Zdravím. Před několika dny se objevila vyskakovací stránka Gloyahu. Zkusil jsem odinstalovat všechny možné programy a rozšíření Opery, ale je tam pořád. Vyskakuje při zapnutí počítače. Malwarebytes ho zablokuje ale nezastaví. A brzy mu skončí trial a bude Gloyah bude zpět. Prosím o pomoc.
overlord48

Malwarebytes musi stacit k likvidaci.

https://malwaretips.com/blogs/remove-gloyah-net/

Jsou tam ale jeste dalsi kroky.

Dobry den

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.

Tady to je.

vlož sem , -pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

Co je za problém? Nejdou otevřít?

Logy vlož sem , do příspěvku , z toho texťáku se to špatně luští.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by acer (administrator) on ACER-NTB (Acer Aspire E5-572G) (09-07-2019 10:43:26)
Running from C:\Users\acer\Desktop
Loaded Profiles: acer (Available Profiles: acer)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Fortemedia Inc -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Fortemedia Inc -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Gaijin Network LTD -> Gaijin Entertainment) C:\Users\acer\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Mail.Ru, LLC -> ) C:\Users\acer\AppData\Local\GameCenter\GameCenter.exe
(Mail.Ru, LLC -> ) C:\Users\acer\AppData\Local\GameCenter\GameCenter.exe
(Mail.Ru, LLC -> ) C:\Users\acer\AppData\Local\GameCenter\GameCenter.exe
(Mail.Ru, LLC -> ) C:\Users\acer\AppData\Local\GameCenter\GameCenter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\62.0.3331.43\opera_crashreporter.exe
(Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1923008 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5580608 2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\acer\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\acer\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\Run: [AvastBrowserAutoLaunch_DDCF4F8EFD9886AA021E5A45064136EC] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\Run: [Gaijin.Net Updater] => C:\Users\acer\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2105416 2019-04-19] (Gaijin Network LTD -> Gaijin Entertainment)
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\MountPoints2: {010a4381-27b1-11e8-82e8-f8a963e3c09d} - "E:\Startme.exe"
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2013-02-26] (Beepa P/L) [File not signed]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2013-02-26] (Beepa P/L) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-24] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\Windows\SysWOW64\advpack.dll [2014-11-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\Installer\chrmstp.exe [2019-06-28] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2018-07-17] () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03FA82B1-B314-417A-8D16-93027263B20B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {0632E821-2F6B-484E-9DC1-C79C5A360EEC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {071189A0-163A-41BF-AED6-55C6BB0EB060} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [947136 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1262F7F3-8AC0-4CAC-82F3-8B14D3D7EC82} - System32\Tasks\{C28ADA92-6260-442F-A140-E81F92719D7B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Cenega Czech\Mafia\Game.exe" -d "C:\Program Files (x86)\Cenega Czech\Mafia"
Task: {175E0419-7096-4FDD-BC0E-508F80107441} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {1ABDE700-2400-4089-A89F-4FFB3D9C8887} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1DD87C4B-2A90-495D-B4DC-76AEB444E487} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_207_pepper.exe [1452600 2019-06-12] (Adobe Inc. -> Adobe)
Task: {1E93BCE7-BD2A-4019-9A4B-ADB75993B921} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {243CCD86-4262-4134-B232-BE2AEEB96BF3} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2436936 2019-02-25] (Overwolf Ltd -> Overwolf LTD)
Task: {31F3689F-1A4F-4AFC-BAE3-99C86CBC057B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {5D5EDA04-E0FB-4642-AE04-EA8CCD593393} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [436160 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {825B6D18-ECD0-4AD1-846E-11A8F36CA566} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {8EA5463D-2C87-4374-A0F6-42F9B04159C9} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {9218510F-4FDD-4BCB-B865-A103938988BF} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {96802597-A604-4EE3-81C4-184E03EC45F0} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {96FE842B-D48F-42DE-82D7-DC36D97CAF54} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc -> Dropbox, Inc.)
Task: {977FCA72-427B-4804-9333-D1A5E9048750} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {A9860504-4D5B-4AB5-9BFF-6153C2B0A553} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-05] (Google Inc -> Google Inc.)
Task: {AE7BC221-405B-4A19-AC69-4815687F5909} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [722880 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6A988BF-1534-4466-A8C1-8F5A2EDDC0AD} - System32\Tasks\{9DC78F9B-20D1-4516-91C3-51B055297F0A} => C:\Windows\system32\pcalua.exe -a C:\Users\acer\Downloads\half-life2_cestina101.exe -d C:\Users\acer\Downloads
Task: {BCE8E201-2DBA-4F18-AE34-8CA926B3CAE9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-05] (Google Inc -> Google Inc.)
Task: {DAC02F93-A57D-4A4E-81E8-246F492F73E6} - System32\Tasks\{26832B36-9323-4DD7-8A43-6993DBAEE770} => C:\Windows\system32\pcalua.exe -a E:\panel.exe -d E:\
Task: {E51ED642-6BE5-4165-AC18-6536972F7237} - System32\Tasks\Opera scheduled Autoupdate 1491467924 => C:\Program Files\Opera\launcher.exe [1519640 2019-07-03] (Opera Software AS -> Opera Software)
Task: {E8E2DEEB-D251-4F85-9CAD-C0BBE8357957} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ED8E65F2-0A47-4C2D-B7DC-D509AEF2097A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F018BCBE-A3D7-4D51-B7D3-6AED706DD647} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {F2D829DB-901D-4079-A7FD-3AE2D52B2942} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [1540544 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FD21F86C-4A73-473C-B67A-D58683DA250A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [651200 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{69D3633B-A6DF-453D-80A4-0B37BE5F59D2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B1B36B7F-210F-4AB0-B17A-D858CE9FBFBA}: [DhcpNameServer] 192.168.2.1 10.100.0.100 10.10.10.10

Internet Explorer:
==================
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-2847046601-3309215626-2780992325-1001 -> {82D3FCE6-8CBE-4E3E-8EB3-D7DC0F409534} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 5ofe4kzi.default
FF ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\5ofe4kzi.default [2019-07-04]
FF Extension: (Seznam doplněk - Esko) - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\5ofe4kzi.default\Extensions\sko-extension@firma.seznam.cz [2018-08-17]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\5ofe4kzi.default\Extensions\sp@avast.com.xpi [2019-07-04]
FF Extension: (Avast Online Security) - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\5ofe4kzi.default\Extensions\wrc@avast.com.xpi [2018-07-17]
FF Extension: (Seznam doplněk - Email) - C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\5ofe4kzi.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2018-08-17]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://worldoftanks.eu/","hxxp://forum.worldoftanks.eu/index.php?/forum/455-forum/","hxxp://www.modxvm.com/en/"
CHR NewTab: Default -> Active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default [2019-07-09]
CHR Extension: (Prezentace) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-05]
CHR Extension: (Seznam doplněk - Email) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-02-16]
CHR Extension: (YouTube) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-05]
CHR Extension: (Tabulky) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-02-16]
CHR Extension: (Gmail) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-26]
CHR HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Session Restore: -> is enabled.
OPR Extension: (BetterTTV) - C:\Users\acer\AppData\Roaming\Opera Software\Opera Stable\Extensions\deofbbdfofnmppcjbhjibgodpcdchjii [2017-10-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.0.1447.80\elevation_service.exe [978720 2019-06-12] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-06] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-06-24] (Dropbox, Inc -> Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-05-30] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-03-20] (GOG Sp. z o.o. -> GOG.com)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-21] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2436936 2019-02-25] (Overwolf Ltd -> Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2018-01-24] (Even Balance, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [207448 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [262496 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [279120 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [168104 2019-06-24] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [477584 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [225600 2019-06-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-04-07] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-04-07] (Disc Soft Ltd -> Disc Soft Ltd)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-07-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48064 2017-09-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [59448 2017-03-17] (NVIDIA Corporation -> NVIDIA Corporation)
S4 RAMDiskVE; C:\Windows\System32\Drivers\RAMDiskVE.sys [86680 2018-03-28] (Dataram Corporation -> Dataram, Inc.)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2014-04-02] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz139; \??\C:\Users\acer\AppData\Local\Temp\cpuz139\cpuz139_x64.sys [X] <==== ATTENTION
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-09 10:43 - 2019-07-09 10:44 - 000032725 _____ C:\Users\acer\Desktop\FRST.txt
2019-07-09 10:42 - 2019-07-09 10:43 - 000000000 ____D C:\FRST
2019-07-09 10:42 - 2019-07-09 10:42 - 002420224 _____ (Farbar) C:\Users\acer\Downloads\FRST64.exe
2019-07-09 10:42 - 2019-07-09 10:42 - 002420224 _____ (Farbar) C:\Users\acer\Desktop\FRST64.exe
2019-07-08 18:11 - 2019-07-08 19:14 - 697506615 _____ C:\Users\acer\Downloads\Stranger Things S03E07 The Bite,720p, CZ titulky.mkv
2019-07-08 14:04 - 2019-07-08 14:04 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-07-06 11:25 - 2019-07-06 11:25 - 001859837 _____ C:\Users\acer\Downloads\15623525676974_france_F113_Bretagne_Panther_campania_big.wotreplay
2019-07-06 11:25 - 2019-07-06 11:25 - 001292008 _____ C:\Users\acer\Downloads\15621456216025_usa_A123_T78_redshire.wotreplay
2019-07-06 11:24 - 2019-07-06 11:24 - 001489278 _____ C:\Users\acer\Downloads\15622250236036_uk_GB11_Caernarvon_minsk.wotreplay
2019-07-03 18:24 - 2019-07-03 21:24 - 1580439741 _____ C:\Users\acer\Downloads\Pulp Fiction - Historky z podsvětí [CZ EN 1080p].mkv
2019-07-03 14:17 - 2019-07-03 14:17 - 000000000 ____D C:\Users\acer\AppData\Local\mbam
2019-07-03 14:16 - 2019-07-03 14:16 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-03 14:16 - 2019-07-03 14:16 - 000000000 ____D C:\Users\acer\AppData\Local\mbamtray
2019-07-03 14:16 - 2019-07-03 14:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-03 14:16 - 2019-07-03 14:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-03 14:16 - 2019-07-03 14:16 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-03 14:16 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-07-03 10:20 - 2019-07-03 12:02 - 1402898832 _____ C:\Users\acer\Downloads\Top.Gear.S27E03.720p.HDTV.x264-MTB.mkv
2019-07-02 15:30 - 2019-07-08 23:41 - 000000000 ____D C:\Users\Public\Documents\GTA Vice City User Files
2019-07-02 15:04 - 2019-07-02 15:28 - 000000000 ____D C:\Users\acer\Documents\GTA Vice City User Files
2019-07-02 15:03 - 2019-07-02 15:03 - 000001314 _____ C:\Users\acer\Desktop\GTA Vice City.lnk
2019-07-02 14:59 - 2019-07-02 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2019-07-02 14:58 - 2019-07-02 14:58 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2019-07-01 21:50 - 2019-07-01 21:50 - 000000000 ____D C:\ProgramData\Caphyon
2019-07-01 21:47 - 2019-07-01 21:47 - 000000000 ____D C:\Users\acer\AppData\Roaming\Rockstar Games
2019-06-28 09:52 - 2019-06-28 10:06 - 261089292 _____ C:\Users\acer\Downloads\iZombie.S05E09.HDTV.x264-SVA[ettv].mkv
2019-06-26 10:44 - 2019-06-26 10:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-06-24 18:39 - 2019-06-24 19:54 - 1278102926 _____ C:\Users\acer\Downloads\Top Gear s27e02.mkv
2019-06-24 14:12 - 2019-06-24 14:12 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-06-24 14:12 - 2019-06-24 14:12 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-06-24 14:12 - 2019-06-24 14:12 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-06-24 14:12 - 2019-06-24 14:12 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-06-22 11:43 - 2019-06-22 12:00 - 190962830 _____ C:\Users\acer\Downloads\iZombie.S05E08.720p.WEB.x265-MiNX.mkv
2019-06-21 10:46 - 2019-06-21 10:46 - 000000000 _____ C:\Users\acer\AppData\Local\{BC26B681-C5EF-45F0-AB6C-8B77C621F924}
2019-06-21 10:46 - 2019-06-21 10:46 - 000000000 _____ C:\Users\acer\AppData\Local\{B2396E2A-5BB0-4E68-B2F7-1EC1643F34C9}
2019-06-20 14:56 - 2019-06-20 14:56 - 000000000 ____D C:\Users\acer\Documents\Hitman Blood Money
2019-06-20 11:06 - 2019-06-20 11:06 - 000000220 _____ C:\Users\acer\Desktop\Hitman Blood Money.url
2019-06-18 09:22 - 2019-06-18 11:51 - 1770310715 _____ C:\Users\acer\Downloads\Top Gear s27e01.1080p.hdtv.h264-mtb.mp4
2019-06-17 10:59 - 2019-06-16 19:33 - 226633545 _____ C:\Users\acer\Downloads\iZombie.S05E06.iNTERNAL.720p.WEB-DL.x265-HETeam.mkv
2019-06-14 17:53 - 2019-06-14 18:07 - 252730495 _____ C:\Users\acer\Downloads\iZombie.S05E07.HDTV.x264-SVA[ettv].mkv
2019-06-12 12:36 - 2019-05-22 19:50 - 000098320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-12 12:36 - 2019-05-21 02:45 - 001494016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-06-12 12:36 - 2019-04-12 15:20 - 000914584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-06-12 12:35 - 2019-05-31 18:53 - 000394240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-12 12:35 - 2019-05-25 02:42 - 002297344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-06-12 12:35 - 2019-05-25 02:20 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-06-12 12:35 - 2019-05-25 02:16 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-06-12 12:35 - 2019-05-25 02:15 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-06-12 12:35 - 2019-05-25 02:02 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-06-12 12:35 - 2019-05-25 01:59 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-06-12 12:35 - 2019-05-25 01:56 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-06-12 12:35 - 2019-05-21 02:47 - 001560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-06-12 12:35 - 2019-05-17 06:07 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-12 12:35 - 2019-05-11 18:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-06-12 12:35 - 2019-05-10 15:20 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-12 12:35 - 2019-05-10 15:20 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-12 12:35 - 2019-05-10 15:20 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-12 12:35 - 2019-05-10 15:20 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-12 12:35 - 2019-05-09 07:47 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-06-12 12:34 - 2019-05-25 03:59 - 019790160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-12 12:34 - 2019-05-25 03:56 - 000370872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-12 12:34 - 2019-05-25 03:56 - 000344984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-06-12 12:34 - 2019-05-25 03:07 - 020275712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-06-12 12:34 - 2019-05-25 02:45 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-06-12 12:34 - 2019-05-25 02:37 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-06-12 12:34 - 2019-05-25 02:23 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-06-12 12:34 - 2019-05-25 02:23 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2019-06-12 12:34 - 2019-05-25 02:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-06-12 12:34 - 2019-05-25 02:22 - 004492800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-06-12 12:34 - 2019-05-25 02:17 - 013706240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-06-12 12:34 - 2019-05-25 02:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-06-12 12:34 - 2019-05-25 02:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-06-12 12:34 - 2019-05-21 02:46 - 001085952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-06-12 12:34 - 2019-05-16 20:22 - 000334280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-12 12:34 - 2019-05-11 17:34 - 000697344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-06-12 12:34 - 2019-05-09 08:30 - 003619328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-12 12:28 - 2019-05-31 18:55 - 001265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-12 12:28 - 2019-05-31 18:54 - 000504832 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-12 12:28 - 2019-05-25 04:36 - 022373096 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-12 12:28 - 2019-05-25 03:20 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-12 12:28 - 2019-05-25 03:10 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-06-12 12:28 - 2019-05-25 03:09 - 005776384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-12 12:28 - 2019-05-25 02:31 - 000963072 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-12 12:28 - 2019-05-25 02:19 - 000551152 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-06-12 12:28 - 2019-05-22 20:20 - 000120312 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-12 12:28 - 2019-05-21 02:49 - 001756160 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-06-12 12:28 - 2019-05-16 20:23 - 000444144 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-12 12:28 - 2019-05-14 16:01 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-12 12:28 - 2019-05-11 17:46 - 000840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-06-12 12:28 - 2019-04-25 00:38 - 002452208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-12 12:28 - 2019-04-12 15:20 - 000994384 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-06-12 12:28 - 2019-04-12 15:20 - 000064248 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-06-12 12:27 - 2019-05-25 03:42 - 025733632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-12 12:27 - 2019-05-25 03:22 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-12 12:27 - 2019-05-25 02:52 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-06-12 12:27 - 2019-05-25 02:50 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-06-12 12:27 - 2019-05-25 02:50 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2019-06-12 12:27 - 2019-05-25 02:45 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-06-12 12:27 - 2019-05-25 02:40 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-06-12 12:27 - 2019-05-25 02:38 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-12 12:27 - 2019-05-25 02:38 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-12 12:27 - 2019-05-25 02:38 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-12 12:27 - 2019-05-25 02:34 - 015311872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-12 12:27 - 2019-05-25 02:30 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-12 12:27 - 2019-05-25 02:05 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-06-12 12:27 - 2019-05-21 03:34 - 007362808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-12 12:27 - 2019-05-11 17:50 - 001441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-12 12:27 - 2019-05-09 09:41 - 003325440 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-12 12:26 - 2019-05-25 04:30 - 000500464 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-12 12:26 - 2019-05-25 04:30 - 000394568 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-06-12 12:26 - 2019-05-25 04:30 - 000272184 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-12 12:26 - 2019-05-25 02:36 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-12 12:26 - 2019-05-25 02:17 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-12 12:26 - 2019-05-25 02:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-06-12 12:26 - 2019-05-25 02:16 - 000911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-12 12:26 - 2019-05-21 03:42 - 001368592 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-06-12 12:26 - 2019-05-21 02:57 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-12 12:26 - 2019-05-21 02:50 - 001383424 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-12 12:26 - 2019-05-17 06:47 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-12 12:26 - 2019-05-14 22:23 - 000377800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-06-12 12:26 - 2019-05-11 18:21 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-06-12 12:26 - 2019-05-09 08:40 - 002779648 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-06-12 12:25 - 2019-05-03 15:51 - 000081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2019-06-12 12:25 - 2019-05-03 15:34 - 001202176 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-09 10:37 - 2018-04-28 19:14 - 000000000 ____D C:\Users\acer\AppData\Local\GameCenter
2019-07-09 10:35 - 2017-04-03 16:56 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2847046601-3309215626-2780992325-1001
2019-07-09 10:31 - 2017-04-06 12:41 - 000000000 ____D C:\Users\acer\AppData\Roaming\discord
2019-07-09 10:05 - 2017-04-05 08:40 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-08 23:42 - 2017-04-06 12:48 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-08 23:41 - 2017-11-17 16:44 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-07-08 23:41 - 2017-04-06 12:24 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-07-08 23:41 - 2017-04-06 12:12 - 000002788 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-07-08 23:41 - 2017-04-06 10:38 - 000003834 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1491467924
2019-07-08 23:41 - 2017-04-05 09:20 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-07-08 23:41 - 2017-04-05 09:20 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-07-08 23:41 - 2017-04-05 09:18 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-07-08 23:08 - 2017-04-06 12:24 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-07-08 21:58 - 2017-04-05 09:25 - 000000000 ____D C:\Users\acer\AppData\Local\ClassicShell
2019-07-08 21:04 - 2017-04-06 14:04 - 000000000 ____D C:\Users\acer\AppData\Roaming\TS3Client
2019-07-08 14:04 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-08 14:01 - 2017-04-06 12:00 - 000000000 ____D C:\Users\acer\AppData\Local\Battle.net
2019-07-08 13:05 - 2017-04-06 12:09 - 000000000 ____D C:\Users\acer\AppData\Local\Overwolf
2019-07-08 11:12 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\LiveKernelReports
2019-07-08 11:10 - 2019-01-28 12:40 - 000000000 _____ C:\Windows\system32\last.dump
2019-07-07 18:08 - 2014-11-21 06:53 - 001739092 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-07 18:08 - 2014-11-21 06:10 - 000734510 _____ C:\Windows\system32\perfh005.dat
2019-07-07 18:08 - 2014-11-21 06:10 - 000148820 _____ C:\Windows\system32\perfc005.dat
2019-07-07 18:08 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2019-07-07 11:31 - 2017-04-06 10:40 - 000000000 ____D C:\Users\acer\AppData\Local\CrashDumps
2019-07-05 14:59 - 2017-06-29 16:45 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-07-05 14:59 - 2017-04-06 10:38 - 000001050 _____ C:\Users\Public\Desktop\Prohlížeč Opera.lnk
2019-07-05 14:59 - 2017-04-06 10:37 - 000000000 ____D C:\Program Files\Opera
2019-07-04 19:19 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2019-07-04 16:29 - 2017-04-03 16:51 - 000000000 ____D C:\Users\acer
2019-07-04 16:06 - 2019-03-19 11:38 - 000000000 ____D C:\FFOutput
2019-07-04 15:57 - 2017-04-05 09:22 - 000000000 ____D C:\Users\acer\AppData\Roaming\vlc
2019-07-04 10:54 - 2017-04-06 10:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-04 10:43 - 2017-04-06 10:55 - 000000000 ____D C:\Users\acer\AppData\LocalLow\Mozilla
2019-07-04 10:42 - 2017-04-06 10:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-07-03 18:11 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-07-03 12:49 - 2017-04-06 12:04 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2019-07-03 10:51 - 2017-04-06 12:47 - 000000000 ____D C:\Users\acer\AppData\Roaming\DAEMON Tools Lite
2019-07-02 14:59 - 2017-04-05 08:45 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-07-02 12:00 - 2017-04-05 13:47 - 000000000 ____D C:\Games
2019-06-30 19:02 - 2017-04-06 11:57 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2019-06-28 16:01 - 2019-04-17 18:41 - 000003732 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-06-28 16:01 - 2019-04-17 18:41 - 000003150 _____ C:\Windows\System32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-06-28 16:01 - 2018-04-05 09:35 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-06-26 10:44 - 2017-04-06 12:34 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-06-24 14:41 - 2017-04-05 09:21 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-24 14:41 - 2017-04-05 09:21 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-24 14:26 - 2017-04-06 12:24 - 000168104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-06-20 11:06 - 2017-06-21 07:45 - 000000000 ____D C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-06-19 23:07 - 2017-04-07 07:50 - 000000000 ____D C:\Users\acer\Documents\My Games
2019-06-19 23:07 - 2017-04-06 12:57 - 000000000 ____D C:\Program Files (x86)\Ubisoft
2019-06-19 23:06 - 2019-02-02 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
2019-06-19 18:33 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2019-06-19 12:14 - 2017-04-06 12:10 - 000000000 ____D C:\Program Files\TeamSpeak 3 Client
2019-06-19 12:09 - 2017-04-06 12:57 - 000000000 ____D C:\Users\acer\AppData\Local\Ubisoft Game Launcher
2019-06-17 15:07 - 2017-04-06 12:24 - 000225600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-06-17 12:12 - 2017-12-07 21:37 - 000000000 ____D C:\Users\acer\AppData\Roaming\Bioshock2Steam
2019-06-17 11:16 - 2017-04-06 10:35 - 000000000 ____D C:\Users\acer\Documents\VOŠ
2019-06-14 20:03 - 2013-08-22 16:44 - 000616120 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-14 19:58 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2019-06-14 19:57 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2019-06-13 19:16 - 2017-04-05 09:18 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-13 06:41 - 2017-04-06 11:53 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-13 06:41 - 2017-04-06 11:53 - 000000000 ____D C:\Windows\system32\MRT
2019-06-12 10:08 - 2017-04-05 09:25 - 000000000 ____D C:\Users\acer\AppData\Local\Adobe
2019-06-12 10:06 - 2017-04-07 11:33 - 000004540 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-06-12 10:06 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-06-12 10:06 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-06-10 18:39 - 2017-04-11 19:22 - 000000000 ____D C:\Users\acer\AppData\Roaming\MusicBee
2019-06-09 22:34 - 2017-04-07 10:43 - 000000000 ____D C:\KMPlayer

==================== Files in the root of some directories ================

2019-06-21 10:46 - 2019-06-21 10:46 - 000000000 _____ () C:\Users\acer\AppData\Local\{B2396E2A-5BB0-4E68-B2F7-1EC1643F34C9}
2019-06-21 10:46 - 2019-06-21 10:46 - 000000000 _____ () C:\Users\acer\AppData\Local\{BC26B681-C5EF-45F0-AB6C-8B77C621F924}

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-07-02 16:19
==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by acer (09-07-2019 10:45:16)
Running from C:\Users\acer\Desktop
Windows 8.1 (Update) (X64) (2017-04-03 14:50:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

acer (S-1-5-21-2847046601-3309215626-2780992325-1001 - Administrator - Enabled) => C:\Users\acer
Administrator (S-1-5-21-2847046601-3309215626-2780992325-500 - Administrator - Disabled)
Guest (S-1-5-21-2847046601-3309215626-2780992325-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.207 - Adobe)
Aktualizace NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 387.92 - NVIDIA Corporation) Hidden
Armored Warfare MyCom (HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\Armored Warfare MyCom) (Version: 1.233 - My.com B.V.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Aslain's WoT Modpack verze 1.5.1.1.01 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 1.5.1.1.01 - Aslain)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 75.0.1447.80 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.45.10 - Bethesda Softworks)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
ČeštinaAW (HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\ČeštinaAW) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
Dropbox (HKLM-x32\...\Dropbox) (Version: 75.4.141 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FormatFactory 4.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.5.0.0 - Free Time)
GameCenter My.com (HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\GameCenter) (Version: 4.1460 - My.com B.V.)
GCFScape 1.8.6 (HKLM\...\GCFScape_is1) (Version: - Ryan Gregg)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
GTA Vice City CZ (HKLM-x32\...\GTA Vice City CZ 1.2.0) (Version: 1.2.0 - Rockstar Games)
HearthArena Companion (HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\Overwolf_eldaohcjmecjpkpdhhoiolhhaeapcldppbdgbnbc) (Version: 1.5.0.2 - Overwolf app)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\HearthstoneDeckTracker) (Version: 1.6.3 - HearthSim)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
IZArc 4.2 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.2 - Ivan Zahariev)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 5.3.1.2 (HKLM-x32\...\{6E0E33C7-0706-4174-BCF2-8E7343E7F311}) (Version: 5.3.1.2 - The Document Foundation)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MKVToolNix 31.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 31.0.0 - Moritz Bunkus)
Mozilla Firefox 56.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 cs)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MusicBee 3.0 (HKLM-x32\...\MusicBee) (Version: 3.0 - Steven Mayall)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 387.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 387.92 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Opera Stable 62.0.3331.43 (HKLM-x32\...\Opera 62.0.3331.43) (Version: 62.0.3331.43 - Opera Software)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.125.0.27 - Overwolf Ltd.)
Ovládací panel NVIDIA 387.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 387.92 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Radeon RAMDisk (HKLM-x32\...\{BBC956B0-3DD9-4A48-ACAC-DC6AC0FE10D5}) (Version: 4.4.0.36 - Dataram, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21250 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.30.328.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7235 - Realtek Semiconductor Corp.)
SecuROM Diagnostic Tool (HKLM-x32\...\SecuROM Diagnostic Tool) (Version: - Sony DADC Austria)
Seznam Software (HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steep (HKLM-x32\...\Uplay Install 3279) (Version: - Ubisoft)
Stronghold Crusader Extreme HD (HKLM-x32\...\GOGPACKSTRONGHOLDCRUSADERHD_is1) (Version: 2.0.0.6 - GOG.com)
TeamSpeak (HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\Overwolf_jnabojaampcpfclojlbildognlnebnhfhibiielh) (Version: 1.0.0.1 - Overwolf app)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.3 - TeamSpeak Systems GmbH)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\1207658930_is1) (Version: 3.5.0.26 - GOG.com)
Uplay (HKLM-x32\...\Uplay) (Version: 30.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
War Thunder Launcher 1.0.3.12 (HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Wargaming.net Game Center (HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\Wargaming.net Game Center) (Version: 19.3.0.5220 - Wargaming.net)
WarThunder (HKLM-x32\...\WarThunder) (Version: - ) <==== ATTENTION
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World of Warplanes EU (HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\WOWP.EU.PRODUCTION) (Version: - Wargaming.net)
World of Warships EU (HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net)
XnView 2.39 (HKLM-x32\...\XnView_is1) (Version: 2.39 - Gougelet Pierre-e)

Packages:
=========
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-11-21] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-04-05] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-04-05] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-04-05] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-04-05] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-04-05] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-04-05] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-04-05] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-04-05] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-04-05] (Skype) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-04-05] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2847046601-3309215626-2780992325-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-29] (Free Time) [File not signed]
ContextMenuHandlers1: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-29] (Free Time) [File not signed]
ContextMenuHandlers4: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] () [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=L7wnfVip3I3cqtF8AULBRBUWwUSZbvQJxUOYEd1uzV2hbt1J9RbTipJgAAAGmEZkQie&click_id=ff9c59ff295bb863c60a8478683f4c17a24bb682 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\acer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=L7wnfVip3I3cqtF8AULBRBUWwUSZbvQJxUOYEd1uzV2hbt1J9RbTipJgAAAGmEZkQie&click_id=ff9c59ff295bb863c60a8478683f4c17a24bb682 --app-window-size=1366,768

==================== Loaded Modules (Whitelisted) ==============

2017-04-05 09:22 - 2012-07-20 13:39 - 002469888 _____ () [File not signed] C:\Program Files (x86)\IZArc\IZArcCM64.dll
2014-02-25 22:14 - 2014-02-25 22:14 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 22:11 - 2014-02-25 22:11 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2018-10-29 08:25 - 2018-10-29 08:25 - 091392000 _____ () [File not signed] C:\Users\acer\AppData\Local\GameCenter\Chrome\3.3538.1848\libcef.dll
2018-10-26 17:15 - 2018-10-26 17:15 - 000119296 _____ () [File not signed] C:\Users\acer\AppData\Local\GameCenter\Chrome\3.3538.1848\swiftshader\libegl.dll
2018-10-26 17:15 - 2018-10-26 17:15 - 002245632 _____ () [File not signed] C:\Users\acer\AppData\Local\GameCenter\Chrome\3.3538.1848\swiftshader\libglesv2.dll
2018-04-28 19:14 - 2018-04-28 19:14 - 000144896 _____ () [File not signed] C:\Users\acer\AppData\Local\GameCenter\zlib1.dll
2018-11-29 02:55 - 2018-11-29 02:55 - 000302080 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll
2018-04-28 19:14 - 2019-03-04 11:05 - 000158720 _____ (Igor Pavlov) [File not signed] C:\Users\acer\AppData\Local\GameCenter\7zxa.dll
2013-08-27 14:32 - 2013-08-27 14:32 - 000747520 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
2016-07-30 09:05 - 2016-07-30 09:05 - 000163800 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
2016-07-30 09:05 - 2016-07-30 09:05 - 003661784 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 000289240 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2014-02-25 22:17 - 2014-02-25 22:17 - 000012928 _____ (Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-02-25 22:17 - 2014-02-25 22:17 - 000107648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll
2014-02-25 22:17 - 2014-02-25 22:17 - 000134784 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
2014-02-25 22:18 - 2014-02-25 22:18 - 000033408 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\CommApi.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000085632 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\GattI.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000126592 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\gatts.DLL
2014-02-25 22:18 - 2014-02-25 22:18 - 000083072 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Handsfree.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ipc.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000063104 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ModuleManager.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 001067648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\OutLookLib.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000291456 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000130176 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\skypeagent.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\TCPConnection.dll
2014-02-25 22:18 - 2014-02-25 22:18 - 000115328 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\utils.dll
2014-02-25 22:17 - 2014-02-25 22:17 - 000319104 _____ (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
2014-02-25 22:12 - 2014-02-25 22:12 - 000308224 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\LE\LE.dll
2014-02-25 22:13 - 2014-02-25 22:13 - 000210432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll
2014-02-25 22:13 - 2014-02-25 22:13 - 000162304 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2014-02-25 22:14 - 2014-02-25 22:14 - 000177152 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BIP\BIP.dll
2014-02-25 22:12 - 2014-02-25 22:12 - 000018432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\DID\DId.dll
2014-02-25 22:11 - 2014-02-25 22:11 - 000035840 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FAX\Fax.dll
2014-02-25 22:13 - 2014-02-25 22:13 - 000421888 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2014-02-25 22:13 - 2014-02-25 22:13 - 000096256 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2014-02-25 22:09 - 2014-02-25 22:09 - 000097792 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\goep\goep.dll
2014-02-25 22:11 - 2014-02-25 22:11 - 000029696 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2014-02-25 22:12 - 2014-02-25 22:12 - 000142848 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HealthDevice\HDP.dll
2014-02-25 22:14 - 2014-02-25 22:14 - 000091136 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2014-02-25 22:09 - 2014-02-25 22:09 - 000181248 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\OppOperation\ObjPush.dll
2014-02-25 22:14 - 2014-02-25 22:14 - 000066048 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2014-02-25 22:13 - 2014-02-25 22:13 - 000067072 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\pbap\pbap.dll
2014-02-25 22:14 - 2014-02-25 22:14 - 000063488 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2014-02-25 22:13 - 2014-02-25 22:13 - 000097280 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\sap\sap.dll
2014-02-25 22:14 - 2014-02-25 22:14 - 000087552 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2014-02-25 22:13 - 2014-02-25 22:13 - 000055296 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\spp\spp.dll
2014-02-25 22:12 - 2014-02-25 22:12 - 000064512 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Sync\Sync.dll
2018-04-28 19:14 - 2018-08-06 16:17 - 000508416 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Users\acer\AppData\Local\GameCenter\libcurl.dll
2018-10-26 19:32 - 2018-10-26 19:32 - 000589824 _____ (The Chromium Authors) [File not signed] C:\Users\acer\AppData\Local\GameCenter\Chrome\3.3538.1848\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-01-04 10:42 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\acer\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_DDCF4F8EFD9886AA021E5A45064136EC"
HKU\S-1-5-21-2847046601-3309215626-2780992325-1001\...\StartupApproved\Run: => "Gaijin.Net Updater"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5D6EB378-FE0D-490A-9C9D-108AA5D872B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AB4078C3-B1DC-41A4-A1BF-D0CF2459032E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{76C9959A-5677-4E0E-BAF5-B02DF7679B3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7E9A8234-2DA9-4EA2-B856-B3914CBBF5A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{4A6B07BF-4766-4B19-8FF0-78179F9D6622}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming PCL -> Wargaming.net) [File not signed]
FirewallRules: [UDP Query User{45102556-F0C5-4F09-816F-E690F36C1790}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming PCL -> Wargaming.net) [File not signed]
FirewallRules: [{02ECFBFE-F88C-46F0-A9B4-2EC5F997CF7A}] => (Allow) C:\Games\World_of_Warplanes\WoWPLauncher.exe (Wargaming PCL -> Wargaming.net) [File not signed]
FirewallRules: [{72D59F32-437D-4257-BFA8-DBEA02BF20E6}] => (Allow) C:\Games\World_of_Warplanes\WoWPLauncher.exe (Wargaming PCL -> Wargaming.net) [File not signed]
FirewallRules: [{30579E94-5792-41F2-B014-80B4B7EC4BA0}] => (Allow) C:\Games\World_of_Warplanes\worldofwarplanes.exe (Wargaming Group Limited -> wargaming.net)
FirewallRules: [{85D832E3-EA8E-44F2-9B4A-BE0ECE72E394}] => (Allow) C:\Games\World_of_Warplanes\worldofwarplanes.exe (Wargaming Group Limited -> wargaming.net)
FirewallRules: [{FB6F3FA4-4BDA-4558-B9CA-E39975A9D061}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe (Wargaming PCL -> Wargaming.net) [File not signed]
FirewallRules: [{BE640686-4B11-4D4C-BE78-EFD0ABC5297C}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe (Wargaming PCL -> Wargaming.net) [File not signed]
FirewallRules: [{98234DAA-76F0-4D78-95E2-0C7770CDAAE8}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{E633F92C-847F-4B38-9769-464D1CCE3BDC}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{DF09122E-C565-489A-B359-19D288C35867}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{D7B855AA-F9F4-4685-AF94-4504A04D7ACF}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{9FC85E17-EFF8-4D54-8761-1037A49D66AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{06359495-6998-4939-8E1F-73D487FBD7D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8F1CBDAB-C30A-4F50-BDBB-DF93C90FBB4B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A401CD78-2702-4F9C-A684-8FE036545562}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{4B44390D-F7B5-4CA8-AC53-289214840824}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{19591AF4-4000-47DC-85A1-26BD3A9DF200}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{22D8B691-02A6-4D8B-B5E8-C5EA6846A03C}C:\games\heretic, doom, doom ii, hexen, strife\skulltag.exe] => (Allow) C:\games\heretic, doom, doom ii, hexen, strife\skulltag.exe ( ) [File not signed]
FirewallRules: [UDP Query User{51FB426C-DE60-44C0-BD5A-FEA40E6DA105}C:\games\heretic, doom, doom ii, hexen, strife\skulltag.exe] => (Allow) C:\games\heretic, doom, doom ii, hexen, strife\skulltag.exe ( ) [File not signed]
FirewallRules: [TCP Query User{0E5AA91B-30E5-4FC0-9825-D31CDD379082}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{E2C2562A-3AD8-467D-AAAF-9B71B87B49FC}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{12555B39-6C07-406A-9A56-A1A3A013FFF7}C:\games\warthunder\launcher.exe] => (Allow) C:\games\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{36D5E1E4-D27A-48BF-BE88-3FEF5B0CB471}C:\games\warthunder\launcher.exe] => (Allow) C:\games\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{6533CC73-F299-43F8-ABA1-9068B4A4B0BD}C:\games\warthunder\win64\aces.exe] => (Allow) C:\games\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{1D6F14BA-BC36-4F29-BB9E-C2358C6EAB9E}C:\games\warthunder\win64\aces.exe] => (Allow) C:\games\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{FAA41595-DA92-4A21-B751-60B5981AEA9C}C:\users\acer\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\acer\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{BC45EA09-E8BD-49EC-965C-03E225FDFB73}C:\users\acer\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\acer\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [TCP Query User{C0E27E04-A805-433C-ABDB-510F6E974E98}C:\users\acer\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\acer\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{F1B7CA32-A57B-42FB-AD53-CEF7F71D3A57}C:\users\acer\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\acer\appdata\local\mycomgames\mycomgames.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [TCP Query User{470CEB98-C92D-44AB-80B3-408C8FE9EF22}C:\mygames\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) C:\mygames\armored warfare mycom\bin64\armoredwarfare.exe (My.com B.V.) [File not signed]
FirewallRules: [UDP Query User{024A3B4D-258C-498C-B29E-DB79509AB908}C:\mygames\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) C:\mygames\armored warfare mycom\bin64\armoredwarfare.exe (My.com B.V.) [File not signed]
FirewallRules: [{401D3328-92E6-4452-9A44-64005D9C5E13}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{3866D16D-3D77-46E6-91AF-6510B1E1ADF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{F58B069C-E16F-4F02-BB61-AD0FE0189B83}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{D47592E3-E143-4910-A268-4087360D8FD0}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{61558683-42B1-455C-BB25-4A72960D95AF}C:\games\warthunder\launcher.exe] => (Allow) C:\games\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{53DC624F-159D-491C-989F-FF946E570039}C:\games\warthunder\launcher.exe] => (Allow) C:\games\warthunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{89D3DCA8-2FD9-4F0D-A554-11F557039EBB}C:\mygames\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) C:\mygames\armored warfare mycom\bin64\armoredwarfare.exe (My.com B.V.) [File not signed]
FirewallRules: [UDP Query User{BE189BDB-5145-438D-B7D2-4E4857AD7559}C:\mygames\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) C:\mygames\armored warfare mycom\bin64\armoredwarfare.exe (My.com B.V.) [File not signed]
FirewallRules: [TCP Query User{3C15919C-5F50-47D0-894D-481C6125A002}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [UDP Query User{E599E4B7-7A39-4B62-91AB-0492B80784B0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe (Blizzard Entertainment, Inc. -> )
FirewallRules: [TCP Query User{18121965-C9C1-4154-9197-EF40D3C92FB4}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{C0547410-3EBC-4E4C-BF86-92741B70F627}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{BD9869C7-25F1-4D70-ACD1-86EF15E9F726}C:\games\warthunder\win64\aces.exe] => (Block) C:\games\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{13A3E349-A22E-4E0C-AC2E-347268F34F29}C:\games\warthunder\win64\aces.exe] => (Block) C:\games\warthunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{7C89B255-04A9-4892-A022-0B77322EDF85}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming PCL -> Wargaming.net) [File not signed]
FirewallRules: [UDP Query User{EDB15C47-62D4-45E1-8DFA-376186129D62}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe (Wargaming PCL -> Wargaming.net) [File not signed]
FirewallRules: [{F496F7A7-BFAC-43F5-88CD-531A9527910E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{155A1FF7-C539-4712-8405-35C4B12A6EEF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{C308F853-B3E1-4BC0-96A4-CEDBD19A6B6D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{DADB1E9F-8C93-4FEF-93CB-7FA67AE079B5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{E7DA3635-7D3C-4922-9803-F19B6C83CA38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D568388D-44A8-44E3-A017-BCE0AAC1CE78}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A9F2A57A-4159-430A-94BF-135C8329CA2D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E5CDB064-7754-48EA-92A0-347F1DDA5A44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A24E281C-4F30-48CB-A1CD-EC7B9F425889}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{688EE6EA-938E-4C76-8378-931671505636}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{B8900359-968E-4F63-9E66-E01EB26C7214}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{713E5146-868B-4504-89DD-EFF7068C28C3}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{8E34D3E4-C76B-4D7D-A9E4-E757E22BBA62}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{32B57046-0FAC-4F66-9B46-5792E436CA79}C:\users\acer\appdata\local\mycomgames\gamecenter.exe] => (Allow) C:\users\acer\appdata\local\mycomgames\gamecenter.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [UDP Query User{7944426E-184B-450C-8557-7B964D146FB3}C:\users\acer\appdata\local\mycomgames\gamecenter.exe] => (Allow) C:\users\acer\appdata\local\mycomgames\gamecenter.exe (Mail.Ru, LLC -> MY.COM B.V.)
FirewallRules: [TCP Query User{A5C09C11-A2DF-48F5-A3A3-9C3B712295C6}C:\users\acer\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\acer\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{60D39E80-0526-4048-9BC4-20FC91F59055}C:\users\acer\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\acer\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{DB3E7784-77F5-4BB7-97E2-8778BB08CA4D}C:\gog games\the witcher 2\bin\witcher2.exe] => (Allow) C:\gog games\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [UDP Query User{03DA99E1-61DD-4315-94EF-C8FEFD7C96BF}C:\gog games\the witcher 2\bin\witcher2.exe] => (Allow) C:\gog games\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [TCP Query User{3DAED636-1965-4C07-B4B1-65EA7351FA5D}C:\gog games\the witcher 2\bin\witcher2.exe] => (Allow) C:\gog games\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [UDP Query User{E5526CD3-E4C2-48AD-A621-288A9A02D3AD}C:\gog games\the witcher 2\bin\witcher2.exe] => (Allow) C:\gog games\the witcher 2\bin\witcher2.exe () [File not signed]
FirewallRules: [{8D9E081A-E2FC-440A-97CD-A157625131BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{1262992D-6467-4601-9173-20349C9FDDCC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [TCP Query User{500048FC-40BD-4804-A6F1-96E9B33FCFC7}C:\users\acer\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\acer\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [UDP Query User{9A7FFD34-09B5-4E12-AAB5-11564884100A}C:\users\acer\appdata\local\gamecenter\gamecenter.exe] => (Allow) C:\users\acer\appdata\local\gamecenter\gamecenter.exe (Mail.Ru, LLC -> )
FirewallRules: [TCP Query User{107D9551-3242-4F80-9FB1-D3C1B8795B79}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [UDP Query User{8AAAE203-AF2B-4F64-BE12-9D7D0F82C93F}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{6C7ACB1A-96ED-47AD-B2ED-392EA2794A7D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{3EBF44DB-7A43-4BB9-A2BB-C22D6EFC2617}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{17132CD0-F103-4225-B5DF-48D5310F9609}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{C19E1806-BAA2-43D1-8863-BB9895E742A9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{D4765C55-BF98-4CC3-A5C5-9F9FC628E3FE}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{3006755C-5AAA-49F2-8DF3-40EB539EF18F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{1CE6DC56-1D49-4B94-9BCB-23C95F5F5C6F}] => (Allow) C:\Program Files\Opera\60.0.3255.170\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{B529BEC9-8D4F-4B23-863D-2FA4133E3F9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Blood Money\HitmanBloodMoney.exe () [File not signed]
FirewallRules: [{DC9DB9B5-0EA3-4297-9FAE-4961008518CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Blood Money\HitmanBloodMoney.exe () [File not signed]
FirewallRules: [{1D81EAF1-45BD-47DA-8AC0-71579CBDD3F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Blood Money\configure.exe () [File not signed]
FirewallRules: [{7C69659C-C38C-40F8-9D17-68594A97AA10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hitman Blood Money\configure.exe () [File not signed]
FirewallRules: [{5FA6773D-DC3E-42A5-986C-5EDED32E46C9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{FF2B7C46-8F56-4EFC-AB4F-60EAF5AC09B8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{4F36BA3C-D288-446D-A44F-FC1862D9B91E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{43724ACE-8145-4CD5-92B8-47BBF34F9A1D}] => (Allow) C:\Program Files\Opera\62.0.3331.43\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

19-06-2019 23:04:56 Odstraněno Heroes of Might and Magic V - Tribes of the East
30-06-2019 12:06:54 Naplánovaný kontrolní bod
02-07-2019 14:58:58 Installed Grand Theft Auto Vice City

==================== Faulty Device Manager Devices =============

Name: RAMDiskVE
Description: RAMDiskVE
Class Guid: {d617fec5-776c-4856-aa34-65d4603f2b2c}
Manufacturer: Dataram, Inc.
Service: RAMDiskVE
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/08/2019 07:03:43 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (07/08/2019 07:03:42 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (07/08/2019 01:06:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu WmiApRpl v knihovně DLL C:\Windows\system32\wbem\wmiaprpl.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (07/08/2019 01:06:56 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (07/08/2019 01:06:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu Lsa v knihovně DLL C:\Windows\System32\Secur32.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (07/08/2019 01:06:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu ESENT v knihovně DLL C:\Windows\system32\esentprf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (07/08/2019 01:06:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu .NETFramework v knihovně DLL C:\Windows\system32\mscoree.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (07/08/2019 01:06:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu WmiApRpl v knihovně DLL C:\Windows\system32\wbem\wmiaprpl.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (07/09/2019 10:09:41 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2847046601-3309215626-2780992325-1001-07092019100940770-ntuser.dat

Error: (07/09/2019 10:07:16 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2847046601-3309215626-2780992325-1001-07092019100715225-ntuser.dat

Error: (07/08/2019 07:19:51 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2847046601-3309215626-2780992325-1001-07082019191949652-ntuser.dat

Error: (07/08/2019 05:19:44 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2847046601-3309215626-2780992325-1001-07082019171944006-ntuser.dat

Error: (07/08/2019 03:19:55 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2847046601-3309215626-2780992325-1001-07082019151953923-ntuser.dat

Error: (07/08/2019 02:04:59 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2847046601-3309215626-2780992325-1001-07082019140458661-ntuser.dat

Error: (07/08/2019 02:04:56 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2847046601-3309215626-2780992325-1001-07082019140456137-ntuser.dat

Error: (07/08/2019 02:04:52 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a119\??\C:\PROGRAMDATA\MALWAREBYTES\MBAMSERVICE\S-1-5-21-2847046601-3309215626-2780992325-1001-07082019140451886-ntuser.dat


Windows Defender:
===================================
Date: 2017-04-06 12:27:52.818
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80004004
Popis chyby: Operace přerušena
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2017-04-06 11:03:13.891
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

Date: 2017-04-05 16:15:31.391
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2017-04-05 13:40:18.313
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2017-04-05 13:02:38.811
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80070002
Popis chyby: Systém nemůže nalézt uvedený soubor.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

CodeIntegrity:
===================================

Date: 2018-12-02 21:26:29.282
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-02 21:26:28.982
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-02 21:26:28.648
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-02 21:26:28.025
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-02 21:26:27.268
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-02 21:26:26.952
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-02 21:26:26.727
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-02 21:26:26.448
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.02 08/01/2014
Motherboard: Acer EA50_HWS
Processor: Intel(R) Core(TM) i5-4210M CPU @ 2.60GHz
Percentage of memory in use: 58%
Total physical RAM: 3987.27 MB
Available physical RAM: 1674.25 MB
Total Virtual: 6931.27 MB
Available Virtual: 4303.37 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:913.67 GB) (Free:500.28 GB) NTFS

\\?\Volume{3424b291-c1cf-4621-b7a5-d62b8acd8632}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.3 GB) NTFS
\\?\Volume{e0b0483b-1700-4419-beab-138ebe81d172}\ (Push Button Reset) (Fixed) (Total:16.84 GB) (Free:1.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E39257D9)

Partition: GPT.

==================== End of Addition.txt ============================

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Task: {DAC02F93-A57D-4A4E-81E8-246F492F73E6} - System32\Tasks\{26832B36-9323-4DD7-8A43-6993DBAEE770} => C:\Windows\system32\pcalua.exe -a E:\panel.exe -d E:\
znáš panel.exe?

Gaijin.Net používáš?



+
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Gaijin launcher samozřejmě mám. Historii jsem smazal už dřív.