Zpomalené PC rodičů - prosím o kontrolu a pomoc s vyčištěním Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

bobr.cz
Level 2
Level 2
Příspěvky: 210
Registrován: srpen 07
Pohlaví: Nespecifikováno

Re: Zpomalené PC rodičů - prosím o kontrolu a pomoc s vyčištěním

Příspěvekod bobr.cz » 11 čer 2020 09:12

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:08:37, on 11. 6. 2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Users\Admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Users\Admin\Desktop\Martin\cisteni\HijackThis.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKCU\..\Run: [BingSvc] C:\Users\Admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Unknown owner - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Protected Service (AntivirProtectedService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: Avira Security (AviraSecurity) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_6c63f - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Quick Access Local Service (QALSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12856 bytes



Reklama
bobr.cz
Level 2
Level 2
Příspěvky: 210
Registrován: srpen 07
Pohlaví: Nespecifikováno

Re: Zpomalené PC rodičů - prosím o kontrolu a pomoc s vyčištěním

Příspěvekod bobr.cz » 11 čer 2020 09:16

Ahoj, tak všechny logy, co jsi chtěl jsem zatím vložil. Když už je PC najeté, tak myslím, že se to o něco zrychlilo.Hlavně teda internet je o dost rychlejší. Ale nájezd Windows je stále strašně dlouhý. Trvá cca 4 minuty. Tak nevím, zda se s tím dá ještě něco dělat.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40667
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Zpomalené PC rodičů - prosím o kontrolu a pomoc s vyčištěním

Příspěvekod jaro3 » 11 čer 2020 17:34

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)


Stáhni si Memtest
http://www.stahuj.cz/utility_a_ostatni/ ... i/memtest/


Políčko , ve kterém je napsáno:
All unused RAM ponech.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".



Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

bobr.cz
Level 2
Level 2
Příspěvky: 210
Registrován: srpen 07
Pohlaví: Nespecifikováno

Re: Zpomalené PC rodičů - prosím o kontrolu a pomoc s vyčištěním

Příspěvekod bobr.cz » 12 čer 2020 21:33

Ahoj memtest jel cca 5h a měl 0 errors. Chtěl jsem zde hodit screen, ale nějak se mi nepodařil. Bylo na memtestu cca 480%.
Rodiče teda mají 4GB ram, dal jsem ještě podruhé a bylo při 190% opět 0 errors. Přikládám log z Crystalu

----------------------------------------------------------------------------
CrystalDiskInfo 8.5.2 (C) 2008-2020 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 18362] (x86)
Date : 2020/06/12 23:04:21

-- Controller Map ----------------------------------------------------------
+ Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series AHCI - 0F23 [ATA]
- WDC WD10JPVX-22JC3T0
- MATSHITA DVD-RAM UJ8HC
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD10JPVX-22JC3T0 : 1000,2 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD10JPVX-22JC3T0
----------------------------------------------------------------------------
Model : WDC WD10JPVX-22JC3T0
Firmware : 01.01A01
Serial Number : WD-WXA1E942K2VD
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 13388 hod.
Power On Count : 5320 krát
Temperature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 183 178 _21 000000000710 Čas na roztočení ploten
04 _84 _84 __0 00000000405C Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _82 _82 __0 00000000344C Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _95 _95 __0 0000000014C8 Počet cyklů zapnutí zařízení
BF _58 _58 __0 00000000002A Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000061 Počet vypnutí disku
C1 153 153 __0 000000022904 Počet cyklů načítání/vymazání
C2 114 102 __0 000000000021 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4131 4539 3432 4B32 5644
020: 0000 4000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 4A50 5658 2D32 324A 4333 5430 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F FF0E 0004 004C 0040
080: 03FE 0000 746B 7D69 6123 7469 BC49 6123 407F 0060
090: 0060 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 054F 70B6 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 5BA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B7 B2 10 07 00 00 00 00 00 04 32 00 54 54 5C
020: 40 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 52 52 4C 34 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 5F 5F C8 14 00 00 00 00 00 BF 32
070: 00 3A 3A 2A 00 00 00 00 00 00 C0 32 00 C8 C8 61
080: 00 00 00 00 00 00 C1 32 00 99 99 04 29 02 00 00
090: 00 00 C2 22 00 72 66 21 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 C8 46 01 7B
170: 03 00 01 00 02 CB 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 19

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BE
Naposledy upravil(a) bobr.cz dne 12 čer 2020 23:06, celkem upraveno 1 x.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40667
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Zpomalené PC rodičů - prosím o kontrolu a pomoc s vyčištěním

Příspěvekod jaro3 » 12 čer 2020 22:04

Memtest OK , co CrystalDiskInfo?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

bobr.cz
Level 2
Level 2
Příspěvky: 210
Registrován: srpen 07
Pohlaví: Nespecifikováno

Re: Zpomalené PC rodičů - prosím o kontrolu a pomoc s vyčištěním

Příspěvekod bobr.cz » 13 čer 2020 08:41

Vždyť jej máš v příspěvku nad tvým. Vkládám ještě jednou.

bobr.cz
Level 2
Level 2
Příspěvky: 210
Registrován: srpen 07
Pohlaví: Nespecifikováno

Re: Zpomalené PC rodičů - prosím o kontrolu a pomoc s vyčištěním

Příspěvekod bobr.cz » 13 čer 2020 08:43

----------------------------------------------------------------------------
CrystalDiskInfo 8.5.2 (C) 2008-2020 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 18362] (x86)
Date : 2020/06/13 8:43:08

-- Controller Map ----------------------------------------------------------
+ Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series AHCI - 0F23 [ATA]
- WDC WD10JPVX-22JC3T0
- MATSHITA DVD-RAM UJ8HC
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD10JPVX-22JC3T0 : 1000,2 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD10JPVX-22JC3T0
----------------------------------------------------------------------------
Model : WDC WD10JPVX-22JC3T0
Firmware : 01.01A01
Serial Number : WD-WXA1E942K2VD
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 13389 hod.
Power On Count : 5321 krát
Temperature : 28 C (82 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 183 178 _21 000000000731 Čas na roztočení ploten
04 _84 _84 __0 00000000405D Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _82 _82 __0 00000000344D Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _95 _95 __0 0000000014C9 Počet cyklů zapnutí zařízení
BF _58 _58 __0 00000000002A Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000061 Počet vypnutí disku
C1 153 153 __0 000000022905 Počet cyklů načítání/vymazání
C2 119 102 __0 00000000001C Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4131 4539 3432 4B32 5644
020: 0000 4000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 4A50 5658 2D32 324A 4333 5430 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F FF0E 0004 004C 0040
080: 03FE 0000 746B 7D69 6123 7469 BC49 6123 407F 0060
090: 0060 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 054F 70B6 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 5BA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B7 B2 31 07 00 00 00 00 00 04 32 00 54 54 5D
020: 40 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 52 52 4D 34 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 5F 5F C9 14 00 00 00 00 00 BF 32
070: 00 3A 3A 2A 00 00 00 00 00 00 C0 32 00 C8 C8 61
080: 00 00 00 00 00 00 C1 32 00 99 99 05 29 02 00 00
090: 00 00 C2 22 00 77 66 1C 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 C8 46 01 7B
170: 03 00 01 00 02 CB 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F4

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BE

bobr.cz
Level 2
Level 2
Příspěvky: 210
Registrován: srpen 07
Pohlaví: Nespecifikováno

Re: Zpomalené PC rodičů - prosím o kontrolu a pomoc s vyčištěním

Příspěvekod bobr.cz » 13 čer 2020 08:51

Plus nový log z HJT

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:49:37, on 13. 6. 2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)


Boot mode: Normal

Running processes:
C:\Users\Admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Users\Admin\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKCU\..\Run: [BingSvc] C:\Users\Admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Unknown owner - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Protected Service (AntivirProtectedService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Avira Optimizer Host (AviraOptimizerHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
O23 - Service: Avira Phantom VPN (AviraPhantomVPN) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
O23 - Service: Avira Security (AviraSecurity) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
O23 - Service: Avira Updater Service (AviraUpdaterService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_de5e5c - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Quick Access Local Service (QALSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
O23 - Service: Quick Access Service (QASvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12593 bytes

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40667
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Zpomalené PC rodičů - prosím o kontrolu a pomoc s vyčištěním

Příspěvekod jaro3 » 13 čer 2020 14:56

HJT OK , Disk přesto , že je starší OK.

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

další odkaz:
https://www.bleepingcomputer.com/downlo ... scan-tool/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

bobr.cz
Level 2
Level 2
Příspěvky: 210
Registrován: srpen 07
Pohlaví: Nespecifikováno

Re: Zpomalené PC rodičů - prosím o kontrolu a pomoc s vyčištěním

Příspěvekod bobr.cz » 14 čer 2020 14:43

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Admin (14-06-2020 14:26:03)
Running from C:\Users\Admin\Desktop
Windows 10 Home Version 1903 18362.836 (X64) (2019-08-24 14:44:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2866737151-1370967378-3497241429-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2866737151-1370967378-3497241429-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2866737151-1370967378-3497241429-503 - Limited - Disabled)
Guest (S-1-5-21-2866737151-1370967378-3497241429-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2866737151-1370967378-3497241429-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . . (HKLM\...\{FDF43F53-B12C-41F4-B248-F67CE924E7D7}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{4A7F2465-EAE2-4A22-9842-2A0F537F243E}) (Version: 2.6.2.4 - Intel) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.371 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Aloha TriPeaks (HKLM-x32\...\WTA-c8a8163c-57d4-47f6-968a-4e2034d246cf) (Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Avira (HKLM-x32\...\{0bb4751a-1ff2-4c79-80df-5bab5da63823}) (Version: 1.2.116.18787 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{4BC31208-EC3B-453B-8819-6B81AE3EC153}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{caade1ea-26aa-4e8f-a4f0-59cf0c0e91a5}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2006.1895 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.33.5.26382 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.30.9723 - Avira Operations GmbH & Co. KG)
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-e166a577-4513-495a-9dbe-96a72c2ad755) (Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform)
CrystalDiskInfo 8.5.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.5.2 - Crystal Dew World)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
ELAN HIDI2C Filter Driver X64 13.6.3.1_WHQL (HKLM\...\Elantech) (Version: 13.6.3.1 - ELAN Microelectronic Corp.)
Farm to Fork Collector's Edition (HKLM-x32\...\WTA-6e4545af-3e2e-4027-a561-d66ae5840bbb) (Version: 3.0.2.59 - WildTangent) Hidden
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Glary Utilities 5.88 (HKLM-x32\...\Glary Utilities 5) (Version: 5.88.0.109 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-76ca1901-3f54-493f-81b5-c79808454dff) (Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 604.10135.1001.55518 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{66e8e99a-eb6f-4403-9fc2-0ddd4d6f353e}) (Version: 2.6.2.4 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-5755ee5c-133b-4207-b4c3-7dbd077d0c8b) (Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (HKLM-x32\...\WTA-238fe9f9-b6cf-4229-ac6c-6d098ab63f37) (Version: 3.0.2.48 - WildTangent) Hidden
LibreOffice 5.4 Help Pack (Czech) (HKLM-x32\...\{593AE11E-7474-4373-A125-146DF537044D}) (Version: 5.4.3.2 - The Document Foundation)
LibreOffice 5.4.3.2 (HKLM-x32\...\{CAE1C579-A42B-4A1E-9765-9D6648EFBD25}) (Version: 5.4.3.2 - The Document Foundation)
LUXOR Evolved (HKLM-x32\...\WTA-8fa673ea-77d1-4458-9ff7-57255c515186) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-f0a00875-9924-4842-8297-cd4535da7589) (Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft OneDrive (HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 76.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 76.0.1 (x64 cs)) (Version: 76.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 76.0.1.7432 - Mozilla)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH)
Peggle Nights (HKLM-x32\...\WTA-01303eba-7d07-4a8c-aedd-4bbbc4303cd5) (Version: 2.2.0.98 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-a9ce2a46-b987-410f-b7f7-5c046691c30a) (Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-bae20991-9609-4614-86db-d2d89ab99842) (Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.65 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RogueKiller version 14.5.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.5.0.0 - Adlice Software)
Skype verze 8.51 (HKLM-x32\...\Skype_is1) (Version: 8.51 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.6.7 - TeamViewer)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-384663e7-70fc-4b6e-b0e2-d0e43378bae1) (Version: 3.0.2.51 - WildTangent) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Trinklit Supreme (HKLM-x32\...\WTA-de98649c-aca3-431a-b8f8-21431f7f8089) (Version: 2.2.0.98 - WildTangent) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.13 - WildTangent) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zemana AntiMalware verze 3.1.495 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.495 - Zemana)
Zuma's Revenge (HKLM-x32\...\WTA-fddc3f7a-8382-4eae-b627-1cde9b7049bb) (Version: 2.2.0.97 - WildTangent) Hidden

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2016-01-01] (WildTangent Games)
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2016-07-07] (Acer Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.170.200.0_x86__kgqvnymyfvs32 [2020-06-12] (king.com)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2016-01-01] (eBay, Inc)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_6.24.8919.0_x86__q4d96b2w5wcc2 [2020-03-12] (Evernote)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2019-10-05] (Fitbit)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-15] (Flipboard)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2016-01-01] (AMZN Mobile LLC)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.41.21603.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2016-01-01] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2016-01-01] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2016-01-01] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
Videomomentky -> C:\Program Files\WindowsApps\Microsoft.MovieMoments_6.3.9654.20464_x64__8wekyb3d8bbwe [2016-01-02] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2866737151-1370967378-3497241429-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> [CC]{4380C993-0C43-4E02-9A7A-0D40B6EA7590} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-09-04] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-06-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> [CC]{435E5DF5-2510-463C-B223-BDA47006D002} => -> No File
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-06-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-06-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Admin\Desktop\Aplikace Acer\Dropbox.lnk -> C:\Program Files\Dropbox\StartURL.exe () -> hxxps://www.dropbox.com/partners/acer2014/download
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2010-11-18 22:08 - 2016-10-04 16:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2016-01-01 22:18 - 2017-02-02 20:19 - 000115200 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-06-11 00:50 - 2020-06-12 15:29 - 000000813 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Acer\abFiles\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.11.1 - 185.159.168.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "PDFCreatorRestart"
HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\...\StartupApproved\Run: => "GUDelayStartup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{42508010-2759-4D50-91DF-EFFC86B4E314}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{11D4BC2B-F3FA-403B-B9C0-0A4117632E9B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FDF84201-2F42-4293-B594-90E4F3040813}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{505FE3B7-7653-4010-9456-32709B2B691C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{994E6C27-8540-4930-A73C-9A89D478DDBA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{1B55C801-1C5E-4631-8638-D68687805A32}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{90D4F836-5222-4478-90D8-AFABFE063765}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{3B06229C-C462-4A9B-9DDE-691095778AD6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{80ECF497-00A8-431C-80E2-5C36EBF4BAD6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{DE1747DC-74E8-449A-B617-C0E25B628593}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{580FAFE4-5755-42A0-8F3B-32B0607EEBB5}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{B5DB0E46-7701-458A-A39F-174457FE6FC7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{651C875D-7980-4B54-9492-25263CF0443D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{1AEF6175-4910-460B-8267-6523859E62C1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{43877679-8C79-4836-9EF3-29AD2C0E1232}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{2FD614D2-3200-4E24-8FA5-DF172A8CCB9D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{944CC07A-1EAB-4BE5-99E1-6BED765B115F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{7B7E9447-A1CB-4685-B444-8FD28B90A326}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{A38173F2-DE08-4D35-A89A-3D2F45F9B300}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{DA6A8DD3-FFDC-4C88-AA27-575F2438EA14}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{CE8A3D7C-5A2F-40C0-934A-1A2EC1456883}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{D3EAFFDF-C7CA-4C26-8ACB-C19EF8EF71D1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{CD5ACA3F-9033-4247-BE2F-C79D0809EFE5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{81BDF6CE-2060-4578-A82A-D0D498E30A9B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{100C728A-3731-4A9A-85FB-16C749CAF8B7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{C0FFD77E-B690-44E9-9639-BDCF0BFB707B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{11573387-9208-47B9-82F1-128970E62923}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{E7FC02BF-D408-4570-BB0E-29FE0AE9301F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{7D618907-1462-4B09-9556-73B82D41DA2F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{686272F2-764B-49F9-AD49-F82D233CDCDC}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{2FA9762C-8DAA-41CD-AC69-4AB3EE7C9AC1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{2782C109-7546-43CE-A448-285ABC4F3C99}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{A8DF113D-EE3B-4D25-8A8B-654752FAA9EE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{66D82733-0E09-409D-9037-1A1F2696B040}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{D19BDCA1-79A9-44CC-B93D-C23AD6DBB9A3}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{44F9A2D6-3EDB-4C26-95B8-163492C0EB90}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{A003F692-DB56-4EDC-A038-51BFB69FABCE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{EC37651E-EA2A-45BB-A180-194E2DD904D1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{AC2FA46F-CFEC-4B5A-AA64-BB816CF64CD5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A4F8E40F-FC3C-447C-BB7D-9E4DFD66F8AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8C64BF46-4271-471B-A19C-588FC8AB8515}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{965729C0-7611-4B92-8074-D3075BBB5711}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{DF757B7F-3D03-4834-A0AD-8F6474485A6F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{BD4F56FE-C717-4AFA-A532-FF4B6597027E}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{5EF10BCE-DF90-47E2-98F9-50B6BAB039AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22720744-230F-4445-9771-5C8E87FB9B00}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AADA0AC9-4484-431C-B345-BC5EB391A4C8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BB749906-5E3F-499B-9258-A82661654956}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C412C921-83AC-43A4-88A9-C22985DF50FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{28083ED0-9391-4491-BA22-58BD2EE54B04}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1077BFB3-6DEB-4487-84F7-87DDD818A5B0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1414C8AC-D04A-428C-8526-E809CA219532}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{693F7DA1-D651-42E5-97EE-8E63195D98F2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{32364E85-BC96-4E5F-B66E-C42B64913155}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{BB065535-F3C5-4A3C-9FB0-90E9F8496509}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{A634A7B9-DC92-4733-91A5-62440209799E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{A02A79CD-3AF3-4727-B3C6-12435CE66D7C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{A4EC6FD9-64A9-43A5-988C-A12CA13A67ED}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{5B0A8986-CF0E-444E-9980-89AA689A5F63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{B1F860CC-1D61-4207-B006-64CD753AC1CC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1EDCE1DD-BA08-4B43-9A4C-A1A18BEE8FBD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5E008C4D-7C9C-4BC0-A93B-37A9A31EC8A1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E1947DEE-1262-41F0-8E69-68C73BB80A0D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{ED7E9C87-0A4B-4D9B-8776-ABACD87E5520}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [TCP Query User{540B5EE3-9F60-4A2E-AA59-2807F0EE0D08}C:\users\admin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\admin\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{FCF8E123-88AB-4637-B2EC-EC7BF2315F44}C:\users\admin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\admin\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1C758031-B6A1-4BEE-B1AA-4178FFDDC1A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{592920D1-63CD-437C-9148-C50E88177E48}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{775038FA-1A78-4A80-801E-0EE0804FE00B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CF5BF461-5B46-4B70-968F-7E3AECD104A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0873F324-C74C-46DD-B3E0-478098E2E9ED}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E0C3010D-A1E6-4C0A-8002-7CABA46348D5}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DB5EFD98-BC19-498D-AB26-AA43E4AB7996}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{3590BD5F-8447-4DFE-90DF-52CD23559B4E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{89E0EC33-4365-4B88-B2CD-2C54ACDB6897}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Restore Points =========================

09-06-2020 17:45:04 JRT Pre-Junkware Removal
14-06-2020 00:19:53 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/14/2020 02:04:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13432,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/14/2020 01:32:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9684,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/14/2020 10:17:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11276,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/14/2020 09:12:11 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6628,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/14/2020 09:01:15 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3108,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/13/2020 10:59:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8884,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/13/2020 07:27:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10812,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/13/2020 02:18:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12644,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (06/14/2020 12:41:02 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (06/14/2020 12:23:15 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (06/13/2020 09:14:38 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (06/12/2020 03:08:34 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/12/2020 03:06:34 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/12/2020 03:04:34 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/12/2020 03:03:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.

Error: (06/11/2020 09:26:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba USER_ESRV_SVC_QUEENCREEK byla ukončena s následující chybou:
%%497


CodeIntegrity:
===================================

Date: 2020-06-11 03:02:23.381
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:02:23.261
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:02:23.074
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:02:22.983
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:02:22.936
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:02:22.868
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:02:22.849
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:00:17.421
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.10 12/15/2014
Motherboard: Acer Aspire ES1-512
Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 69%
Total physical RAM: 3977.98 MB
Available physical RAM: 1201.23 MB
Total Virtual: 5422.06 MB
Available Virtual: 1975.11 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:915.38 GB) (Free:840.48 GB) NTFS

\\?\Volume{89fed287-34d0-48cf-a696-2dcc0d382fc7}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.3 GB) NTFS
\\?\Volume{dafcf26f-5c82-4fbe-a3e6-1307656dfda7}\ (Push Button Reset) (Fixed) (Total:15.13 GB) (Free:2.1 GB) NTFS
\\?\Volume{fa8de8be-49ea-4a3f-af24-aae9d66b8251}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 76C70A3C)

Partition: GPT.

==================== End of Addition.txt =======================

bobr.cz
Level 2
Level 2
Příspěvky: 210
Registrován: srpen 07
Pohlaví: Nespecifikováno

Re: Zpomalené PC rodičů - prosím o kontrolu a pomoc s vyčištěním

Příspěvekod bobr.cz » 14 čer 2020 14:44

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2020
Ran by Admin (14-06-2020 14:26:03)
Running from C:\Users\Admin\Desktop
Windows 10 Home Version 1903 18362.836 (X64) (2019-08-24 14:44:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2866737151-1370967378-3497241429-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2866737151-1370967378-3497241429-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2866737151-1370967378-3497241429-503 - Limited - Disabled)
Guest (S-1-5-21-2866737151-1370967378-3497241429-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2866737151-1370967378-3497241429-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . . (HKLM\...\{FDF43F53-B12C-41F4-B248-F67CE924E7D7}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{4A7F2465-EAE2-4A22-9842-2A0F537F243E}) (Version: 2.6.2.4 - Intel) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.009.20067 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.371 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Aloha TriPeaks (HKLM-x32\...\WTA-c8a8163c-57d4-47f6-968a-4e2034d246cf) (Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Avira (HKLM-x32\...\{0bb4751a-1ff2-4c79-80df-5bab5da63823}) (Version: 1.2.116.18787 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{4BC31208-EC3B-453B-8819-6B81AE3EC153}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{caade1ea-26aa-4e8f-a4f0-59cf0c0e91a5}) (Version: 1.2.146.25871 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.2006.1895 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.33.5.26382 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.0.30.9723 - Avira Operations GmbH & Co. KG)
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-e166a577-4513-495a-9dbe-96a72c2ad755) (Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.67 - Piriform)
CrystalDiskInfo 8.5.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.5.2 - Crystal Dew World)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
ELAN HIDI2C Filter Driver X64 13.6.3.1_WHQL (HKLM\...\Elantech) (Version: 13.6.3.1 - ELAN Microelectronic Corp.)
Farm to Fork Collector's Edition (HKLM-x32\...\WTA-6e4545af-3e2e-4027-a561-d66ae5840bbb) (Version: 3.0.2.59 - WildTangent) Hidden
FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Glary Utilities 5.88 (HKLM-x32\...\Glary Utilities 5) (Version: 5.88.0.109 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-76ca1901-3f54-493f-81b5-c79808454dff) (Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 604.10135.1001.55518 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{66e8e99a-eb6f-4403-9fc2-0ddd4d6f353e}) (Version: 2.6.2.4 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel(R) Corporation) Hidden
IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-5755ee5c-133b-4207-b4c3-7dbd077d0c8b) (Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (HKLM-x32\...\WTA-238fe9f9-b6cf-4229-ac6c-6d098ab63f37) (Version: 3.0.2.48 - WildTangent) Hidden
LibreOffice 5.4 Help Pack (Czech) (HKLM-x32\...\{593AE11E-7474-4373-A125-146DF537044D}) (Version: 5.4.3.2 - The Document Foundation)
LibreOffice 5.4.3.2 (HKLM-x32\...\{CAE1C579-A42B-4A1E-9765-9D6648EFBD25}) (Version: 5.4.3.2 - The Document Foundation)
LUXOR Evolved (HKLM-x32\...\WTA-8fa673ea-77d1-4458-9ff7-57255c515186) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-f0a00875-9924-4842-8297-cd4535da7589) (Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.31 - )
Microsoft OneDrive (HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\...\OneDriveSetup.exe) (Version: 20.064.0329.0008 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 76.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 76.0.1 (x64 cs)) (Version: 76.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 76.0.1.7432 - Mozilla)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH)
Peggle Nights (HKLM-x32\...\WTA-01303eba-7d07-4a8c-aedd-4bbbc4303cd5) (Version: 2.2.0.98 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-a9ce2a46-b987-410f-b7f7-5c046691c30a) (Version: 3.0.2.59 - WildTangent) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-bae20991-9609-4614-86db-d2d89ab99842) (Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.65 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RogueKiller version 14.5.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.5.0.0 - Adlice Software)
Skype verze 8.51 (HKLM-x32\...\Skype_is1) (Version: 8.51 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.6.7 - TeamViewer)
The Chronicles of Emerland Solitaire (HKLM-x32\...\WTA-384663e7-70fc-4b6e-b0e2-d0e43378bae1) (Version: 3.0.2.51 - WildTangent) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Trinklit Supreme (HKLM-x32\...\WTA-de98649c-aca3-431a-b8f8-21431f7f8089) (Version: 2.2.0.98 - WildTangent) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.11.13 - WildTangent) Hidden
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zemana AntiMalware verze 3.1.495 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.495 - Zemana)
Zuma's Revenge (HKLM-x32\...\WTA-fddc3f7a-8382-4eae-b627-1cde9b7049bb) (Version: 2.2.0.97 - WildTangent) Hidden

Packages:
=========
- Games App - -> C:\Program Files\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m [2016-01-01] (WildTangent Games)
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2016-07-07] (Acer Incorporated)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.170.200.0_x86__kgqvnymyfvs32 [2020-06-12] (king.com)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2016-01-01] (eBay, Inc)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_6.24.8919.0_x86__q4d96b2w5wcc2 [2020-03-12] (Evernote)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2019-10-05] (Fitbit)
Flipboard -> C:\Program Files\WindowsApps\Flipboard.Flipboard_2.1.3.0_neutral__3f5azkryzdbc4 [2017-07-15] (Flipboard)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2016-01-01] (AMZN Mobile LLC)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-03] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.41.21603.0_x64__8wekyb3d8bbwe [2020-06-12] (Microsoft Corporation)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2016-01-01] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2016-01-01] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2016-01-01] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
Videomomentky -> C:\Program Files\WindowsApps\Microsoft.MovieMoments_6.3.9654.20464_x64__8wekyb3d8bbwe [2016-01-02] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2866737151-1370967378-3497241429-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-01-19] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [DefragglerShellExtension] -> [CC]{4380C993-0C43-4E02-9A7A-0D40B6EA7590} => -> No File
ContextMenuHandlers1: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-09-04] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-06-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [Glary Utilities] -> [CC]{B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> [CC]{435E5DF5-2510-463C-B223-BDA47006D002} => -> No File
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-06-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2020-06-05] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Admin\Desktop\Aplikace Acer\Dropbox.lnk -> C:\Program Files\Dropbox\StartURL.exe () -> hxxps://www.dropbox.com/partners/acer2014/download
ShortcutWithArgument: C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2010-11-18 22:08 - 2016-10-04 16:51 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2016-01-01 22:18 - 2017-02-02 20:19 - 000115200 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-06-11 00:50 - 2020-06-12 15:29 - 000000813 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Acer\abFiles\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\acer01.jpg
DNS Servers: 192.168.11.1 - 185.159.168.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "PDFCreatorRestart"
HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\...\StartupApproved\Run: => "GUDelayStartup"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{42508010-2759-4D50-91DF-EFFC86B4E314}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{11D4BC2B-F3FA-403B-B9C0-0A4117632E9B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FDF84201-2F42-4293-B594-90E4F3040813}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{505FE3B7-7653-4010-9456-32709B2B691C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{994E6C27-8540-4930-A73C-9A89D478DDBA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{1B55C801-1C5E-4631-8638-D68687805A32}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{90D4F836-5222-4478-90D8-AFABFE063765}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{3B06229C-C462-4A9B-9DDE-691095778AD6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{80ECF497-00A8-431C-80E2-5C36EBF4BAD6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{DE1747DC-74E8-449A-B617-C0E25B628593}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{580FAFE4-5755-42A0-8F3B-32B0607EEBB5}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{B5DB0E46-7701-458A-A39F-174457FE6FC7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{651C875D-7980-4B54-9492-25263CF0443D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{1AEF6175-4910-460B-8267-6523859E62C1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{43877679-8C79-4836-9EF3-29AD2C0E1232}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{2FD614D2-3200-4E24-8FA5-DF172A8CCB9D}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{944CC07A-1EAB-4BE5-99E1-6BED765B115F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{7B7E9447-A1CB-4685-B444-8FD28B90A326}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{A38173F2-DE08-4D35-A89A-3D2F45F9B300}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{DA6A8DD3-FFDC-4C88-AA27-575F2438EA14}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{CE8A3D7C-5A2F-40C0-934A-1A2EC1456883}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{D3EAFFDF-C7CA-4C26-8ACB-C19EF8EF71D1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{CD5ACA3F-9033-4247-BE2F-C79D0809EFE5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{81BDF6CE-2060-4578-A82A-D0D498E30A9B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{100C728A-3731-4A9A-85FB-16C749CAF8B7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{C0FFD77E-B690-44E9-9639-BDCF0BFB707B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{11573387-9208-47B9-82F1-128970E62923}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{E7FC02BF-D408-4570-BB0E-29FE0AE9301F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{7D618907-1462-4B09-9556-73B82D41DA2F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{686272F2-764B-49F9-AD49-F82D233CDCDC}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{2FA9762C-8DAA-41CD-AC69-4AB3EE7C9AC1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{2782C109-7546-43CE-A448-285ABC4F3C99}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{A8DF113D-EE3B-4D25-8A8B-654752FAA9EE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{66D82733-0E09-409D-9037-1A1F2696B040}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{D19BDCA1-79A9-44CC-B93D-C23AD6DBB9A3}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{44F9A2D6-3EDB-4C26-95B8-163492C0EB90}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{A003F692-DB56-4EDC-A038-51BFB69FABCE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{EC37651E-EA2A-45BB-A180-194E2DD904D1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{AC2FA46F-CFEC-4B5A-AA64-BB816CF64CD5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A4F8E40F-FC3C-447C-BB7D-9E4DFD66F8AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8C64BF46-4271-471B-A19C-588FC8AB8515}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{965729C0-7611-4B92-8074-D3075BBB5711}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{DF757B7F-3D03-4834-A0AD-8F6474485A6F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{BD4F56FE-C717-4AFA-A532-FF4B6597027E}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (chen jun hao -> Free Time) [File not signed]
FirewallRules: [{5EF10BCE-DF90-47E2-98F9-50B6BAB039AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{22720744-230F-4445-9771-5C8E87FB9B00}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AADA0AC9-4484-431C-B345-BC5EB391A4C8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{BB749906-5E3F-499B-9258-A82661654956}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C412C921-83AC-43A4-88A9-C22985DF50FB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{28083ED0-9391-4491-BA22-58BD2EE54B04}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1077BFB3-6DEB-4487-84F7-87DDD818A5B0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1414C8AC-D04A-428C-8526-E809CA219532}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{693F7DA1-D651-42E5-97EE-8E63195D98F2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{32364E85-BC96-4E5F-B66E-C42B64913155}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{BB065535-F3C5-4A3C-9FB0-90E9F8496509}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{A634A7B9-DC92-4733-91A5-62440209799E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{A02A79CD-3AF3-4727-B3C6-12435CE66D7C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{A4EC6FD9-64A9-43A5-988C-A12CA13A67ED}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{5B0A8986-CF0E-444E-9980-89AA689A5F63}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{B1F860CC-1D61-4207-B006-64CD753AC1CC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1EDCE1DD-BA08-4B43-9A4C-A1A18BEE8FBD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5E008C4D-7C9C-4BC0-A93B-37A9A31EC8A1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E1947DEE-1262-41F0-8E69-68C73BB80A0D}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{ED7E9C87-0A4B-4D9B-8776-ABACD87E5520}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [TCP Query User{540B5EE3-9F60-4A2E-AA59-2807F0EE0D08}C:\users\admin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\admin\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{FCF8E123-88AB-4637-B2EC-EC7BF2315F44}C:\users\admin\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\admin\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{1C758031-B6A1-4BEE-B1AA-4178FFDDC1A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{592920D1-63CD-437C-9148-C50E88177E48}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{775038FA-1A78-4A80-801E-0EE0804FE00B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CF5BF461-5B46-4B70-968F-7E3AECD104A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0873F324-C74C-46DD-B3E0-478098E2E9ED}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E0C3010D-A1E6-4C0A-8002-7CABA46348D5}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DB5EFD98-BC19-498D-AB26-AA43E4AB7996}] => (Block) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{3590BD5F-8447-4DFE-90DF-52CD23559B4E}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
FirewallRules: [{89E0EC33-4365-4B88-B2CD-2C54ACDB6897}] => (Allow) C:\Program Files (x86)\Avira\SoftwareUpdater\avirasoftwareupdatertoastnotificationsbridge.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)

==================== Restore Points =========================

09-06-2020 17:45:04 JRT Pre-Junkware Removal
14-06-2020 00:19:53 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/14/2020 02:04:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13432,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/14/2020 01:32:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9684,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/14/2020 10:17:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11276,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/14/2020 09:12:11 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6628,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/14/2020 09:01:15 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3108,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/13/2020 10:59:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8884,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/13/2020 07:27:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10812,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (06/13/2020 02:18:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12644,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (06/14/2020 12:41:02 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (06/14/2020 12:23:15 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (06/13/2020 09:14:38 PM) (Source: BTHUSB) (EventID: 5) (User: )
Description: Ovladač Bluetooth očekával událost HCI s určitou velikostí, ale neobdržel ji.

Error: (06/12/2020 03:08:34 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/12/2020 03:06:34 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/12/2020 03:04:34 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {B91D5831-B1BD-4608-8198-D72E155020F7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/12/2020 03:03:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.

Error: (06/11/2020 09:26:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba USER_ESRV_SVC_QUEENCREEK byla ukončena s následující chybou:
%%497


CodeIntegrity:
===================================

Date: 2020-06-11 03:02:23.381
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:02:23.261
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:02:23.074
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:02:22.983
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:02:22.936
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:02:22.868
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:02:22.849
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-06-11 03:00:17.421
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.10 12/15/2014
Motherboard: Acer Aspire ES1-512
Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 69%
Total physical RAM: 3977.98 MB
Available physical RAM: 1201.23 MB
Total Virtual: 5422.06 MB
Available Virtual: 1975.11 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:915.38 GB) (Free:840.48 GB) NTFS

\\?\Volume{89fed287-34d0-48cf-a696-2dcc0d382fc7}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.3 GB) NTFS
\\?\Volume{dafcf26f-5c82-4fbe-a3e6-1307656dfda7}\ (Push Button Reset) (Fixed) (Total:15.13 GB) (Free:2.1 GB) NTFS
\\?\Volume{fa8de8be-49ea-4a3f-af24-aae9d66b8251}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 76C70A3C)

Partition: GPT.

==================== End of Addition.txt =======================

bobr.cz
Level 2
Level 2
Příspěvky: 210
Registrován: srpen 07
Pohlaví: Nespecifikováno

Re: Zpomalené PC rodičů - prosím o kontrolu a pomoc s vyčištěním

Příspěvekod bobr.cz » 14 čer 2020 15:11

Asi jsem 2x vložil addition, tak ještě frst.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2020
Ran by Admin (administrator) on ACERNTB (Acer Aspire ES1-512) (14-06-2020 14:00:47)
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin
Platform: Windows 10 Home Version 1903 18362.836 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2016-01-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [238568 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44016 2017-11-20] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\...\Run: [BingSvc] => C:\Users\Admin\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-12-26] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [83523944 2019-08-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [29072568 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-06-08] (Adobe Inc. -> Adobe)
HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\...\MountPoints2: {305af1f4-f80e-11e9-8548-d0534916139e} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [221184 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [115200 2017-02-02] (pdfforge GmbH) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.97\Installer\chrmstp.exe [2020-06-05] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{9459C573-B17A-45AE-9F64-1857B5D58CEE}] -> C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\Installer\setup.exe [2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] ->
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] ->
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C49AA0-9E40-4640-B4A8-C4670551537C} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [127176 2020-05-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {06DA1029-CA6C-40C5-9AFC-F2AF6EA98C3F} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {0A26A436-77A8-4916-9BC7-E685E7D0E55C} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [659520 2019-11-04] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {0A5CFA30-F630-4DA7-ADF1-BB0D5F00BE3C} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [134648 2017-11-20] (Glarysoft LTD -> Glarysoft Ltd)
Task: {152DC1D3-52F7-44C7-B17D-7E8DE87ED6D3} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [379232 2015-07-09] (Acer Incorporated -> Acer Incorporated)
Task: {27A70E26-D2DC-43CE-A32F-75ED156F9EB4} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [897520 2017-11-20] (Glarysoft LTD -> Glarysoft Ltd)
Task: {27BF843B-20D4-4B4A-BAA3-AD520730CF99} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {338ACBB7-177F-4C50-A6A2-FAF90D683117} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4644256 2015-11-25] (Acer Incorporated -> )
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {39033CA1-8B94-46E3-B4B0-18557972C0CB} - System32\Tasks\Avira_Security_Update => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [228040 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {5A222398-D341-48A3-B88F-A394A92C8D13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-03] (Google Inc -> Google Inc.)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {6042ec74-88be-472b-a02f-dcad360fd0b6} - no filepath
Task: {6089320C-04AB-4BF3-B002-90763B7BE4D2} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {65A4EFF8-D8ED-4022-8169-36B2C0B68571} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40288 2015-07-17] (Acer Incorporated -> )
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {761011D2-B75E-456E-AF7B-4DB72CFCCCA4} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [379232 2015-07-09] (Acer Incorporated -> Acer Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8766107E-76F9-422A-AD84-3A017B8F0921} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-08] (Adobe Inc. -> Adobe)
Task: {89755D8E-4709-403A-9664-AB14684A2025} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [384256 2015-05-14] (Acer Incorporated -> Acer Incorporated)
Task: {8D4FE116-69A4-44D7-AB3F-AE9D3B6C02EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {9B225D04-7D76-435D-8AA5-56B887B0C34C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO: <Company name>)
Task: {9C3C300C-85B4-4954-87C0-3754C042B904} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24690360 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A48FF56C-9849-47EB-914D-A0F754895234} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2759632 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {A665A7D0-A7B7-4FD7-8E80-6851AB56C6FC} - System32\Tasks\CareCenter\Avira SystrayStartTrigger_Reg_HKLMWow6432Run => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [238568 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {C5E6556A-574F-4DF7-895B-B3481789CA7B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2919840 2015-11-25] (Acer Incorporated -> )
Task: {C74DBCF3-A6DB-4F86-BA6E-0535D456E55C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CB77E17F-70BE-4DD3-B3C5-F29C8A00DA24} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-03] (Google Inc -> Google Inc.)
Task: {CBFEBC8E-3DF2-45CE-96DE-3EC8B800164F} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [419048 2014-12-30] (Acer Incorporated -> Acer Incorporate)
Task: {CD03A9D4-79E7-496F-B8CA-E734C9902192} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {CD801D40-ABF1-46B4-81E8-DE60F9A2C111} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2418392 2016-09-09] (Acer Incorporated -> Acer)
Task: {CE29C4C7-F571-4190-8A01-3FF3FA5978BA} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2016-08-15] (Acer Incorporated -> )
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {CF1E0540-2778-4820-9FFF-286902BE660F} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2016-08-30] (Acer Incorporated -> Acer Incorporated)
Task: {E9C4922B-3084-4BAF-AF92-9AE840549E89} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F3F5AE95-4B54-41AE-989C-7F8BEEF320CD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-06-08] (Adobe Inc. -> Adobe)
Task: {FDA0DC8D-E618-4FB8-89A8-B430B541AEDC} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.11.1 185.159.168.62
Tcpip\..\Interfaces\{580ab555-eca0-420f-a8f1-58b8fd8aca88}: [DhcpNameServer] 192.168.11.1 185.159.168.62
Tcpip\..\Interfaces\{a11245ba-361b-4fd9-a4cb-91c9dcd47683}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2866737151-1370967378-3497241429-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2866737151-1370967378-3497241429-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2866737151-1370967378-3497241429-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-28] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-28] (Oracle America, Inc. -> Oracle Corporation)

Edge:
======
Edge DefaultProfile: Default

FireFox:
========
FF DefaultProfile: da3xvu3f.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\da3xvu3f.default [2020-06-14]
FF NewTab: Mozilla\Firefox\Profiles\da3xvu3f.default -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\da3xvu3f.default -> hxxps://jojfamily.onesignal.com; hxxps://prosvet.cz; hxxps://www.nabytek-helcel.cz; hxxps://www.facebook.com; hxxps://www.dobre-knihy.cz
FF Extension: (Avira Browser Safety) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\da3xvu3f.default\Extensions\abs@avira.com.xpi [2020-06-09]
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\da3xvu3f.default\searchplugins\bing-.xml [2018-04-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-06-08] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-06-08] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] (Foxit Corporation -> )
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] (Foxit Corporation -> )
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-28] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] (WildTangent Inc -> )

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2020-06-14]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=__PARA ... PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=_ ... M__&query={searchTerms}
CHR Extension: (Prezentace) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-11]
CHR Extension: (Dokumenty) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-11]
CHR Extension: (Disk Google) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-06-11]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-11]
CHR Extension: (Avira Password Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2020-06-11]
CHR Extension: (Avira Safe Shopping) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2020-06-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-06-11]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2020-06-11]
CHR Extension: (Tabulky) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-11]
CHR Extension: (Avira Browser Safety) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2020-06-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-11]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-06-11]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-2866737151-1370967378-3497241429-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1208664 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [537144 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [483832 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [483832 2020-05-29] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [573256 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [416072 2018-06-26] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [636264 2020-05-08] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383240 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [243856 2020-05-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161552 2020-04-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated -> Acer Incorporated)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-06] (Microsoft Corporation -> Microsoft Corporation)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated -> Acer Incorporated)
S2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel(R) Software Development Products -> )
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent Inc -> WildTangent)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [328624 2015-10-07] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit Information Technology -> IObit)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporated -> Acer Incorporate)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-09] (Malwarebytes Inc -> Malwarebytes)
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\83.0.478.45\elevation_service.exe [1507208 2020-06-04] (Microsoft Corporation -> Microsoft Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated -> Acer Incorporated)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] (CyberLink -> )
S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13059640 2020-05-27] (Adlice -> )
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [156928 2016-11-17] (Intel(R) Software Development Products -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13088784 2020-05-25] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (Acer Incorporated -> acer)
S2 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [805632 2016-11-17] (Intel(R) Software Development Products -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-06-11] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [208016 2020-05-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [199752 2020-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [89736 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-02-27] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [69440 2018-06-26] (Qualcomm Atheros -> Qualcomm)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-12] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [175152 2016-01-02] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [51128 2015-06-24] (WDKTestCert sys_dpebuild,130674149657513416 -> Intel Corporation)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2016-01-01] (Glarysoft Ltd -> Glarysoft Ltd)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [83576 2015-06-24] (WDKTestCert sys_dpebuild,130676860727038218 -> Intel Corporation)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-06-10] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-11] (Malwarebytes Inc -> Malwarebytes)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] (Intel(R) Code Signing External -> )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-14 14:00 - 2020-06-14 14:03 - 000032205 _____ C:\Users\Admin\Desktop\FRST.txt
2020-06-14 14:00 - 2020-06-14 14:02 - 000000000 ____D C:\FRST
2020-06-14 13:43 - 2020-06-14 13:43 - 002289152 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2020-06-14 00:21 - 2020-05-15 06:29 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-14 00:21 - 2020-05-15 06:10 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-06-12 23:04 - 2020-06-12 23:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2020-06-12 23:04 - 2020-06-12 23:04 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2020-06-12 15:29 - 2020-06-12 15:29 - 000000000 ____D C:\Users\Admin\Desktop\backups
2020-06-11 09:26 - 2020-06-11 09:26 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058857-000000.txt
2020-06-11 09:26 - 2020-06-11 09:26 - 000002426 _____ C:\WINDOWS\system32\default_error_stack-058858-000000.txt
2020-06-11 09:04 - 2020-06-11 09:04 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058855-000000.txt
2020-06-11 09:04 - 2020-06-11 09:04 - 000002426 _____ C:\WINDOWS\system32\default_error_stack-058856-000000.txt
2020-06-11 08:47 - 2020-06-11 09:08 - 000000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2020-06-11 08:45 - 2020-06-14 14:22 - 000556710 _____ C:\WINDOWS\ZAM.krnl.trace
2020-06-11 08:45 - 2020-06-11 08:45 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-06-11 08:45 - 2020-06-11 08:45 - 000003542 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-06-11 08:45 - 2020-06-11 08:45 - 000000000 ____D C:\Users\Admin\AppData\Local\Zemana
2020-06-11 08:45 - 2020-06-11 08:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-06-11 08:45 - 2020-06-11 08:45 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-06-11 08:44 - 2020-06-11 08:52 - 000000000 ____D C:\Users\Admin\AppData\Local\AMSDK
2020-06-11 08:27 - 2020-06-11 08:27 - 000000000 ____D C:\Users\Admin\AppData\Roaming\ProductData
2020-06-11 08:25 - 2020-06-11 08:25 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058853-000000.txt
2020-06-11 08:25 - 2020-06-11 08:25 - 000002426 _____ C:\WINDOWS\system32\default_error_stack-058854-000000.txt
2020-06-11 01:38 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2020-06-11 00:02 - 2020-06-11 00:04 - 000000000 ____D C:\Users\TEMP\AppData\Local\Packages
2020-06-11 00:00 - 2020-06-11 00:04 - 000000000 ____D C:\Users\TEMP
2020-06-11 00:00 - 2020-06-11 00:00 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058851-000000.txt
2020-06-11 00:00 - 2020-06-11 00:00 - 000002426 _____ C:\WINDOWS\system32\default_error_stack-058852-000000.txt
2020-06-10 23:49 - 2020-06-10 23:49 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058850-000000.txt
2020-06-10 23:48 - 2020-06-10 23:48 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-06-10 20:50 - 2020-06-10 23:24 - 000000000 ____D C:\zoek_backup
2020-06-10 14:31 - 2020-06-10 14:31 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058849-000000.txt
2020-06-10 14:26 - 2020-06-13 12:51 - 000000000 ____D C:\Users\Public\Security Sessions
2020-06-10 14:08 - 2020-06-10 14:08 - 000000000 ____D C:\Users\Admin\AppData\Local\Opera Software
2020-06-10 14:05 - 2020-06-10 14:05 - 000003546 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2020-06-10 14:05 - 2020-06-10 14:05 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Opera Software
2020-06-10 14:03 - 2020-06-10 14:26 - 000000000 ____D C:\Users\Admin\AppData\Local\Avira
2020-06-10 14:02 - 2020-06-13 12:52 - 000000000 ____D C:\Users\Public\Speedup Sessions
2020-06-10 13:56 - 2020-06-10 13:57 - 004344656 _____ (Avira Operations GmbH & Co. KG) C:\Users\Admin\Downloads\avira_en_sptl1___sptlglb06.exe
2020-06-10 13:49 - 2020-06-10 13:49 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058848-000000.txt
2020-06-10 13:49 - 2020-06-10 13:49 - 000002426 _____ C:\WINDOWS\system32\default_error_stack-058847-000000.txt
2020-06-10 04:18 - 2020-06-10 05:38 - 000000000 ____D C:\Program Files\RogueKiller
2020-06-10 04:18 - 2020-06-10 04:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-06-10 04:17 - 2020-06-10 14:11 - 000000000 ____D C:\ProgramData\RogueKiller
2020-06-09 21:30 - 2020-06-09 21:30 - 000000000 ____D C:\ProgramData\Sophos
2020-06-09 21:29 - 2020-06-09 21:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-06-09 21:29 - 2020-06-09 21:29 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-06-09 17:26 - 2020-06-09 17:26 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058846-000000.txt
2020-06-09 17:01 - 2020-06-11 08:23 - 000730936 _____ C:\WINDOWS\ntbtlog.txt
2020-06-09 17:01 - 2020-06-11 00:37 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-06-09 16:28 - 2020-06-11 08:25 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-09 16:28 - 2020-06-09 16:28 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-06-09 16:28 - 2020-06-09 16:28 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-06-09 16:28 - 2020-06-09 16:28 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-09 16:28 - 2020-06-09 16:28 - 000000000 ____D C:\Users\Admin\AppData\Local\mbam
2020-06-09 16:28 - 2020-06-09 16:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-09 16:27 - 2020-06-09 16:27 - 000000000 ____D C:\Program Files\Malwarebytes
2020-06-09 16:27 - 2020-06-09 16:27 - 000000000 ____D C:\Malwarebytes
2020-06-09 16:19 - 2020-06-09 16:19 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058845-000000.txt
2020-06-09 16:04 - 2020-06-09 16:08 - 000000000 ____D C:\AdwCleaner
2020-06-09 16:01 - 2020-06-12 15:07 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2020-06-09 15:55 - 2020-06-09 15:55 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058844-000000.txt
2020-06-09 15:50 - 2020-06-09 15:50 - 000000000 ____D C:\Users\Admin\AppData\Local\AOP SDK
2020-06-09 15:43 - 2020-06-09 15:43 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache
2020-06-09 00:09 - 2020-06-09 00:09 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058843-000000.txt
2020-06-08 15:45 - 2020-06-08 15:45 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058842-000000.txt
2020-06-08 15:24 - 2020-06-08 15:24 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058841-000000.txt
2020-06-08 14:56 - 2020-06-08 14:57 - 025859024 _____ (Piriform Software Ltd) C:\Users\Admin\Downloads\ccsetup567.exe
2020-06-08 14:55 - 2020-06-08 15:10 - 000000000 ____D C:\Users\Admin\Desktop\Martin
2020-06-08 14:44 - 2020-06-08 14:44 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058840-000000.txt
2020-06-06 09:46 - 2020-06-06 09:46 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058839-000000.txt
2020-06-06 09:41 - 2020-06-06 21:32 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-06 09:41 - 2020-06-06 21:32 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-06 09:41 - 2020-06-06 21:25 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-06 09:41 - 2020-06-06 21:25 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-05-28 17:14 - 2020-05-28 17:14 - 000065293 _____ C:\Users\Admin\Downloads\Seznam_prijemcu_COVID.xlsx
2020-05-26 15:27 - 2020-05-26 15:27 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058838-000000.txt
2020-05-21 10:42 - 2020-05-21 10:42 - 000004341 _____ C:\WINDOWS\system32\default_error_stack-058837-000000.txt
2020-05-15 09:40 - 2020-05-15 09:40 - 000002426 _____ C:\WINDOWS\system32\default_error_stack-058836-000000.txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-06-14 14:19 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-06-14 13:44 - 2016-01-01 22:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-06-14 13:35 - 2019-08-24 15:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-06-14 13:27 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-14 09:54 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-14 09:01 - 2019-08-24 16:43 - 000004196 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D8328607-4F0B-4C62-B795-876B8B5C3DD2}
2020-06-14 08:55 - 2016-01-02 09:54 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2020-06-13 12:39 - 2016-11-18 18:16 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2020-06-12 20:35 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-06-11 09:25 - 2019-08-24 16:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-11 09:24 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-06-11 00:48 - 2016-01-02 10:01 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2020-06-11 00:02 - 2019-03-19 06:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-06-11 00:02 - 2016-01-02 09:52 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-10 20:42 - 2016-01-02 11:06 - 000000000 ____D C:\Users\Admin\Desktop\Aplikace Acer
2020-06-10 14:30 - 2019-08-24 15:50 - 000364448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-10 14:05 - 2017-02-02 20:57 - 000000000 ____D C:\ProgramData\Avira
2020-06-10 14:05 - 2017-02-02 20:57 - 000000000 ____D C:\Program Files (x86)\Avira
2020-06-10 14:04 - 2017-02-02 20:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-06-09 21:23 - 2019-08-24 16:20 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-09 21:23 - 2019-03-19 13:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-06-09 21:23 - 2019-03-19 13:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-06-09 21:23 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-06-09 16:28 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-06-09 15:49 - 2016-09-02 10:54 - 000000000 ____D C:\Users\Admin\AppData\Local\ConnectedDevicesPlatform
2020-06-08 15:17 - 2016-11-01 10:27 - 000000000 ____D C:\Program Files\Common Files\McAfee
2020-06-08 15:17 - 2014-07-25 11:39 - 000000000 ____D C:\ProgramData\McAfee
2020-06-08 15:01 - 2020-02-10 16:44 - 000000000 ____D C:\WINDOWS\Minidump
2020-06-08 14:58 - 2019-08-24 16:43 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-06-08 14:58 - 2016-01-01 22:40 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-06-08 14:35 - 2019-08-24 16:43 - 000004596 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-08 14:34 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-06-08 14:34 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-06-05 21:18 - 2016-01-02 10:15 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-06-05 10:38 - 2017-01-03 20:59 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-05 10:38 - 2017-01-03 20:59 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-04 21:51 - 2017-12-04 13:56 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages
2020-06-04 10:14 - 2019-08-24 16:43 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2866737151-1370967378-3497241429-1001
2020-06-04 10:14 - 2019-08-24 16:05 - 000002369 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-04 10:14 - 2016-01-01 21:11 - 000000000 ___RD C:\Users\Admin\OneDrive
2020-05-31 09:59 - 2017-06-01 14:32 - 000000000 ____D C:\Program Files\UNP
2020-05-21 13:31 - 2019-08-24 16:05 - 000000000 ____D C:\Users\Admin
2020-05-20 11:38 - 2017-02-02 21:03 - 000208016 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2020-05-15 09:37 - 2017-12-04 14:22 - 000000000 ___RD C:\Users\Admin\3D Objects
2020-05-15 00:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\TextInput
2020-05-15 00:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-05-15 00:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-05-15 00:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-05-15 00:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-05-15 00:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-05-15 00:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Provisioning
2020-05-15 00:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-05-15 00:37 - 2019-03-19 06:52 - 000000000 ____D C:\PerfLogs

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 5 hostů