížeč s Key 4 you, případně hurik.net.
Ráda bych se toho zbaila.

Moc díky.
Romana

ADITION.txt

==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.00 12/14/2015
Motherboard: MSI Z170A GAMING PRO CARBON (MS-7A12)
Processor: Intel(R) Core(TM) i5-6600 CPU @ 3.30GHz
Percentage of memory in use: 32%
Total physical RAM: 16344.03 MB
Available physical RAM: 11082.74 MB
Total Virtual: 32728.03 MB
Available Virtual: 26121.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.74 GB) (Free:24.22 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.06 GB) (Free:867.27 GB) FAT32
Drive e: (Data 2T) (Fixed) (Total:1863.01 GB) (Free:216.99 GB) NTFS

\\?\Volume{176e9ad4-77f8-4666-ae86-b0376dc50db1}\ () (Fixed) (Total:0.51 GB) (Free:0.09 GB) NTFS
\\?\Volume{bb4a8877-4120-495b-93c6-24f3db28a71b}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F73A54AC)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 442E0433)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================




FRST.txt


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\51.0.15.0\crashpad_handler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\94.0.4606.27\remoting_host.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Network Platform Group -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\NetLimiter 4\NLClientApp.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\NetLimiter 4\NLSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.14430.20270\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\79.0.4143.72\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\opera.exe <16>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [134936 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1674368 2021-01-22] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM\...\RunOnce: [auup697] => C:\Program Files\Avast Software\Avast\setup\auup697.exe [161560 2021-10-16] (Avast Software s.r.o. -> )
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-725635849-2753662235-2100813951-1000\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31046640 2020-08-20] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-725635849-2753662235-2100813951-1000\...\Run: [CiscoMeetingDaemon] => C:\Users\Romana\AppData\Local\WebEx\ciscowebexstart.exe [2360536 2021-03-05] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-725635849-2753662235-2100813951-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-725635849-2753662235-2100813951-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-725635849-2753662235-2100813951-1000\...\Run: [NetLimiter] => C:\Program Files\NetLimiter 4\nlclientapp.exe [93048 2020-06-18] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.15.0\GoogleDriveFS.exe [54124376 2021-09-09] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.71\Installer\chrmstp.exe [2021-10-02] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{E5931AF4-2A8F-48A5-AFC8-3605AD5C0A0C}] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2017-10-01]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass (Marvasol Inc) -> LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat [2018-01-08] () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04D7FE23-64EF-44FC-9F87-1277DEB99767} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1778456 2021-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {0E210EC0-0F5D-464D-841B-6BE74BD35D56} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {124FE574-1FAF-4171-8494-71F2B18EE86C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1C070CD2-60FE-40EC-9836-12373C7EEC25} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {208F1802-18FE-4730-93DD-94672781302C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2D10410F-0E5F-4FFD-8070-9B37F9A23FD7} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {36ED9DDB-EBBC-425C-A618-83DDD3C3EE05} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe [918288 2020-04-22] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {3DB33B02-5ACC-49E1-9A8A-B4B22FB78895} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {401F228D-E8F3-4757-9E7A-A709080C96A1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {42229054-EE8C-4A9F-9AF5-4F3D1BC6E986} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {490D44BD-AD34-4BDB-9C3E-9CCFA942DA5C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16494464 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4B2FF1A5-6D47-4281-8710-E386C307C29E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4C918FE8-8045-47DE-86C6-018FC989A3BA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5951635A-49E7-414B-AAC2-B16BBDE051BE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {6092453A-3DF8-4837-BDB9-BF16D5564C3D} - System32\Tasks\Opera scheduled Autoupdate 1529138729 => C:\Program Files\Opera\launcher.exe [42731728 2021-09-28] (Opera Software AS -> Opera Software)
Task: {6C163CE4-AE3F-471B-B715-3DD6E8936CCC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {70FDEA95-51FA-4AE4-AB83-7B9D35095D68} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053768 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {731985E0-04BB-4DC8-9F5F-9559D97B1E77} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {750EA5DB-245B-46B9-BF34-2BBC39AF5890} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7614A36A-47D1-4464-9600-31B3F6EDA4DF} - System32\Tasks\GoogleUpdateTaskMachineUA1d5ff5973ce011b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-22] (Google Inc -> Google Inc.)
Task: {7A427CEF-9DB8-4C3C-89B7-3E66BDB1C00F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7BBB46B1-3EC2-4326-B1EA-7119B759F6F7} - System32\Tasks\MSIOSDx86_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x86\MsiGamingOSD_x86.exe
Task: {7BD683DE-9922-4074-9103-319DE49E2F20} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {810618D2-F014-4EEB-B0CA-7470FF2801F9} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {894DA18E-CF70-439D-9712-CA29E6D08E10} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {89913FE7-BA58-4199-8F59-AA68FC78393B} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {901D9F6D-0E4E-451E-B494-E65B32963EF9} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {966A6D11-5C67-4164-9429-96F2157EE6EE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {9CF820BE-17D3-4595-8882-056DFBD022C5} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {9EF55379-1A03-4D13-B7BC-FB2DE12706AE} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68280 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A23E8E54-4BE4-47B2-AB43-46E8F04FA5B2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7053768 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {A66C22E1-DD05-4364-A878-1B7D5E0A581B} - System32\Tasks\MSIOSDx64_Host => C:\Program Files (x86)\MSI\Gaming APP\OSD\x64\MsiGamingOSD_x64.exe
Task: {A6A77CFF-2B02-4F2A-87AE-7770462F0373} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AB42F4BC-B982-49D1-B729-158AA6C9B51C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB8FC251-08F4-44A5-8D50-A56EF3831F8C} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {BFEC59C5-A664-414E-B9FA-D44CAD858CB3} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C16FC579-097F-46B1-B93D-0FA5004163C3} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C278291C-8FE9-4458-B9C1-81E6A9625FC4} - System32\Tasks\Maxthon5 Update => C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe [170784 2019-12-07] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
Task: {C44EE5BE-FEA3-4A3B-8744-4283D2B9965C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {CCB28218-1420-45DD-A6AD-CD60E43CA5B0} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CFC1CFDF-CFF8-43D9-A794-1A502FBB1980} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {D02E0EC4-B354-4032-9711-68646A93BE8A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE29A770-356D-4AFE-9B1A-7D499BC9001B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {E1E4D5B9-47B2-4CC5-A1D2-0E32AEEBDD49} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AdobeGCInvoker-1.0" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore1d5ff5973cb9e7c" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA1d5ff5973ce011b" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\Intel PTT EK Recertification" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\Maxthon5 Update" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d6ffdeab6a0f64" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MSIOSDx64_Host" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\MSIOSDx86_Host" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\MSISW_Host" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-725635849-2753662235-2100813951-500" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1529138729" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\StartCN" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\StartDVR" /ENABLE
Task: {EE42DA73-8B42-412A-BC1E-86DC8DDA7F43} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {F10A227F-7DBE-4DFD-8A7F-636A906FFFDC} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {F120519E-4E51-416A-B16F-5AFB3751CF57} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4929304 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
Task: {F22D1AC0-E1F7-4CCC-92E4-BCDD361D2E26} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F5361088-FEA6-4654-A6ED-C4BDCBA767CC} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61112 2019-08-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {FE8499D2-6EF5-4CFF-80DD-00DBE5946B49} - System32\Tasks\GoogleUpdateTaskMachineCore1d5ff5973cb9e7c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-09-22] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Intel PTT EK Recertification.job => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\IntelPTTEKRecertification.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6f70aeec-4f46-4183-8e2f-5965a4d8a8df}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
DownloadDir: C:\Users\Romana\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Romana\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-10]
Edge DownloadDir: Default -> C:\Users\Romana\Downloads

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2017-10-01] (LastPass (Marvasol Inc) -> LastPass)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-09-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2020-12-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2020-12-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2017-10-01] (LastPass (Marvasol Inc) -> LastPass)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-09-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default [2021-10-10]
CHR Notifications: Default -> hxxps://genuine-lamps.com; hxxps://meet.google.com; hxxps://www.aliexpress.com; hxxps://www.eobuv.cz; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.luxor.cz
CHR NewTab: Default -> Not-active:"chrome-extension://jpfpebmajhhopeonhlcgidhclcccjcik/newtab.html"
CHR Extension: (Disk Google) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-25]
CHR Extension: (Adobe Acrobat) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-28]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-10-10]
CHR Extension: (AirDroid Notifier) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\imlonnilcaednlloaadgddbjfliioklh [2019-05-12]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2021-01-26]
CHR Extension: (Speed Dial 2 New tab) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2020-04-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Simple EPUB Reader) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhbgcchcbdjdenibfmjofobklkkhofc [2016-11-12]
CHR Profile: C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-09-28]
CHR Extension: (Prezentace) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-07]
CHR Extension: (Dokumenty) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-07]
CHR Extension: (YouTube) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-07]
CHR Extension: (Adobe Acrobat) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-01-06]
CHR Extension: (Tabulky) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-01-06]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2021-01-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-07]
CHR Extension: (Gmail) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-06]
CHR Extension: (Chrome Media Router) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-06]
CHR Profile: C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-09-28]
CHR StartupUrls: Profile 2 -> "hxxps://www.zsrovniny.cz/cs/3-c/cl-550/","hxxp://www.google.cz/"
CHR DefaultSearchURL: Profile 2 -> hxxps://search.yahoo.com/search?fr=mcafee&type=E210US714G0&p={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> mcafee
CHR DefaultSuggestURL: Profile 2 -> hxxps://us.search.yahoo.com/sugg/gossip/gossip-us-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Prezentace) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-13]
CHR Extension: (Flash Video Downloader) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aiimdkdngfcipjohbjenkahhlhccpdbc [2020-10-19]
CHR Extension: (Dokumenty) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-13]
CHR Extension: (YouTube) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-13]
CHR Extension: (Adobe Acrobat) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-01-06]
CHR Extension: (Video Downloader professional) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2020-10-19]
CHR Extension: (Tabulky) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-13]
CHR Extension: (Bitdefender Wallet) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2021-01-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-01-06]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2021-01-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-05-13]
CHR Extension: (Gmail) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-06]
CHR Extension: (Chrome Media Router) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-06]
CHR Profile: C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 3 [2021-09-28]
CHR Extension: (Prezentace) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-02]
CHR Extension: (Dokumenty) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-02]
CHR Extension: (YouTube) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-02-02]
CHR Extension: (Tabulky) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-02]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-02-02]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Extension: (Gmail) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-02]
CHR Extension: (Chrome Media Router) - C:\Users\Romana\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-02]
CHR Profile: C:\Users\Romana\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-28]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd]
CHR HKU\S-1-5-21-725635849-2753662235-2100813951-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Romana\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2017-01-15]
CHR HKU\S-1-5-21-725635849-2753662235-2100813951-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd]

Opera:
=======
OPR Profile: C:\Users\Romana\AppData\Roaming\Opera Software\Opera Stable [2021-10-16]
OPR Notifications: Opera Stable -> hxxps://beasthackerz.ru; hxxps://cs.soringpcrepair.com; hxxps://meet.google.com; hxxps://store.ubi.com; hxxps://whatsappss.ru; hxxps://wp.aliexpress.com; hxxps://www.aliexpress.com; hxxps://www.plnapenezenka.cz; hxxps://www.reddit.com; hxxps://www.youtube.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Romana\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-09-29]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Romana\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-10]
OPR Extension: (Alitools - nákupní asistent) - C:\Users\Romana\AppData\Roaming\Opera Software\Opera Stable\Extensions\nkekkheibgkgeepapinkalkongndfajn [2021-09-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8323664 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [630040 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [377624 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\94.0.4606.27\remoting_host.exe [72536 2021-08-30] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44064 2021-01-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-13] (Malwarebytes Inc -> Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [178976 2019-12-07] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
R2 nlsvc; C:\Program Files\NetLimiter 4\NLSvc.exe [313720 2020-06-18] (Locktime Software s.r.o. -> Locktime Software)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MobileTrans\DriverInstall.exe [115856 2016-10-18] (Wondershare software CO., LIMITED -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [68592 2020-04-06] (FinalWire Kft. -> )
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221600 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369176 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250408 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99368 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-18] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41368 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184640 2021-09-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538480 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107864 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851712 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [557152 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2021-01-10] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-18] (Avast Software s.r.o. -> AVAST Software)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96616 2020-04-27] (Bitdefender SRL -> BitDefender)
S3 BOCDRIVE; C:\Program Files (x86)\Comodo\CBOClean\BOCDRIVE.sys [11504 2007-04-17] (Comodo CP, Inc -> Windows (R) Server 2003 DDK provider)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
R0 hotcore3; C:\WINDOWS\System32\DRIVERS\hotcore3.sys [34056 2014-11-17] (Paragon Software GmbH -> Paragon Software Group)
S3 I2cHkBurn; C:\WINDOWS\System32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-09-28] (Malwarebytes Inc -> Malwarebytes)
R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [183520 2020-06-18] (Locktime Software s.r.o. -> Locktime Software)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 QWAVEdrv; C:\WINDOWS\system32\drivers\qwavedrv.sys [53248 2019-12-07] (Microsoft Windows -> Microsoft Corporation) [File not signed]
S3 RvNetMP60; C:\WINDOWS\System32\drivers\RvNetMP60.sys [69048 2020-09-24] (Famatech Corp. -> Famatech Corp.)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 tapoas; C:\WINDOWS\System32\drivers\tapoas.sys [30720 2012-07-15] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tap_ovpnconnect; C:\WINDOWS\System32\drivers\tap_ovpnconnect.sys [40128 2020-10-27] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74048 2021-01-22] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2021-09-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [433384 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2020-12-20] (WireGuard LLC -> WireGuard LLC)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error Reading file: "C:\WINDOWS\SysWOW64\SelfFolder.idc"
Error Reading file: "C:\Users\Romana\AppData\Roaming\AudioConverter.exe"
Error Reading file: "C:\Users\Romana\AppData\Roaming\530354923"
2021-10-16 11:48 - 2021-10-16 11:49 - 000043100 _____ C:\Users\Romana\Desktop\FRST.txt
2021-10-16 11:48 - 2021-10-16 11:49 - 000000000 ____D C:\FRST
2021-10-16 11:46 - 2021-10-16 11:46 - 002310656 _____ (Farbar) C:\Users\Romana\Desktop\FRST64.exe
2021-10-03 18:46 - 2021-10-03 18:46 - 000001340 _____ C:\Users\Romana\Desktop\JRT.txt
2021-10-03 18:44 - 2021-10-03 18:44 - 001790024 _____ (Malwarebytes) C:\Users\Romana\Downloads\JRT.exe
2021-10-03 18:44 - 2021-10-03 18:44 - 000797760 _____ C:\Users\Romana\Downloads\delfix_1.013.exe
2021-09-29 21:15 - 2021-09-29 21:15 - 000648605 _____ C:\Users\Romana\Documents\ReportPCdoma.txt
2021-09-29 21:13 - 2021-09-29 21:17 - 000000000 ____D C:\WINDOWS\Minidump
2021-09-29 21:13 - 2021-09-29 21:13 - 000599340 _____ C:\WINDOWS\Minidump\092921-59765-01.dmp
2021-09-29 21:12 - 2021-09-29 21:16 - 1046400467 ____N C:\WINDOWS\MEMORY.DMP
2021-09-29 21:10 - 2021-09-29 21:10 - 000000000 ____D C:\Users\Romana\Documents\AIDA64 Reports
2021-09-29 01:16 - 2021-09-29 05:35 - 000000000 ____D C:\Users\Romana\Documents\Assassin's Creed Valhalla
2021-09-28 19:01 - 2021-09-29 20:17 - 000001389 _____ C:\Users\Romana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-09-28 19:01 - 2021-09-29 20:17 - 000000000 ____D C:\Users\Romana\AppData\Local\PCHealthCheck
2021-09-28 18:59 - 2021-09-28 18:59 - 014217216 _____ C:\Users\Romana\Downloads\WindowsPCHealthCheckSetup.msi
2021-09-28 18:59 - 2021-09-28 18:59 - 000000000 ____D C:\Users\Romana\AppData\Roaming\Locktime
2021-09-28 18:58 - 2021-09-28 18:58 - 000001108 _____ C:\Users\Public\Desktop\NetLimiter 4 (x64).lnk
2021-09-28 18:58 - 2021-09-28 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 4
2021-09-28 18:58 - 2021-09-28 18:58 - 000000000 ____D C:\ProgramData\Locktime
2021-09-28 18:58 - 2021-09-28 18:58 - 000000000 ____D C:\Program Files\NetLimiter 4
2021-09-28 18:55 - 2021-09-28 18:57 - 008519496 _____ C:\Users\Romana\Downloads\NetLimiter Pro 4.0.67.0 Enterprise Multilingual.rar
2021-09-28 18:44 - 2021-10-10 09:41 - 000002296 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-09-28 18:43 - 2021-09-28 18:49 - 000000000 ____D C:\Program Files\CCleaner
2021-09-28 18:43 - 2021-09-28 18:43 - 000000900 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-09-28 18:43 - 2021-09-28 18:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-09-28 18:39 - 2021-09-28 18:41 - 013975129 _____ C:\Users\Romana\Downloads\CCleaner Professional v5.55 CZ [AiO] (Cracknutý) [Kedar_CZ].zip
2021-09-25 10:25 - 2021-09-25 10:25 - 000002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-09-25 10:25 - 2021-09-25 10:25 - 000001936 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-09-25 10:25 - 2021-09-25 10:25 - 000001936 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-09-25 10:25 - 2021-09-25 10:25 - 000001924 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-09-25 10:25 - 2021-09-09 10:29 - 000389640 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3525.sys
2021-09-18 11:40 - 2021-09-18 11:40 - 000542185 _____ C:\Users\Romana\Documents\pozvanka50.pdf
2021-09-18 10:13 - 2021-09-18 10:13 - 000001430 _____ C:\Users\Romana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-09-18 09:41 - 2021-09-18 09:41 - 000000000 ___HD C:\$AV_ASW
2021-09-18 09:38 - 2021-09-18 09:38 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-09-18 09:37 - 2021-09-18 09:37 - 000002554 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-09-18 09:12 - 2021-09-18 09:37 - 000002578 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2021-09-18 09:12 - 2021-09-18 09:12 - 000002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2021-09-18 09:12 - 2021-09-18 09:12 - 000002185 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-09-18 09:12 - 2021-09-18 09:12 - 000000000 ____D C:\Users\Romana\AppData\Roaming\Avast Software
2021-09-18 09:12 - 2021-09-18 09:12 - 000000000 ____D C:\Users\Romana\AppData\Local\Avast Software
2021-09-18 09:10 - 2021-09-18 09:10 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-09-18 09:07 - 2021-10-10 09:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-09-18 09:07 - 2021-09-28 17:05 - 000184640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-18 09:07 - 2021-09-25 10:23 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-09-18 09:07 - 2021-09-18 09:07 - 000851712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000557152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000538480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000369176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-18 09:07 - 2021-09-18 09:07 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000250408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000221600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000107864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000099368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000041368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-09-18 09:07 - 2021-09-18 09:07 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-09-18 09:06 - 2021-09-18 09:06 - 000000000 ____D C:\Program Files\Avast Software
2021-09-18 07:43 - 2021-09-18 09:42 - 000000000 ____D C:\Users\Romana\Downloads\Microsoft Office 2019-2016 Professional Plus 1911 Build 12228.20332 x64 [FileCR]
2021-09-17 17:33 - 2021-09-18 00:15 - 143687696 _____ C:\Users\Romana\Downloads\Microsoft_Office_2019-2016_Professional_Plus_1911_Build_12228.20332_x64__FileCR_.zip
2021-09-17 16:33 - 2021-09-17 16:33 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-17 16:33 - 2021-09-17 16:33 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-17 16:33 - 2021-09-17 16:33 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-17 16:33 - 2021-09-17 16:33 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-09-17 16:33 - 2021-09-17 16:33 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-09-17 16:33 - 2021-09-17 16:33 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 16:33 - 2021-09-17 16:33 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-17 16:33 - 2021-09-17 16:33 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-17 16:33 - 2021-09-17 16:33 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-17 16:33 - 2021-09-17 16:33 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-09-17 16:33 - 2021-09-17 16:33 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-09-17 16:33 - 2021-09-17 16:33 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-09-17 16:33 - 2021-09-17 16:33 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-09-17 16:33 - 2021-09-17 16:33 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-17 16:33 - 2021-09-17 16:33 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-17 16:33 - 2021-09-17 16:33 - 000170496 _____ C:\WINDOWS\system32\DeviceUpdateCenterCsp.dll
2021-09-17 16:33 - 2021-09-17 16:33 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-17 16:33 - 2021-09-17 16:33 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-17 16:33 - 2021-09-17 16:33 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-09-17 16:33 - 2021-09-17 16:33 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-09-17 16:33 - 2021-09-17 16:33 - 000011355 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-09-17 16:27 - 2021-09-17 16:27 - 000000000 ___HD C:\$WinREAgent
2021-09-17 13:41 - 2021-09-17 13:41 - 000003053 _____ C:\Users\Romana\Desktop\vovlo.txt
2021-09-17 13:39 - 2021-09-17 13:40 - 000003053 _____ C:\Users\Romana\Documents\vovlo.txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-16 11:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-16 11:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-16 11:44 - 2020-06-05 07:37 - 000002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-16 11:44 - 2020-06-05 07:37 - 000002311 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-10 18:22 - 2019-12-08 18:56 - 000000000 ____D C:\Users\Romana\Documents\Soubory aplikace Outlook
2021-10-10 18:22 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-10 18:22 - 2018-06-16 10:44 - 000000000 ____D C:\Program Files\Opera
2021-10-10 17:49 - 2016-09-20 16:52 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-10 17:14 - 2021-02-15 11:36 - 000003938 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1529138729
2021-10-10 17:14 - 2018-06-16 10:45 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-10-10 17:12 - 2021-02-10 20:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-10 17:12 - 2018-06-16 13:28 - 000000000 ____D C:\Users\Romana\AppData\Local\D3DSCache
2021-10-10 09:42 - 2021-03-08 17:51 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-10 09:42 - 2021-03-08 17:51 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ffdeab6a0f64
2021-10-10 09:41 - 2021-02-10 21:00 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-10-10 09:41 - 2021-02-10 21:00 - 000003492 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA1d5ff5973ce011b
2021-10-10 09:41 - 2021-02-10 21:00 - 000003280 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2021-10-10 09:41 - 2021-02-10 21:00 - 000003268 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d5ff5973cb9e7c
2021-10-10 09:41 - 2021-02-10 21:00 - 000002914 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-725635849-2753662235-2100813951-500
2021-10-10 09:41 - 2021-02-10 21:00 - 000002760 _____ C:\WINDOWS\system32\Tasks\Maxthon5 Update
2021-10-10 09:41 - 2021-02-10 21:00 - 000002672 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-10-10 09:41 - 2021-02-10 21:00 - 000002328 _____ C:\WINDOWS\system32\Tasks\MSIOSDx86_Host
2021-10-10 09:41 - 2021-02-10 21:00 - 000002328 _____ C:\WINDOWS\system32\Tasks\MSIOSDx64_Host
2021-10-10 09:41 - 2021-02-10 21:00 - 000002262 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-10-10 09:41 - 2021-02-10 21:00 - 000002262 _____ C:\WINDOWS\system32\Tasks\MSISW_Host
2021-10-10 09:41 - 2021-02-10 21:00 - 000002182 _____ C:\WINDOWS\system32\Tasks\StartDVR
2021-10-10 09:40 - 2020-08-22 19:51 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-03 18:42 - 2020-06-10 21:26 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-10-03 13:57 - 2016-09-25 10:46 - 000000000 ____D C:\Users\Romana\AppData\Local\Ubisoft Game Launcher
2021-10-02 21:08 - 2016-09-20 16:52 - 000002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-02 21:06 - 2021-02-10 21:03 - 002767000 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-02 21:06 - 2021-02-10 18:50 - 000797094 _____ C:\WINDOWS\system32\perfh019.dat
2021-10-02 21:06 - 2021-02-10 18:50 - 000167606 _____ C:\WINDOWS\system32\perfc019.dat
2021-10-02 21:06 - 2019-12-07 16:43 - 000752110 _____ C:\WINDOWS\system32\perfh005.dat
2021-10-02 21:06 - 2019-12-07 16:43 - 000163182 _____ C:\WINDOWS\system32\perfc005.dat
2021-10-02 21:06 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-29 21:18 - 2021-02-10 19:20 - 000000000 ____D C:\Users\Romana
2021-09-29 21:16 - 2021-02-10 21:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-29 20:42 - 2021-01-10 21:04 - 000000000 ____D C:\ProgramData\Avast Software
2021-09-29 20:36 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-09-29 20:36 - 2017-06-20 11:32 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-09-28 18:58 - 2017-08-12 11:11 - 000000000 ____D C:\Temp
2021-09-28 18:40 - 2019-12-15 19:37 - 000000000 ____D C:\Users\Romana\Desktop\HRY
2021-09-28 18:18 - 2020-04-05 10:44 - 000000000 ____D C:\Program Files (x86)\ClockworkMod
2021-09-28 17:21 - 2021-06-13 10:00 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-09-28 17:05 - 2018-06-14 19:09 - 000000000 ____D C:\Users\Romana\AppData\Local\Google
2021-09-25 10:26 - 2016-09-23 14:47 - 000000000 ____D C:\Program Files\Microsoft Office
2021-09-25 10:25 - 2017-10-01 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-09-25 10:25 - 2016-09-20 16:52 - 000000000 ____D C:\Program Files\Google
2021-09-18 09:37 - 2021-09-15 17:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2021-09-18 09:37 - 2021-06-13 09:54 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-09-18 09:37 - 2020-12-13 17:35 - 000002548 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-09-18 09:37 - 2020-12-13 17:35 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-09-18 09:37 - 2020-12-13 17:35 - 000002520 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-09-18 09:37 - 2020-12-13 17:35 - 000002481 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-09-18 09:37 - 2020-12-13 17:35 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-09-18 09:37 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-09-18 09:07 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-18 09:07 - 2016-09-22 18:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-09-18 09:02 - 2016-10-22 21:18 - 000000000 ____D C:\Users\Romana\AppData\Local\CrashDumps
2021-09-18 01:22 - 2021-02-10 20:51 - 000452808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-09-18 01:21 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-09-18 01:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-09-18 01:21 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-17 16:35 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-09-17 16:26 - 2016-09-22 17:56 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-17 16:23 - 2016-09-22 17:56 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-17 14:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories ========

2017-10-01 10:09 - 2017-10-01 10:09 - 019110936 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2018-05-20 18:35 - 2018-05-20 18:35 - 000000039 _____ () C:\Users\Romana\AppData\Roaming\checkz.bat
2018-05-20 18:35 - 2018-05-20 18:35 - 000000289 _____ () C:\Users\Romana\AppData\Roaming\myz.dll
2020-12-12 17:10 - 2020-12-12 17:10 - 000045056 _____ () C:\Users\Romana\AppData\Roaming\Web Data
2020-12-12 17:10 - 2020-12-12 17:10 - 000000000 _____ () C:\Users\Romana\AppData\Roaming\Web Data-journal
2018-05-20 18:35 - 2018-05-20 18:35 - 000000116 _____ () C:\Users\Romana\AppData\Roaming\zozo.txt
2020-06-10 21:24 - 2020-06-10 21:24 - 000000410 _____ () C:\Users\Romana\AppData\Local\oobelibMkey.log
2018-05-20 18:36 - 2018-05-20 18:36 - 000000003 _____ () C:\Users\Romana\AppData\Local\wbem.ini
2019-11-16 15:27 - 2019-11-16 15:27 - 001451859 _____ () C:\Users\Romana\AppData\Local\zcv8e70sbp58.zip

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[JaRon]

Ahoj
- najdi a ZMAZ subor Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java 32bit.bat
- vycisti PC s CCleanerom
Restart a hotovo

[rpivodova]

moc díky, vyřešeno

[JaRon]

To ma tesi