File Explorer jako usporen, Win 10

1

File Explorer jako usporen, Win 10

offline
  • Pridružio: 15 Dec 2008
  • Poruke: 166
  • Gde živiš: Beograd

Napisano: 14 Jan 2022 12:40

U poslednjih mesec dana File Explorer se jako sporo otvara, zelena traka u gornjoj šini se odmotava ceo minut (nekad i duže), a pritom dok ona ne dođe do kraja desno nijedna komanda nije prihvaćena, a ikonice foldera su bele-prazne (ne vidi se razlika u njihovom tipu, docx, video, muzika i sl.). Ceo spori postupak se ponavlja i kad se nakon otvaranja (tad se vide razlike u tipu foldera), klikne na pojedinačni folder (opet zelena traka otvaranja teče presporo), naročito za video-foldere (avi, mkv, mp4 i sl.), dok se Word, jpg, mp3 ili PDF otvaraju nešto brže. Najčešće se to događa na disku D (HDD), Download, mada nije previše popunjen. Disk C je SSD, Windows je 10, uredno apdejtovan.

Dopuna: 14 Jan 2022 12:51

rradovan ::U poslednjih mesec dana File Explorer se jako sporo otvara, zelena traka u gornjoj šini se odmotava ceo minut (nekad i duže), a pritom dok ona ne dođe do kraja desno nijedna komanda nije prihvaćena, a ikonice foldera su bele-prazne (ne vidi se razlika u njihovom tipu, docx, video, muzika i sl.). Ceo spori postupak se ponavlja i kad se nakon otvaranja (tad se vide razlike u tipu foldera), klikne na pojedinačni folder (opet zelena traka otvaranja teče presporo), naročito za video-foldere (avi, mkv, mp4 i sl.), dok se Word, jpg, mp3 ili PDF otvaraju nešto brže. Najčešće se to događa na disku D (HDD), Download, mada nije previše popunjen. Disk C je SSD, Windows je 10, uredno apdejtovan.


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
() [File not signed] C:\Program Files\Atomic Alarm Clock\timeserv.exe
() [File not signed] C:\ProgramData\Microsoft\Windows\DeviceMetadataStore\cache\conhost.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <5>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Driver Updater\DriverUpdSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Driver Updater\DriverUpdUI.exe <4>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(iolo technologies, LLC -> iolo technologies, LLC) [File not signed] C:\Program Files (x86)\Phoenix360\System Mechanic\ioloGovernor64.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.55\identity_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <28>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(The qBittorrent Project) [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
(voidtools -> voidtools) C:\Program Files\Everything\Everything.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MRT] => C:\WINDOWS\system32\MRT.exe [137938848 2021-12-17] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572536 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2240288 2019-02-04] (voidtools -> voidtools)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [4336920 2021-12-16] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [MalTray] => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe [926200 2017-02-27] (Glarysoft LTD -> Glarysoft Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-12-08] (Intel Corporation -> Intel)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1957820526-533511395-3661414503-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2017-07-17] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-1957820526-533511395-3661414503-1000\...\Run: [AtomicAlarmClock6] => C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [5321728 2016-08-16] () [File not signed]
HKU\S-1-5-21-1957820526-533511395-3661414503-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1957820526-533511395-3661414503-1000\...\Run: [MicrosoftEdgeAutoLaunch_3AC0E8863975FA6563B03DB4D68DC569] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-1957820526-533511395-3661414503-1000\...\Run: [Viber] => C:\Users\RR\AppData\Local\Viber\Viber.exe [51151120 2021-12-16] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-1957820526-533511395-3661414503-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3500 series XPS: C:\WINDOWS\system32\CNMXLMBV.DLL [394240 2013-04-04] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\RR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2021-11-03]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk *
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\RR\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009D4352-1C11-4B12-A28D-7833A52FF6A4} - System32\Tasks\ActiveSync-SystemMechanic => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\activesync.exe [194800 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {055E4CDD-1404-47AE-B0DA-DA7B1B3F2C97} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {08C343A5-B51F-484B-8791-F52C3DED5309} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {09C91372-205A-4CFD-9479-72D3557E8B97} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {15206B4F-730F-43BC-8D4E-692FEA82A8BE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {18D9BC47-E684-45D4-A36F-E00939BEE5B8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1BB23819-57F3-4721-B06B-62022C368445} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {203F7142-3665-4F11-9FBE-6A4713CA12C7} - System32\Tasks\{084081DC-F70A-4A4F-BEBC-ABD9CAE51B70} => "c:\windows\system32\launchwinapp.exe" hxxps://ui.skype.com/ui/0/7.33.0.105/en/go/help.faq.installer?LastError=1603
Task: {20DC0F5F-49B6-4376-957F-2922A2E2EDCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2B89D859-369D-4DA9-B2DA-FB5A94E179A4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {2DA924DE-00B3-429F-A6FA-DBF8296C2210} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2F458821-0629-4E79-8DDE-328AA8185182} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {2F9C54CB-0AF9-446C-9970-EE21D3D02721} - System32\Tasks\ioloAVDefsDownloader => C:\Program Files (x86)\Phoenix360\System Mechanic\SSDefs.exe [134888 2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {438E2C4E-0EE5-4398-B906-DFCB0A2F129E} - System32\Tasks\CCleanerSkipUAC - RR => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {44ED989D-0242-4DE0-BE62-816D926F862A} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1957820526-533511395-3661414503-1009 => C:\Users\RR\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4BFD3F03-3A24-4192-B9E7-EF925D820DB4} - System32\Tasks\ioloActiveCare => C:\Program Files (x86)\Phoenix360\System Mechanic\systemmechanic.exe [414968 2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {4CB290C1-8BAC-44E4-9A7D-B5D9965E3D0B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {4F716A37-4A46-4D42-9543-164676B5E9DB} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\Phoenix360\System Mechanic\iologovernor64.exe [713648 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC) [File not signed]
Task: {591DAAA1-5458-4358-B88C-E1688C17BBBA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5F19938B-9005-4886-BFD5-7A86167E41A3} - System32\Tasks\SafeZone scheduled Autoupdate 1478735171 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {67152034-D691-4606-ADD1-5E84AB8222AA} - System32\Tasks\{761D47F2-2261-4C29-872B-08D6E5840FEC} => "c:\windows\system32\launchwinapp.exe" hxxps://ui.skype.com/ui/0/7.33.0.105/en/go/help.faq.installer?source=lightinstaller&LastError=1603
Task: {67CE3124-787F-487D-A88C-EEDB3BE70943} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {6858C9E9-C5A9-4EAE-8F68-1C0C063BF0F0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6A70D739-58DF-4701-A7BA-11B15EFCCF6D} - System32\Tasks\{D4F9155E-065F-417E-A161-49E06A28CCB6} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.21.0.100/en/abandoninstall?source=lightinstaller&page=tsBing
Task: {72C06137-93AC-4139-AEBF-449E3E599294} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {73692337-B04C-4C61-91FE-A84D0A8E028B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {767706F6-71D4-4A1E-9CBC-36648B3939A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-01-08] (Adobe Inc. -> Adobe)
Task: {78E994C0-CEEF-4BBA-B234-DFFBE666316D} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4760344 2021-12-16] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid abb4efc7-0f2d-46d1-9eef-f759042cd570
Task: {7BCE8286-5473-4A66-9631-ED3855AC4D34} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7E345AD6-4709-406B-A008-99D62C4C8683} - System32\Tasks\{D5812F0B-3A45-47CB-A0F6-AD8700F329A4} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Yahoo!\Widgets\InstallRunner.exe" -d "C:\Program Files (x86)\Yahoo!\Widgets"
Task: {80479685-3534-4BE7-8CE1-00F3D7008EE2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8310BD37-C671-4E35-A3B1-1774326841EF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {839AB333-DE1C-4B53-9B57-ABB280889480} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [1286144 2017-09-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {86A193D8-0295-4C14-9407-5A02257FAF9F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {87554DB2-D453-432B-A772-4BD104954C31} - System32\Tasks\{FED5D64D-B4D7-4B11-ADAB-923E7F4527A7} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.21.0.100/en/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {8C30F32C-C884-4E03-ABC4-7A79ACA57FB6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {8DEF1E00-1FA7-4D2B-8685-8F6982EC1556} - System32\Tasks\{CC7A20E2-01B1-45B5-A568-A695136B0E17} => C:\Windows\system32\pcalua.exe -a "D:\01 Download\widgetsus.exe" -d "D:\01 Download"
Task: {8EAA295E-872C-4853-9415-59F74E1F419E} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {9308E261-129D-43B2-9DFB-B8F29BAB7F96} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {938DD5C4-9414-486A-83DB-5C79AAB586D5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {9A671260-E369-4112-96EC-FBDED5CD572D} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A78066C6-834D-4DFC-83B9-90AAD57A9E1D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A9CA5C70-2EE4-408C-A5D6-F17AF1AEE805} - System32\Tasks\{17C4FCB2-BAE1-45EE-B216-4432EB8C8984} => "c:\windows\system32\launchwinapp.exe" hxxps://ui.skype.com/ui/0/7.33.0.104/en/go/help.faq.installer?source=lightinstaller&LastError=1603
Task: {A9D73C6C-E46A-4B9E-A386-D1DBF2ECF66B} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [6475544 2021-12-16] (Avast Software s.r.o. -> Avast Software)
Task: {AC06146B-9560-4118-8F89-5C8386124CE7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-01] (Google LLC -> Google LLC)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B29E2CEB-A5B1-403B-9D5E-6248B91951BF} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [134640 2017-07-17] (Glarysoft LTD -> Glarysoft Ltd)
Task: {B50C5119-9215-4D33-8264-7BE2094D4481} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [897528 2017-07-17] (Glarysoft LTD -> Glarysoft Ltd)
Task: {B96E2888-B48B-4AF7-8EF5-0326BADB627E} - System32\Tasks\Microsoft\Windows\PLA\System\{4923C320-A6DE-4448-B171-34380E25F545}_System Diagnostics => Command(1): C:\WINDOWS\system32\rundll32.exe -> C:\WINDOWS\system32\pla.dll,PlaHost "system\System Diagnostics" "$(Arg0)"
Task: {B96E2888-B48B-4AF7-8EF5-0326BADB627E} - System32\Tasks\Microsoft\Windows\PLA\System\{4923C320-A6DE-4448-B171-34380E25F545}_System Diagnostics => Command(2): C:\WINDOWS\system32\schtasks.exe -> /delete /f /tn "\Microsoft\Windows\PLA\System\{4923C320-A6DE-4448-B171-34380E25F545}_System Diagnostics"
Task: {BBB72543-86FE-4EF0-ADF1-22E75DE178B7} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {BD6D47BF-9402-4072-8E29-196604A6A198} - System32\Tasks\GMHSkipUAC => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2303992 2017-02-27] (Glarysoft LTD -> Glarysoft Ltd)
Task: {BFB60210-7750-49F4-88E7-1C3432A5900B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C03F7A78-6F95-4D46-8910-909E3985D166} - System32\Tasks\SafeZone scheduled Autoupdate 1478728427 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {C3A240A1-7BF1-4B26-8775-41AEEE55EBC8} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {C5914AE0-DFDA-450F-9595-5725C86B7BD8} - System32\Tasks\{2808D1B8-FD96-44BE-894A-A05507686D3B} => C:\Windows\system32\pcalua.exe -a "E:\01 INSTAL\01 SubtitleWorkshop251.exe" -d "E:\01 INSTAL"
Task: {C7794263-B06F-4A93-91BA-900ED6CFED2B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {C7B1E0C8-B370-4C54-B813-600760B90FC0} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [1657856 2017-01-25] (Informer Technologies, Inc.) [File not signed]
Task: {CDB774BA-F500-4B07-903A-7CA61B58EC47} - \FKHUqGXICk -> No File <==== ATTENTION
Task: {CE95F748-542D-4D0F-A392-50EE2896DF84} - System32\Tasks\Maylace2 Metrics HTML Editor => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Maylace2 Metrics HTML Editor\Maylace2 Metrics HTML Editor.dll",aImUTxWiZcgF <==== ATTENTION
Task: {D4B2F167-C87F-4B70-B7F7-04ED42E4B456} - System32\Tasks\ioloTUDsDownloader => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\activesync.exe [194800 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {D8905937-759B-4A56-99F1-387BD09692B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-01] (Google LLC -> Google LLC)
Task: {DB7C433E-629D-4BCB-B165-B5816269C6C8} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {DFE1823B-DEFC-4D6B-9420-4399A3C2A315} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-04-05] () [File not signed]
Task: {E0FDF5A5-BA03-4731-A1CD-FF830940DE4D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E6FBFCE1-567C-44B9-8B3E-682C1A8A8134} - System32\Tasks\{9065D61D-C539-4C8A-95E7-7B37ACDBBB7C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.21.0.100/en/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {E9B1DA97-6A22-45C2-A2DC-986D5B51ACE1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {EFE9E6B5-2AB0-4FC0-8684-2EB6BB4748D3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
Task: {F5A0D9A1-3292-406B-A3F9-9166C3D565FF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
Task: {F761C4F3-4D45-41B1-80FA-E3B3E06AC212} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c (No File)
Task: {F8291F7D-0B4E-4212-A609-0FC1E99147E4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8EE0164-C9F6-4355-AFE8-DAAB2326BFC5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler (No File)
Task: {F968A490-5191-449D-A29D-CCD4DB869284} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
Task: {FA354947-5F2A-42F0-BFEB-30852B7707D8} - System32\Tasks\ActiveMessenger-SystemMechanic => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\ActiveMessenger.exe [323328 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {FACA9332-1499-453B-AF6C-A5F1114DF88A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {FC2551B4-22EC-4F0C-99A6-4F8CDD8FE958} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2021-01-08] (Adobe Inc. -> Adobe)
Task: {FCAE4C09-5207-4698-A90A-6E6E0A62DE3A} - System32\Tasks\ioloSystemShield => C:\Program Files (x86)\Phoenix360\System Mechanic\ioloSSTray.exe [344304 2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{007eb021-d9d2-4d8d-b056-36d7e1815db4}: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{1b6eabd2-a487-4628-85aa-d2ea6f1d46c9}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{1b6eabd2-a487-4628-85aa-d2ea6f1d46c9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{606ff9b2-c456-4981-87a8-f4431fbf1c6b}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{7be43317-a0aa-40a1-ade5-bce808ea0153}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{b76dc418-be5d-481b-b09a-c72ef2de77b6}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{c7773393-cdfd-11e7-83d6-806e6f6e6963}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{eaf7dee3-0200-4c8c-b9d5-6ebe756aabd2}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{eaf7dee3-0200-4c8c-b9d5-6ebe756aabd2}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{f293cd2d-6ba1-4401-8b4d-a2eaa92aac4f}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{f293cd2d-6ba1-4401-8b4d-a2eaa92aac4f}: [DhcpNameServer] 192.168.42.129

Edge:
=======
DownloadDir: D:\01 DOWNLOAD
Edge HomeButtonPage: HKU\S-1-5-21-1957820526-533511395-3661414503-1000 -> about:tabs
Edge Notifications: HKU\S-1-5-21-1957820526-533511395-3661414503-1000 -> hxxps://www.facebook.com; hxxps://mail.google.com; hxxps://www.putovnica.net; hxxps://www2.thefastpush.com; hxxps://www.saznajnovo.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => path not found
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => path not found
Edge Extension: (OneNote Web Clipper) -> EdgeExtension_MicrosoftOneNoteWebClipper_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.OneNoteWebClipper_3.8.1.0_neutral__8wekyb3d8bbwe [2019-06-04]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => path not found
Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2021-06-05]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => path not found
Edge DefaultProfile: Default
Edge Profile: C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-14]
Edge DownloadDir: Default -> D:\01 DOWNLOAD
Edge Notifications: Default -> hxxps://mail.google.com; hxxps://www.facebook.com; hxxps://www.giveawayoftheday.com; hxxps://www.putovnica.net; hxxps://www.saznajnovo.com
Edge HomePage: Default -> edge://newtab/
Edge Extension: (Mailtrack - Email Tracker for Gmail) - C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cemhcpmgfkheedjjbgflkldmkoiappji [2021-03-16]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-12-15]
Edge Extension: (OneNote Web Clipper) - C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oogbnpmeihfgnccdnmmlgicknopghhma [2021-10-22]
Edge Profile: C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-01-12]
Edge Profile: C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-01-12]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-08]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 49t3cpch.default
FF ProfilePath: C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default [2022-01-14]
FF user.js: detected! => C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default\user.js [2016-09-23]
FF DownloadDir: D:\01 DOWNLOAD
FF Notifications: Mozilla\Firefox\Profiles\49t3cpch.default -> hxxps://mg.mail.yahoo.com
FF Extension: (English United States Dictionary) - C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default\Extensions\@unitedstatesenglishdictionary.xpi [2020-01-14]
FF Extension: (Avast Passwords) - C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2019-05-27] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (English (US) Language Pack) - C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2021-08-12]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default\Extensions\sp@avast.com.xpi [2019-02-26]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-09-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2021-01-08] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2021-01-08] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.15 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\RR\AppData\Local\Google\Chrome\User Data\Default [2022-01-12]
CHR DownloadDir: D:\01 DOWNLOAD
CHR Extension: (Slides) - C:\Users\RR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-01]
CHR Extension: (Adobe Acrobat) - C:\Users\RR\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\RR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-12-16]
CHR Extension: (Email Tracker for Gmail - Mailtrack) - C:\Users\RR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2021-12-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\RR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-09]
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Brave:
=======
BRA Profile: C:\Users\RR\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-01-12]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\RR\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-07-12]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\RR\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-07-12]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\RR\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-07-12]
BRA Extension: (PDF Viewer) - C:\Users\RR\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-07-12]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\RR\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-07-12]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-01-08] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R2 AtomicAlarmClock; C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [7204632 2021-12-16] (Avast Software s.r.o. -> AVAST Software)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39352 2021-12-08] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177080 2021-12-08] (Intel Corporation -> Intel)
R2 Everything; C:\Program Files\Everything\Everything.exe [2240288 2019-02-04] (voidtools -> voidtools)
S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [7785656 2021-09-16] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6138112 2021-12-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (Anvsoft Inc. -> AnvSoft Inc.)
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2016-10-23] (Glarysoft Ltd -> Glarysoft Ltd)
S3 GUMHFilters; C:\Program Files (x86)\Glarysoft\Malware Hunter\Native\winxp_x64\GUMHFilter.sys [37688 2016-11-04] (Glarysoft LTD -> GlarySoft Ltd)
R1 GUSBootStartup; C:\WINDOWS\System32\drivers\GUSBootStartup.sys [20160 2016-10-23] (Glarysoft Ltd -> Glarysoft Ltd)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-01-04] (Martin Malik - REALiX -> REALiX(tm))
R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [44096 2017-03-29] (IObit Information Technology -> IObit.com)
S3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39288 2017-03-08] (IObit Information Technology -> IObit.com)
S3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40440 2017-02-17] (IObit Information Technology -> IObit)
S3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [33600 2017-02-17] (IObit Information Technology -> IObit.com)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2022-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-18] (Malwarebytes Inc -> Malwarebytes)
S3 PCWinSoft; C:\WINDOWS\system32\DRIVERS\scrcamhrdrv_x64.sys [241800 2012-10-11] (PCWinSoft Systems Informatica Ltda -> Windows (R) Server 2003 DDK provider)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52792 2017-02-17] (IObit Information Technology -> IObit.com)
S3 RimVSerPort; C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2022-01-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-02] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\RR\AppData\Local\Temp\tmp67F.tmp [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-14 12:42 - 2022-01-14 12:43 - 000045950 _____ C:\Users\RR\Desktop\FRST.txt
2022-01-14 12:42 - 2022-01-14 12:43 - 000000000 ____D C:\FRST
2022-01-14 12:42 - 2022-01-14 12:42 - 002311680 _____ (Farbar) C:\Users\RR\Desktop\FRST64.exe
2022-01-12 23:24 - 2022-01-12 23:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2022-01-12 23:24 - 2022-01-12 23:24 - 000000000 ____D C:\Program Files\qBittorrent
2022-01-12 21:53 - 2022-01-12 21:53 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-01-12 20:16 - 2022-01-12 20:16 - 000000000 ___HD C:\$SysReset
2022-01-12 18:23 - 2022-01-12 18:23 - 000001039 _____ C:\Users\RR\Desktop\M3 Portable - Shortcut.lnk
2022-01-12 12:36 - 2022-01-12 12:36 - 000000000 ___HD C:\$WinREAgent
2022-01-11 22:10 - 2022-01-12 21:31 - 000000000 ____D C:\WINDOWS\Panther
2022-01-10 21:46 - 2022-01-14 12:36 - 000003312 _____ C:\WINDOWS\system32\Tasks\ioloTUDsDownloader
2022-01-10 21:46 - 2022-01-14 12:36 - 000003194 _____ C:\WINDOWS\system32\Tasks\ioloAVDefsDownloader
2022-01-10 21:46 - 2022-01-14 12:36 - 000003038 _____ C:\WINDOWS\system32\Tasks\ioloActiveCare
2022-01-10 21:46 - 2022-01-14 12:36 - 000002724 _____ C:\WINDOWS\system32\Tasks\ioloSystemShield
2022-01-10 21:46 - 2022-01-14 12:36 - 000002488 _____ C:\WINDOWS\system32\Tasks\iolo Process Governor
2022-01-10 21:46 - 2022-01-10 21:54 - 000000000 ____D C:\ProgramData\ioloGovernor
2022-01-10 21:37 - 2022-01-14 12:36 - 000003304 _____ C:\WINDOWS\system32\Tasks\ActiveSync-SystemMechanic
2022-01-10 21:37 - 2022-01-14 12:36 - 000003270 _____ C:\WINDOWS\system32\Tasks\ActiveMessenger-SystemMechanic
2022-01-10 21:37 - 2022-01-10 21:38 - 000000000 ____D C:\ProgramData\Phoenix360
2022-01-10 21:37 - 2022-01-10 21:37 - 000000000 ____D C:\Users\RR\AppData\Local\iolo
2022-01-10 21:37 - 2022-01-10 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic
2022-01-10 21:37 - 2022-01-10 21:37 - 000000000 ____D C:\ProgramData\iolo
2022-01-10 21:37 - 2022-01-10 21:37 - 000000000 ____D C:\Program Files (x86)\Phoenix360
2022-01-05 18:15 - 2022-01-05 18:15 - 001686208 _____ ( ) C:\Users\RR\Downloads\aiseesoft-pdf-to-word-converter-3.3.36.exe
2021-12-31 11:04 - 2021-12-31 11:04 - 000000000 ____D C:\Users\RR\AppData\Local\PCHealthCheck
2021-12-27 06:47 - 2021-12-27 06:47 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-27 06:47 - 2021-12-27 06:47 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-27 06:47 - 2021-12-27 06:47 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-21 18:13 - 2021-12-21 18:13 - 000000000 ____D C:\Users\RR\AppData\Local\Viber
2021-12-17 12:58 - 2021-12-17 12:58 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-17 02:17 - 2021-12-17 02:17 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-17 02:17 - 2021-12-17 02:17 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-17 02:16 - 2021-12-17 02:16 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-17 02:16 - 2021-12-17 02:16 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-16 18:45 - 2021-12-16 18:45 - 002712047 _____ C:\Users\RR\Desktop\desni ekstremizam.Srbija.pdf
2021-12-16 18:42 - 2021-12-16 18:41 - 001776629 _____ C:\Users\RR\Desktop\Ekstremizam desnica sveske34.pdf
2021-12-16 18:36 - 2021-12-16 18:36 - 001706010 _____ C:\Users\RR\Desktop\Antifasisticki vodic za ljepsi svijet.pdf
2021-12-15 21:20 - 2021-12-15 21:20 - 000000000 ____D C:\Users\RR\AppData\Local\SolidDocuments
2021-12-15 20:30 - 2021-12-15 20:31 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-12-15 20:29 - 2021-12-15 20:29 - 000000000 ____D C:\Program Files\Adobe
2021-12-15 20:28 - 2021-12-15 20:29 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-12-15 17:09 - 2021-12-15 17:17 - 000000000 ____D C:\Users\RR\AppData\LocalLow\Manicware
2021-12-15 16:53 - 2021-12-15 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeryPDF PDF2Word v3.0
2021-12-15 16:53 - 2021-12-15 16:53 - 000000000 ____D C:\Program Files (x86)\VeryPDF PDF2Word v3.0
2021-12-15 16:30 - 2021-12-15 16:30 - 000000000 ____D C:\Users\RR\AppData\Local\TriSun_Software_Limited

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-14 12:36 - 2021-08-28 17:22 - 000002246 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - RR
2022-01-14 12:36 - 2021-04-04 19:45 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-14 12:36 - 2021-03-19 08:45 - 000003420 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-01-14 12:36 - 2021-03-19 08:45 - 000003196 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-01-14 12:36 - 2020-08-21 17:00 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-14 12:36 - 2020-08-21 17:00 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-14 12:36 - 2020-05-29 07:54 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-14 12:36 - 2020-05-29 07:54 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-14 12:36 - 2020-05-29 07:54 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-14 12:36 - 2020-05-29 07:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-01-14 12:36 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-14 12:36 - 2018-11-25 19:47 - 000000000 ____D C:\Users\RR\AppData\Roaming\qBittorrent
2022-01-14 12:32 - 2016-08-26 17:05 - 000000000 ____D C:\Users\RR\AppData\Roaming\AIMP
2022-01-14 12:27 - 2016-04-14 20:57 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-14 12:18 - 2020-06-01 13:30 - 000000000 ____D C:\Users\RR\AppData\Local\Deployment
2022-01-14 12:02 - 2017-10-04 21:04 - 000000000 ____D C:\Users\RR\AppData\Local\AVAST Software
2022-01-14 11:30 - 2020-05-29 07:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-14 09:12 - 2021-04-04 19:45 - 000000000 ____D C:\Program Files\CCleaner
2022-01-14 03:19 - 2016-04-14 22:20 - 000000029 _____ C:\WINDOWS\popcinfo.dat
2022-01-13 21:02 - 2016-10-16 12:52 - 000000000 ____D C:\Users\RR\AppData\Local\ClassicShell
2022-01-13 21:02 - 2016-06-18 18:50 - 000007637 _____ C:\Users\RR\AppData\Local\Resmon.ResmonCfg
2022-01-13 20:50 - 2017-07-22 20:51 - 000000000 ____D C:\Users\RR\AppData\Roaming\vlc
2022-01-12 23:26 - 2019-07-23 20:10 - 000000000 ____D C:\Users\RR\Desktop\AUDIO VIDEO
2022-01-12 21:41 - 2020-05-29 07:45 - 000976022 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-12 21:41 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-12 21:39 - 2016-05-16 16:04 - 000000000 ____D C:\Users\RR\AppData\Local\CrashDumps
2022-01-12 21:37 - 2021-09-06 13:46 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-12 21:37 - 2020-05-29 07:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-12 21:37 - 2020-05-29 07:46 - 000000000 ____D C:\Users\RR
2022-01-12 21:37 - 2016-04-14 22:01 - 000000000 __SHD C:\Users\RR\IntelGraphicsProfiles
2022-01-12 20:46 - 2021-03-19 00:34 - 000000000 ___HD C:\OneDriveTemp
2022-01-12 20:44 - 2018-08-22 21:17 - 000000000 ____D C:\Users\RR\Desktop\Knjige
2022-01-12 20:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-12 20:11 - 2017-11-20 15:24 - 000000000 ____D C:\Users\RR\AppData\Local\Packages
2022-01-12 18:21 - 2016-04-19 20:22 - 000000000 ____D C:\Users\RR\AppData\Local\ElevatedDiagnostics
2022-01-12 18:17 - 2016-11-10 00:44 - 000000000 ____D C:\ProgramData\AVAST Software
2022-01-12 18:12 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-12 15:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-01-11 22:08 - 2017-05-14 00:33 - 000000000 ____D C:\Users\RR\AppData\Local\Everything
2022-01-11 22:08 - 2016-04-14 21:37 - 000000000 ____D C:\Users\RR\AppData\Roaming\Everything
2022-01-11 20:13 - 2021-11-09 03:32 - 000000000 ____D C:\Users\RR\Documents\ViberDownloads
2022-01-11 08:29 - 2020-03-01 23:48 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-10 21:57 - 2016-04-14 22:45 - 000000000 ___RD C:\Users\RR\Desktop\TUNING
2022-01-10 21:37 - 2016-04-14 21:00 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-01-08 20:50 - 2018-05-10 21:09 - 000000000 ____D C:\Users\RR\AppData\Local\D3DSCache
2022-01-08 16:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-08 04:14 - 2020-08-21 17:00 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-07 21:38 - 2017-12-06 20:07 - 000000049 _____ C:\WINDOWS\NeroDigital.ini
2022-01-05 01:12 - 2016-04-14 22:44 - 000000000 ____D C:\ProgramData\TEMP
2022-01-04 18:54 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-04 17:40 - 2021-07-04 11:58 - 000000935 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2022-01-04 16:57 - 2021-09-25 12:28 - 000000000 ____D C:\Users\RR\Desktop\Lična Karta
2022-01-02 16:27 - 2019-08-08 09:32 - 000000000 ____D C:\Users\RR\Desktop\Vreme
2022-01-02 16:10 - 2018-05-03 18:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-01-02 16:00 - 2016-04-14 21:12 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-01-02 15:59 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-02 15:59 - 2016-11-09 22:39 - 000000370 __RSH C:\ProgramData\ntuser.pol
2021-12-31 11:04 - 2021-09-22 11:41 - 000001362 _____ C:\Users\RR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-12-29 14:57 - 2021-11-25 18:46 - 000000000 ____D C:\Users\RR\Desktop\Etika
2021-12-27 06:47 - 2020-10-26 02:09 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-27 06:47 - 2020-05-29 07:54 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-12-27 06:47 - 2020-04-21 14:44 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-27 06:47 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-27 06:47 - 2019-01-21 14:51 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-27 06:47 - 2019-01-21 13:54 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-27 06:47 - 2019-01-21 13:54 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-27 06:47 - 2019-01-21 13:54 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-27 06:47 - 2018-10-23 21:29 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-27 06:47 - 2017-11-21 19:59 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-27 06:47 - 2017-02-24 21:06 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-27 06:47 - 2017-02-24 21:06 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-27 06:47 - 2017-02-24 21:06 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-27 06:47 - 2016-11-10 00:45 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-27 06:47 - 2016-11-10 00:45 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-24 15:11 - 2016-08-01 21:04 - 000000000 ____D C:\Users\RR\AppData\Roaming\Software Informer
2021-12-24 13:56 - 2016-10-08 20:55 - 000000000 ____D C:\Program Files (x86)\MSECache
2021-12-24 13:40 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-12-23 16:23 - 2021-02-03 15:47 - 000000000 ____D C:\Users\RR\Desktop\Ana Marija
2021-12-23 12:53 - 2021-11-09 03:32 - 000000000 ____D C:\Users\RR\AppData\Roaming\ViberPC
2021-12-23 12:52 - 2018-12-26 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-12-18 18:28 - 2016-04-14 22:45 - 000000000 ___RD C:\Users\RR\Desktop\WRITE READ
2021-12-18 12:29 - 2017-07-22 15:05 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-12-17 12:59 - 2020-05-29 07:44 - 000443232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-17 12:58 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-12-17 12:58 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-17 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-17 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-17 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-17 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-17 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-17 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-17 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-17 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-17 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-12-17 12:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-17 02:08 - 2016-04-14 21:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-17 02:03 - 2016-04-14 21:57 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-15 21:20 - 2016-04-14 22:01 - 000000000 ____D C:\Users\RR\AppData\Roaming\Adobe
2021-12-15 20:28 - 2016-04-17 14:00 - 000000000 ____D C:\ProgramData\Adobe
2021-12-15 16:56 - 2018-07-05 21:53 - 000000188 _____ C:\WINDOWS\pdf2word.INI
2021-12-15 12:52 - 2021-08-23 10:43 - 000000000 ____D C:\Users\RR\Desktop\Dr SVETEL

==================== Files in the root of some directories ========

2015-03-26 12:48 - 2015-03-26 12:48 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-10-23 18:29 - 2016-10-23 18:29 - 000000531 _____ () C:\Users\RR\AppData\Roaming\alarms.ini
2016-10-23 18:29 - 2016-10-23 18:54 - 000000745 _____ () C:\Users\RR\AppData\Roaming\AtomicAlarmClock.ini
2016-08-09 17:29 - 2016-08-08 10:04 - 000519696 ___SH () C:\Users\RR\AppData\Roaming\KSAaDJSIHghQ
2019-10-23 15:59 - 2019-10-23 16:09 - 000000566 _____ () C:\Users\RR\AppData\Roaming\payerss.ini
2017-12-05 14:12 - 2017-12-05 14:12 - 000000826 _____ () C:\Users\RR\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2016-01-03 15:47 - 2016-01-03 15:47 - 000322552 _____ (Alexander Roshal) C:\Users\RR\AppData\Roaming\UnRAR.exe
2020-05-06 11:32 - 2020-05-06 11:32 - 000000017 _____ () C:\Users\RR\AppData\Roaming\w2jpath.ini
2019-10-23 16:02 - 2019-10-23 15:59 - 000000566 _____ () C:\Users\RR\AppData\Roaming\Microsoft\config.ini
2020-04-04 19:21 - 2020-04-04 19:22 - 000004548 _____ () C:\Users\RR\AppData\Local\PlariumPlay.log
2016-06-18 18:50 - 2022-01-13 21:02 - 000007637 _____ () C:\Users\RR\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8488
  • Gde živiš: Novi Beograd

Zdravo,

Da li si instalirao neke programe za promenu izgleda Windowsa?

Preuzmi AdwCleaner i sačuvaj ga na Desktop
Dvoklikom pokreni program.
U EULA prozoru klikni na I agree.
Klikni na dugme Scan Now i sačekaj da se završi skeniranje.
Ako ti javi da postoji novija verzija, postaraj se da je preuzmeš.

Klikni na dugme Clean i pričekaj da program završi.
Program će zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni OK kao potvrdu.
Pojavit će se poruka da računar treba restartovati. Klikni OK

Računar će se restartovati, a potom otvoriti Notepad (C:\Adwcleaner\AdwCleaner[S00].txt) sa izvještajem.
Sačuvaj taj izveštaj na Desktop i okači ga uz poruku koristeći opciju "Prikači fajl"

offline
  • Pridružio: 15 Dec 2008
  • Poruke: 166
  • Gde živiš: Beograd

Napisano: 15 Jan 2022 11:43

Nije bilo komande Clear već samo ponuda za karantin za jedan PUP fajl Heuristik.
mycity.rs/must-login.png

Dopuna: 15 Jan 2022 12:35

Inače, prečesto mi kaže File Explorer Not Responding i onda moram da zatvorim program, pa kad ponovo otvorim onda hoće.

Dopuna: 15 Jan 2022 12:37

Ne sećam se da sam skoro instalirao neki program za promenu izgleda Windowsa, osim klasični Start, ali to je bilo mnogo davno.

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8488
  • Gde živiš: Novi Beograd

Postavi mi novi FRST log, celog ga kopiraj, pa da vidimo da li se nesto moze uraditi.

offline
  • Pridružio: 15 Dec 2008
  • Poruke: 166
  • Gde živiš: Beograd

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2022
Ran by RR (administrator) on RR (Gigabyte Technology Co., Ltd. H81M-DS2) (17-01-2022 10:18:22)
Running from C:\Users\RR\Desktop
Loaded Profiles: RR
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1466 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
() [File not signed] C:\Program Files\Atomic Alarm Clock\timeserv.exe
() [File not signed] C:\ProgramData\Microsoft\Windows\DeviceMetadataStore\cache\conhost.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Driver Updater\DriverUpdSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Driver Updater\DriverUpdUI.exe <4>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(iolo technologies, LLC -> iolo technologies, LLC) [File not signed] C:\Program Files (x86)\Phoenix360\System Mechanic\ioloGovernor64.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.62\identity_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(The qBittorrent Project) [File not signed] C:\Program Files\qBittorrent\qbittorrent.exe
(voidtools -> voidtools) C:\Program Files\Everything\Everything.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [157464 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [MRT] => C:\WINDOWS\system32\MRT.exe [145765912 2022-01-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572536 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [2240288 2019-02-04] (voidtools -> voidtools)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [4336920 2021-12-16] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [MalTray] => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe [926200 2017-02-27] (Glarysoft LTD -> Glarysoft Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-12-08] (Intel Corporation -> Intel)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1957820526-533511395-3661414503-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44024 2017-07-17] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-1957820526-533511395-3661414503-1000\...\Run: [AtomicAlarmClock6] => C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [5321728 2016-08-16] () [File not signed]
HKU\S-1-5-21-1957820526-533511395-3661414503-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1957820526-533511395-3661414503-1000\...\Run: [MicrosoftEdgeAutoLaunch_3AC0E8863975FA6563B03DB4D68DC569] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-1957820526-533511395-3661414503-1000\...\Run: [Viber] => C:\Users\RR\AppData\Local\Viber\Viber.exe [51151120 2021-12-16] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-1957820526-533511395-3661414503-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3500 series XPS: C:\WINDOWS\system32\CNMXLMBV.DLL [394240 2013-04-04] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-11] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\RR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2021-11-03]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
BootExecute: autocheck autochk *
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\RR\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009D4352-1C11-4B12-A28D-7833A52FF6A4} - System32\Tasks\ActiveSync-SystemMechanic => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\activesync.exe [194800 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {055E4CDD-1404-47AE-B0DA-DA7B1B3F2C97} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {08C343A5-B51F-484B-8791-F52C3DED5309} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {15206B4F-730F-43BC-8D4E-692FEA82A8BE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {18D9BC47-E684-45D4-A36F-E00939BEE5B8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1BB23819-57F3-4721-B06B-62022C368445} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {203F7142-3665-4F11-9FBE-6A4713CA12C7} - System32\Tasks\{084081DC-F70A-4A4F-BEBC-ABD9CAE51B70} => "c:\windows\system32\launchwinapp.exe" hxxps://ui.skype.com/ui/0/7.33.0.105/en/go/help.faq.installer?LastError=1603
Task: {20DC0F5F-49B6-4376-957F-2922A2E2EDCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2B89D859-369D-4DA9-B2DA-FB5A94E179A4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {2DA924DE-00B3-429F-A6FA-DBF8296C2210} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {2F458821-0629-4E79-8DDE-328AA8185182} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {2F9C54CB-0AF9-446C-9970-EE21D3D02721} - System32\Tasks\ioloAVDefsDownloader => C:\Program Files (x86)\Phoenix360\System Mechanic\SSDefs.exe [134888 2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {438E2C4E-0EE5-4398-B906-DFCB0A2F129E} - System32\Tasks\CCleanerSkipUAC - RR => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {44ED989D-0242-4DE0-BE62-816D926F862A} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1957820526-533511395-3661414503-1009 => C:\Users\RR\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4BFD3F03-3A24-4192-B9E7-EF925D820DB4} - System32\Tasks\ioloActiveCare => C:\Program Files (x86)\Phoenix360\System Mechanic\systemmechanic.exe [414968 2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {4CB290C1-8BAC-44E4-9A7D-B5D9965E3D0B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {4F716A37-4A46-4D42-9543-164676B5E9DB} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\Phoenix360\System Mechanic\iologovernor64.exe [713648 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC) [File not signed]
Task: {591DAAA1-5458-4358-B88C-E1688C17BBBA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5F19938B-9005-4886-BFD5-7A86167E41A3} - System32\Tasks\SafeZone scheduled Autoupdate 1478735171 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {67152034-D691-4606-ADD1-5E84AB8222AA} - System32\Tasks\{761D47F2-2261-4C29-872B-08D6E5840FEC} => "c:\windows\system32\launchwinapp.exe" hxxps://ui.skype.com/ui/0/7.33.0.105/en/go/help.faq.installer?source=lightinstaller&LastError=1603
Task: {67CE3124-787F-487D-A88C-EEDB3BE70943} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {6858C9E9-C5A9-4EAE-8F68-1C0C063BF0F0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {6A70D739-58DF-4701-A7BA-11B15EFCCF6D} - System32\Tasks\{D4F9155E-065F-417E-A161-49E06A28CCB6} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.21.0.100/en/abandoninstall?source=lightinstaller&page=tsBing
Task: {6C7E7247-925D-4864-92F1-7483223D5637} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {72C06137-93AC-4139-AEBF-449E3E599294} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {73692337-B04C-4C61-91FE-A84D0A8E028B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {767706F6-71D4-4A1E-9CBC-36648B3939A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-01-08] (Adobe Inc. -> Adobe)
Task: {78E994C0-CEEF-4BBA-B234-DFFBE666316D} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4760344 2021-12-16] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid abb4efc7-0f2d-46d1-9eef-f759042cd570
Task: {7BCE8286-5473-4A66-9631-ED3855AC4D34} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {7E345AD6-4709-406B-A008-99D62C4C8683} - System32\Tasks\{D5812F0B-3A45-47CB-A0F6-AD8700F329A4} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Yahoo!\Widgets\InstallRunner.exe" -d "C:\Program Files (x86)\Yahoo!\Widgets"
Task: {80479685-3534-4BE7-8CE1-00F3D7008EE2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8310BD37-C671-4E35-A3B1-1774326841EF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {839AB333-DE1C-4B53-9B57-ABB280889480} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [1286144 2017-09-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {86A193D8-0295-4C14-9407-5A02257FAF9F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {87554DB2-D453-432B-A772-4BD104954C31} - System32\Tasks\{FED5D64D-B4D7-4B11-ADAB-923E7F4527A7} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.21.0.100/en/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {8C30F32C-C884-4E03-ABC4-7A79ACA57FB6} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {8DEF1E00-1FA7-4D2B-8685-8F6982EC1556} - System32\Tasks\{CC7A20E2-01B1-45B5-A568-A695136B0E17} => C:\Windows\system32\pcalua.exe -a "D:\01 Download\widgetsus.exe" -d "D:\01 Download"
Task: {8EAA295E-872C-4853-9415-59F74E1F419E} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {9308E261-129D-43B2-9DFB-B8F29BAB7F96} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {938DD5C4-9414-486A-83DB-5C79AAB586D5} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {9A671260-E369-4112-96EC-FBDED5CD572D} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {A78066C6-834D-4DFC-83B9-90AAD57A9E1D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MpCmdRun.exe [901048 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A9CA5C70-2EE4-408C-A5D6-F17AF1AEE805} - System32\Tasks\{17C4FCB2-BAE1-45EE-B216-4432EB8C8984} => "c:\windows\system32\launchwinapp.exe" hxxps://ui.skype.com/ui/0/7.33.0.104/en/go/help.faq.installer?source=lightinstaller&LastError=1603
Task: {A9D73C6C-E46A-4B9E-A386-D1DBF2ECF66B} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [6475544 2021-12-16] (Avast Software s.r.o. -> Avast Software)
Task: {AC06146B-9560-4118-8F89-5C8386124CE7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-01] (Google LLC -> Google LLC)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B29E2CEB-A5B1-403B-9D5E-6248B91951BF} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [134640 2017-07-17] (Glarysoft LTD -> Glarysoft Ltd)
Task: {B50C5119-9215-4D33-8264-7BE2094D4481} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [897528 2017-07-17] (Glarysoft LTD -> Glarysoft Ltd)
Task: {B96E2888-B48B-4AF7-8EF5-0326BADB627E} - System32\Tasks\Microsoft\Windows\PLA\System\{4923C320-A6DE-4448-B171-34380E25F545}_System Diagnostics => Command(1): C:\WINDOWS\system32\rundll32.exe -> C:\WINDOWS\system32\pla.dll,PlaHost "system\System Diagnostics" "$(Arg0)"
Task: {B96E2888-B48B-4AF7-8EF5-0326BADB627E} - System32\Tasks\Microsoft\Windows\PLA\System\{4923C320-A6DE-4448-B171-34380E25F545}_System Diagnostics => Command(2): C:\WINDOWS\system32\schtasks.exe -> /delete /f /tn "\Microsoft\Windows\PLA\System\{4923C320-A6DE-4448-B171-34380E25F545}_System Diagnostics"
Task: {BBB72543-86FE-4EF0-ADF1-22E75DE178B7} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {BD6D47BF-9402-4072-8E29-196604A6A198} - System32\Tasks\GMHSkipUAC => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2303992 2017-02-27] (Glarysoft LTD -> Glarysoft Ltd)
Task: {BFB60210-7750-49F4-88E7-1C3432A5900B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C03F7A78-6F95-4D46-8910-909E3985D166} - System32\Tasks\SafeZone scheduled Autoupdate 1478728427 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {C3A240A1-7BF1-4B26-8775-41AEEE55EBC8} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {C5914AE0-DFDA-450F-9595-5725C86B7BD8} - System32\Tasks\{2808D1B8-FD96-44BE-894A-A05507686D3B} => C:\Windows\system32\pcalua.exe -a "E:\01 INSTAL\01 SubtitleWorkshop251.exe" -d "E:\01 INSTAL"
Task: {C7794263-B06F-4A93-91BA-900ED6CFED2B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {C7B1E0C8-B370-4C54-B813-600760B90FC0} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [1657856 2017-01-25] (Informer Technologies, Inc.) [File not signed]
Task: {CDB774BA-F500-4B07-903A-7CA61B58EC47} - \FKHUqGXICk -> No File <==== ATTENTION
Task: {CE95F748-542D-4D0F-A392-50EE2896DF84} - System32\Tasks\Maylace2 Metrics HTML Editor => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Maylace2 Metrics HTML Editor\Maylace2 Metrics HTML Editor.dll",aImUTxWiZcgF <==== ATTENTION
Task: {D4B2F167-C87F-4B70-B7F7-04ED42E4B456} - System32\Tasks\ioloTUDsDownloader => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\activesync.exe [194800 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {D8905937-759B-4A56-99F1-387BD09692B0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-01] (Google LLC -> Google LLC)
Task: {DB7C433E-629D-4BCB-B165-B5816269C6C8} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {DFE1823B-DEFC-4D6B-9420-4399A3C2A315} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1706496 2020-04-05] () [File not signed]
Task: {E0FDF5A5-BA03-4731-A1CD-FF830940DE4D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E6FBFCE1-567C-44B9-8B3E-682C1A8A8134} - System32\Tasks\{9065D61D-C539-4C8A-95E7-7B37ACDBBB7C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.21.0.100/en/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {E9B1DA97-6A22-45C2-A2DC-986D5B51ACE1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {EFE9E6B5-2AB0-4FC0-8684-2EB6BB4748D3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
Task: {F5A0D9A1-3292-406B-A3F9-9166C3D565FF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4969240 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
Task: {F761C4F3-4D45-41B1-80FA-E3B3E06AC212} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c (No File)
Task: {F8291F7D-0B4E-4212-A609-0FC1E99147E4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8EE0164-C9F6-4355-AFE8-DAAB2326BFC5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler (No File)
Task: {F968A490-5191-449D-A29D-CCD4DB869284} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
Task: {FA354947-5F2A-42F0-BFEB-30852B7707D8} - System32\Tasks\ActiveMessenger-SystemMechanic => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\ActiveMessenger.exe [323328 2017-12-07] (iolo technologies, LLC -> iolo technologies, LLC)
Task: {FACA9332-1499-453B-AF6C-A5F1114DF88A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {FC2551B4-22EC-4F0C-99A6-4F8CDD8FE958} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2021-01-08] (Adobe Inc. -> Adobe)
Task: {FCAE4C09-5207-4698-A90A-6E6E0A62DE3A} - System32\Tasks\ioloSystemShield => C:\Program Files (x86)\Phoenix360\System Mechanic\ioloSSTray.exe [344304 2017-12-08] (iolo technologies, LLC -> iolo technologies, LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{007eb021-d9d2-4d8d-b056-36d7e1815db4}: [DhcpNameServer] 89.216.1.30 89.216.1.50
Tcpip\..\Interfaces\{1b6eabd2-a487-4628-85aa-d2ea6f1d46c9}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{1b6eabd2-a487-4628-85aa-d2ea6f1d46c9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{606ff9b2-c456-4981-87a8-f4431fbf1c6b}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{7be43317-a0aa-40a1-ade5-bce808ea0153}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{b76dc418-be5d-481b-b09a-c72ef2de77b6}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{c7773393-cdfd-11e7-83d6-806e6f6e6963}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{eaf7dee3-0200-4c8c-b9d5-6ebe756aabd2}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{eaf7dee3-0200-4c8c-b9d5-6ebe756aabd2}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{f293cd2d-6ba1-4401-8b4d-a2eaa92aac4f}: [NameServer] 185.107.96.127,192.223.30.14
Tcpip\..\Interfaces\{f293cd2d-6ba1-4401-8b4d-a2eaa92aac4f}: [DhcpNameServer] 192.168.42.129

Edge:
=======
DownloadDir: D:\01 DOWNLOAD
Edge HomeButtonPage: HKU\S-1-5-21-1957820526-533511395-3661414503-1000 -> about:tabs
Edge Notifications: HKU\S-1-5-21-1957820526-533511395-3661414503-1000 -> hxxps://www.facebook.com; hxxps://mail.google.com; hxxps://www.putovnica.net; hxxps://www2.thefastpush.com; hxxps://www.saznajnovo.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => path not found
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => path not found
Edge Extension: (OneNote Web Clipper) -> EdgeExtension_MicrosoftOneNoteWebClipper_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.OneNoteWebClipper_3.8.1.0_neutral__8wekyb3d8bbwe [2019-06-04]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => path not found
Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2021-06-05]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => path not found
Edge DefaultProfile: Default
Edge Profile: C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-17]
Edge DownloadDir: Default -> D:\01 DOWNLOAD
Edge Notifications: Default -> hxxps://mail.google.com; hxxps://www.facebook.com; hxxps://www.giveawayoftheday.com; hxxps://www.putovnica.net; hxxps://www.saznajnovo.com
Edge HomePage: Default -> edge://newtab/
Edge Extension: (Mailtrack - Email Tracker for Gmail) - C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cemhcpmgfkheedjjbgflkldmkoiappji [2021-03-16]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-12-15]
Edge Extension: (OneNote Web Clipper) - C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oogbnpmeihfgnccdnmmlgicknopghhma [2021-10-22]
Edge Profile: C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-01-12]
Edge Profile: C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-01-12]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\RR\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-01-08]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 49t3cpch.default
FF ProfilePath: C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default [2022-01-14]
FF user.js: detected! => C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default\user.js [2016-09-23]
FF DownloadDir: D:\01 DOWNLOAD
FF Notifications: Mozilla\Firefox\Profiles\49t3cpch.default -> hxxps://mg.mail.yahoo.com
FF Extension: (English United States Dictionary) - C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default\Extensions\@unitedstatesenglishdictionary.xpi [2020-01-14]
FF Extension: (Avast Passwords) - C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2019-05-27] [UpdateUrl:hxxps://pamcdn.avast.com/pamcdn/extensions/firefox/update.json]
FF Extension: (English (US) Language Pack) - C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2021-08-12]
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default\Extensions\sp@avast.com.xpi [2019-02-26]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\RR\AppData\Roaming\Mozilla\Firefox\Profiles\49t3cpch.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-09-16]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2021-01-08] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.15 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2021-01-08] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.15 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\RR\AppData\Local\Google\Chrome\User Data\Default [2022-01-16]
CHR DownloadDir: D:\01 DOWNLOAD
CHR Extension: (Slides) - C:\Users\RR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-01]
CHR Extension: (Adobe Acrobat) - C:\Users\RR\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-24]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\RR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-12-16]
CHR Extension: (Email Tracker for Gmail - Mailtrack) - C:\Users\RR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2022-01-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\RR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-09]
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Brave:
=======
BRA Profile: C:\Users\RR\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-01-12]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\RR\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2019-07-12]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\RR\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2019-07-12]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\RR\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2019-07-12]
BRA Extension: (PDF Viewer) - C:\Users\RR\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-07-12]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\RR\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2019-07-12]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-01-08] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8480848 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R2 AtomicAlarmClock; C:\Program Files\Atomic Alarm Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [452888 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [452888 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-02] (Avast Software s.r.o. -> AVAST Software)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [7204632 2021-12-16] (Avast Software s.r.o. -> AVAST Software)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [39352 2021-12-08] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177080 2021-12-08] (Intel Corporation -> Intel)
R2 Everything; C:\Program Files\Everything\Everything.exe [2240288 2019-02-04] (voidtools -> voidtools)
S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-12-21] (Intel(R) Update Manager -> Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [7785656 2021-09-16] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [34416 2016-03-24] (Anvsoft Inc. -> AnvSoft Inc.)
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36784 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [223176 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369216 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [252992 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [100416 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42416 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [186280 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [540056 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108912 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83976 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [853800 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [545176 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215432 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [318760 2021-12-27] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [20160 2016-10-23] (Glarysoft Ltd -> Glarysoft Ltd)
S3 GUMHFilters; C:\Program Files (x86)\Glarysoft\Malware Hunter\Native\winxp_x64\GUMHFilter.sys [37688 2016-11-04] (Glarysoft LTD -> GlarySoft Ltd)
R1 GUSBootStartup; C:\WINDOWS\System32\drivers\GUSBootStartup.sys [20160 2016-10-23] (Glarysoft Ltd -> Glarysoft Ltd)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-01-04] (Martin Malik - REALiX -> REALiX(tm))
R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [44096 2017-03-29] (IObit Information Technology -> IObit.com)
S3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFDownProtect.sys [39288 2017-03-08] (IObit Information Technology -> IObit.com)
S3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win10_amd64\IMFFilter.sys [40440 2017-02-17] (IObit Information Technology -> IObit)
S3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFForceDelete.sys [33600 2017-02-17] (IObit Information Technology -> IObit.com)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-18] (Malwarebytes Inc -> Malwarebytes)
S3 PCWinSoft; C:\WINDOWS\system32\DRIVERS\scrcamhrdrv_x64.sys [241800 2012-10-11] (PCWinSoft Systems Informatica Ltda -> Windows (R) Server 2003 DDK provider)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\regfilter.sys [52792 2017-02-17] (IObit Information Technology -> IObit.com)
S3 RimVSerPort; C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2022-01-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-02] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\RR\AppData\Local\Temp\tmp67F.tmp [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-17 10:18 - 2022-01-17 10:18 - 000000000 ____D C:\Users\RR\Desktop\FRST-OlderVersion
2022-01-16 05:02 - 2022-01-16 05:02 - 000000000 ____D C:\Users\RR\AppData\Roaming\GameBlend
2022-01-16 05:02 - 2022-01-16 05:02 - 000000000 ____D C:\ProgramData\GameBlend
2022-01-15 16:17 - 2022-01-15 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
2022-01-15 16:17 - 2022-01-15 16:17 - 000000000 ____D C:\Program Files\MKVToolNix
2022-01-15 11:39 - 2022-01-15 11:39 - 000001599 _____ C:\Users\RR\Desktop\AdwCleaner[C00].txt
2022-01-14 20:38 - 2022-01-14 20:38 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-14 20:38 - 2022-01-14 20:38 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-14 20:38 - 2022-01-14 20:38 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-14 20:30 - 2022-01-14 20:30 - 000000000 ___HD C:\$WinREAgent
2022-01-14 12:44 - 2022-01-14 12:46 - 000072258 _____ C:\Users\RR\Desktop\Addition.txt
2022-01-14 12:42 - 2022-01-17 10:19 - 000045543 _____ C:\Users\RR\Desktop\FRST.txt
2022-01-14 12:42 - 2022-01-17 10:18 - 002311680 _____ (Farbar) C:\Users\RR\Desktop\FRST64.exe
2022-01-14 12:42 - 2022-01-17 10:18 - 000000000 ____D C:\FRST
2022-01-12 23:24 - 2022-01-12 23:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2022-01-12 23:24 - 2022-01-12 23:24 - 000000000 ____D C:\Program Files\qBittorrent
2022-01-12 20:16 - 2022-01-12 20:16 - 000000000 ___HD C:\$SysReset
2022-01-12 18:23 - 2022-01-12 18:23 - 000001039 _____ C:\Users\RR\Desktop\M3 Portable - Shortcut.lnk
2022-01-10 21:46 - 2022-01-17 04:19 - 000003312 _____ C:\WINDOWS\system32\Tasks\ioloTUDsDownloader
2022-01-10 21:46 - 2022-01-17 04:19 - 000003194 _____ C:\WINDOWS\system32\Tasks\ioloAVDefsDownloader
2022-01-10 21:46 - 2022-01-17 04:19 - 000003038 _____ C:\WINDOWS\system32\Tasks\ioloActiveCare
2022-01-10 21:46 - 2022-01-17 04:19 - 000002724 _____ C:\WINDOWS\system32\Tasks\ioloSystemShield
2022-01-10 21:46 - 2022-01-17 04:19 - 000002488 _____ C:\WINDOWS\system32\Tasks\iolo Process Governor
2022-01-10 21:46 - 2022-01-10 21:54 - 000000000 ____D C:\ProgramData\ioloGovernor
2022-01-10 21:37 - 2022-01-17 04:19 - 000003304 _____ C:\WINDOWS\system32\Tasks\ActiveSync-SystemMechanic
2022-01-10 21:37 - 2022-01-17 04:19 - 000003270 _____ C:\WINDOWS\system32\Tasks\ActiveMessenger-SystemMechanic
2022-01-10 21:37 - 2022-01-10 21:38 - 000000000 ____D C:\ProgramData\Phoenix360
2022-01-10 21:37 - 2022-01-10 21:37 - 000000000 ____D C:\Users\RR\AppData\Local\iolo
2022-01-10 21:37 - 2022-01-10 21:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic
2022-01-10 21:37 - 2022-01-10 21:37 - 000000000 ____D C:\ProgramData\iolo
2022-01-10 21:37 - 2022-01-10 21:37 - 000000000 ____D C:\Program Files (x86)\Phoenix360
2021-12-31 11:04 - 2022-01-14 20:44 - 000000000 ____D C:\Users\RR\AppData\Local\PCHealthCheck
2021-12-27 06:47 - 2021-12-27 06:47 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-12-27 06:47 - 2021-12-27 06:47 - 000215432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-12-27 06:47 - 2021-12-27 06:47 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2021-12-21 18:13 - 2021-12-21 18:13 - 000000000 ____D C:\Users\RR\AppData\Local\Viber

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-17 10:12 - 2018-11-25 19:47 - 000000000 ____D C:\Users\RR\AppData\Roaming\qBittorrent
2022-01-17 10:07 - 2017-07-22 20:51 - 000000000 ____D C:\Users\RR\AppData\Roaming\vlc
2022-01-17 09:27 - 2016-04-14 20:57 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-17 09:18 - 2020-05-29 07:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-17 09:12 - 2021-04-04 19:45 - 000000000 ____D C:\Program Files\CCleaner
2022-01-17 08:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-17 08:00 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-17 04:19 - 2021-08-28 17:22 - 000002246 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - RR
2022-01-17 04:19 - 2021-04-04 19:45 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-17 04:19 - 2020-08-21 17:00 - 000003408 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-17 04:19 - 2020-08-21 17:00 - 000003184 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-17 04:19 - 2020-05-29 07:54 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-17 04:19 - 2020-05-29 07:54 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-17 04:19 - 2020-05-29 07:54 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-17 04:19 - 2020-05-29 07:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-01-17 04:19 - 2016-06-14 15:42 - 000000000 ____D C:\Users\RR\AppData\Roaming\Wildfire
2022-01-17 04:12 - 2021-03-19 08:45 - 000003420 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2022-01-17 04:12 - 2021-03-19 08:45 - 000003196 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2022-01-17 04:12 - 2016-05-16 16:04 - 000000000 ____D C:\Users\RR\AppData\Local\CrashDumps
2022-01-17 02:39 - 2016-04-14 22:20 - 000000029 _____ C:\WINDOWS\popcinfo.dat
2022-01-15 16:13 - 2016-04-14 21:37 - 000000000 ____D C:\Users\RR\AppData\Roaming\Everything
2022-01-15 14:36 - 2016-06-18 18:50 - 000007637 _____ C:\Users\RR\AppData\Local\Resmon.ResmonCfg
2022-01-15 14:35 - 2016-10-16 12:52 - 000000000 ____D C:\Users\RR\AppData\Local\ClassicShell
2022-01-15 13:38 - 2016-04-14 22:01 - 000000000 __SHD C:\Users\RR\IntelGraphicsProfiles
2022-01-15 13:19 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-15 13:05 - 2018-05-10 21:09 - 000000000 ____D C:\Users\RR\AppData\Local\D3DSCache
2022-01-15 12:56 - 2019-07-23 20:10 - 000000000 ____D C:\Users\RR\Desktop\AUDIO VIDEO
2022-01-15 12:21 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-15 12:20 - 2020-05-29 07:45 - 000976022 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-15 12:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-15 12:17 - 2017-10-04 21:04 - 000000000 ____D C:\Users\RR\AppData\Local\AVAST Software
2022-01-15 12:16 - 2020-05-29 07:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-15 12:16 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-15 12:16 - 2016-11-10 00:44 - 000000000 ____D C:\ProgramData\AVAST Software
2022-01-15 12:14 - 2017-11-20 15:24 - 000000000 ____D C:\Users\RR\AppData\Local\Packages
2022-01-15 02:03 - 2021-11-09 03:32 - 000000000 ____D C:\Users\RR\Documents\ViberDownloads
2022-01-14 20:44 - 2021-09-22 11:41 - 000001362 _____ C:\Users\RR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-01-14 20:41 - 2021-09-06 13:46 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-14 20:41 - 2020-05-29 07:44 - 000443232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-14 20:40 - 2019-12-07 10:54 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-14 20:40 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-14 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-14 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-14 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-14 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-14 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-14 20:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-14 20:35 - 2016-08-01 21:04 - 000000000 ____D C:\Users\RR\AppData\Roaming\Software Informer
2022-01-14 20:29 - 2016-04-14 21:57 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-14 19:27 - 2020-08-21 17:00 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-14 18:26 - 2016-04-14 22:45 - 000000000 ___RD C:\Users\RR\Desktop\WRITE READ
2022-01-14 18:22 - 2016-08-26 17:05 - 000000000 ____D C:\Users\RR\AppData\Roaming\AIMP
2022-01-14 16:53 - 2021-12-15 20:30 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-14 16:46 - 2020-05-29 07:46 - 000000000 ____D C:\Users\RR
2022-01-14 16:46 - 2017-05-14 00:33 - 000000000 ____D C:\Users\RR\AppData\Local\Everything
2022-01-14 12:18 - 2020-06-01 13:30 - 000000000 ____D C:\Users\RR\AppData\Local\Deployment
2022-01-12 20:46 - 2021-03-19 00:34 - 000000000 ___HD C:\OneDriveTemp
2022-01-12 20:44 - 2018-08-22 21:17 - 000000000 ____D C:\Users\RR\Desktop\Knjige
2022-01-12 18:21 - 2016-04-19 20:22 - 000000000 ____D C:\Users\RR\AppData\Local\ElevatedDiagnostics
2022-01-12 15:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-01-11 08:29 - 2020-03-01 23:48 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-10 21:57 - 2016-04-14 22:45 - 000000000 ___RD C:\Users\RR\Desktop\TUNING
2022-01-10 21:37 - 2016-04-14 21:00 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-01-07 21:38 - 2017-12-06 20:07 - 000000049 _____ C:\WINDOWS\NeroDigital.ini
2022-01-05 01:12 - 2016-04-14 22:44 - 000000000 ____D C:\ProgramData\TEMP
2022-01-04 17:40 - 2021-07-04 11:58 - 000000935 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2022-01-04 16:57 - 2021-09-25 12:28 - 000000000 ____D C:\Users\RR\Desktop\Lična Karta
2022-01-02 16:27 - 2019-08-08 09:32 - 000000000 ____D C:\Users\RR\Desktop\Vreme
2022-01-02 16:10 - 2018-05-03 18:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-01-02 16:00 - 2016-04-14 21:12 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-01-02 15:59 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-01-02 15:59 - 2016-11-09 22:39 - 000000370 __RSH C:\ProgramData\ntuser.pol
2021-12-29 14:57 - 2021-11-25 18:46 - 000000000 ____D C:\Users\RR\Desktop\Etika
2021-12-27 06:47 - 2020-10-26 02:09 - 000186280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-12-27 06:47 - 2020-05-29 07:54 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-12-27 06:47 - 2020-04-21 14:44 - 000540056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-12-27 06:47 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-12-27 06:47 - 2019-01-21 14:51 - 000369216 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-12-27 06:47 - 2019-01-21 13:54 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-12-27 06:47 - 2019-01-21 13:54 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-12-27 06:47 - 2019-01-21 13:54 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-12-27 06:47 - 2018-10-23 21:29 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-12-27 06:47 - 2017-11-21 19:59 - 000223176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-12-27 06:47 - 2017-02-24 21:06 - 000853800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-12-27 06:47 - 2017-02-24 21:06 - 000545176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-12-27 06:47 - 2017-02-24 21:06 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-12-27 06:47 - 2016-11-10 00:45 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-12-27 06:47 - 2016-11-10 00:45 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-12-24 13:56 - 2016-10-08 20:55 - 000000000 ____D C:\Program Files (x86)\MSECache
2021-12-24 13:40 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-12-23 16:23 - 2021-02-03 15:47 - 000000000 ____D C:\Users\RR\Desktop\Ana Marija
2021-12-23 12:53 - 2021-11-09 03:32 - 000000000 ____D C:\Users\RR\AppData\Roaming\ViberPC
2021-12-23 12:52 - 2018-12-26 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-12-18 12:29 - 2017-07-22 15:05 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM

==================== Files in the root of some directories ========

2015-03-26 12:48 - 2015-03-26 12:48 - 002174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-10-23 18:29 - 2016-10-23 18:29 - 000000531 _____ () C:\Users\RR\AppData\Roaming\alarms.ini
2016-10-23 18:29 - 2016-10-23 18:54 - 000000745 _____ () C:\Users\RR\AppData\Roaming\AtomicAlarmClock.ini
2016-08-09 17:29 - 2016-08-08 10:04 - 000519696 ___SH () C:\Users\RR\AppData\Roaming\KSAaDJSIHghQ
2019-10-23 15:59 - 2019-10-23 16:09 - 000000566 _____ () C:\Users\RR\AppData\Roaming\payerss.ini
2017-12-05 14:12 - 2017-12-05 14:12 - 000000826 _____ () C:\Users\RR\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2016-01-03 15:47 - 2016-01-03 15:47 - 000322552 _____ (Alexander Roshal) C:\Users\RR\AppData\Roaming\UnRAR.exe
2020-05-06 11:32 - 2020-05-06 11:32 - 000000017 _____ () C:\Users\RR\AppData\Roaming\w2jpath.ini
2019-10-23 16:02 - 2019-10-23 15:59 - 000000566 _____ () C:\Users\RR\AppData\Roaming\Microsoft\config.ini
2020-04-04 19:21 - 2020-04-04 19:22 - 000004548 _____ () C:\Users\RR\AppData\Local\PlariumPlay.log
2016-06-18 18:50 - 2022-01-15 14:36 - 000007637 _____ () C:\Users\RR\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8488
  • Gde živiš: Novi Beograd

Fali Addition log.

offline
  • Pridružio: 15 Dec 2008
  • Poruke: 166
  • Gde živiš: Beograd

mycity.rs/must-login.png

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8488
  • Gde živiš: Novi Beograd

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\RR\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {15206B4F-730F-43BC-8D4E-692FEA82A8BE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1BB23819-57F3-4721-B06B-62022C368445} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2B89D859-369D-4DA9-B2DA-FB5A94E179A4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {2DA924DE-00B3-429F-A6FA-DBF8296C2210} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {44ED989D-0242-4DE0-BE62-816D926F862A} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1957820526-533511395-3661414503-1009 => C:\Users\RR\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {4CB290C1-8BAC-44E4-9A7D-B5D9965E3D0B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {6858C9E9-C5A9-4EAE-8F68-1C0C063BF0F0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7BCE8286-5473-4A66-9631-ED3855AC4D34} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {80479685-3534-4BE7-8CE1-00F3D7008EE2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8310BD37-C671-4E35-A3B1-1774326841EF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8EAA295E-872C-4853-9415-59F74E1F419E} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {BFB60210-7750-49F4-88E7-1C3432A5900B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C03F7A78-6F95-4D46-8910-909E3985D166} - System32\Tasks\SafeZone scheduled Autoupdate 1478728427 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {C7794263-B06F-4A93-91BA-900ED6CFED2B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {CDB774BA-F500-4B07-903A-7CA61B58EC47} - \FKHUqGXICk -> No File <==== ATTENTION
Task: {CE95F748-542D-4D0F-A392-50EE2896DF84} - System32\Tasks\Maylace2 Metrics HTML Editor => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Maylace2 Metrics HTML Editor\Maylace2 Metrics HTML Editor.dll",aImUTxWiZcgF <==== ATTENTION
Task: {DB7C433E-629D-4BCB-B165-B5816269C6C8} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {E0FDF5A5-BA03-4731-A1CD-FF830940DE4D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E9B1DA97-6A22-45C2-A2DC-986D5B51ACE1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F8EE0164-C9F6-4355-AFE8-DAAB2326BFC5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler (No File)
Task: {FACA9332-1499-453B-AF6C-A5F1114DF88A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => path not found
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => path not found
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => path not found
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => path not found
U3 idsvc; no ImagePath
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\RR\AppData\Local\Temp\tmp67F.tmp [X] <==== ATTENTION
C:\Users\RR\AppData\Local\Temp\tmp67F.tmp
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
AlternateDataStreams: C:\ProgramData\TEMP:58A5270D [388]
AlternateDataStreams: C:\ProgramData\TEMP:D8999815 [169]
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

offline
  • Pridružio: 15 Dec 2008
  • Poruke: 166
  • Gde živiš: Beograd

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-01-2022
Ran by RR (17-01-2022 18:34:12) Run:1
Running from C:\Users\RR\Desktop
Loaded Profiles: RR
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\RR\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {15206B4F-730F-43BC-8D4E-692FEA82A8BE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1BB23819-57F3-4721-B06B-62022C368445} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2B89D859-369D-4DA9-B2DA-FB5A94E179A4} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {2DA924DE-00B3-429F-A6FA-DBF8296C2210} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {44ED989D-0242-4DE0-BE62-816D926F862A} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1957820526-533511395-3661414503-1009 => C:\Users\RR\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {4CB290C1-8BAC-44E4-9A7D-B5D9965E3D0B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {6858C9E9-C5A9-4EAE-8F68-1C0C063BF0F0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {7BCE8286-5473-4A66-9631-ED3855AC4D34} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {80479685-3534-4BE7-8CE1-00F3D7008EE2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8310BD37-C671-4E35-A3B1-1774326841EF} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8EAA295E-872C-4853-9415-59F74E1F419E} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {BFB60210-7750-49F4-88E7-1C3432A5900B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C03F7A78-6F95-4D46-8910-909E3985D166} - System32\Tasks\SafeZone scheduled Autoupdate 1478728427 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {C7794263-B06F-4A93-91BA-900ED6CFED2B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {CDB774BA-F500-4B07-903A-7CA61B58EC47} - \FKHUqGXICk -> No File <==== ATTENTION
Task: {CE95F748-542D-4D0F-A392-50EE2896DF84} - System32\Tasks\Maylace2 Metrics HTML Editor => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Maylace2 Metrics HTML Editor\Maylace2 Metrics HTML Editor.dll",aImUTxWiZcgF <==== ATTENTION
Task: {DB7C433E-629D-4BCB-B165-B5816269C6C8} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {E0FDF5A5-BA03-4731-A1CD-FF830940DE4D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E9B1DA97-6A22-45C2-A2DC-986D5B51ACE1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F8EE0164-C9F6-4355-AFE8-DAAB2326BFC5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler (No File)
Task: {FACA9332-1499-453B-AF6C-A5F1114DF88A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => path not found
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => path not found
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => path not found
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => path not found
U3 idsvc; no ImagePath
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\RR\AppData\Local\Temp\tmp67F.tmp [X] <==== ATTENTION
C:\Users\RR\AppData\Local\Temp\tmp67F.tmp
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:58A5270D [388]
AlternateDataStreams: C:\ProgramData\TEMP:D8999815 [169]
EmptyTemp:
*****************

Restore point was successfully created.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
C:\Users\RR\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{15206B4F-730F-43BC-8D4E-692FEA82A8BE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{15206B4F-730F-43BC-8D4E-692FEA82A8BE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1BB23819-57F3-4721-B06B-62022C368445}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BB23819-57F3-4721-B06B-62022C368445}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B89D859-369D-4DA9-B2DA-FB5A94E179A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B89D859-369D-4DA9-B2DA-FB5A94E179A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2DA924DE-00B3-429F-A6FA-DBF8296C2210}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DA924DE-00B3-429F-A6FA-DBF8296C2210}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{44ED989D-0242-4DE0-BE62-816D926F862A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44ED989D-0242-4DE0-BE62-816D926F862A}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1957820526-533511395-3661414503-1009 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-1957820526-533511395-3661414503-1009" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CB290C1-8BAC-44E4-9A7D-B5D9965E3D0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CB290C1-8BAC-44E4-9A7D-B5D9965E3D0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6858C9E9-C5A9-4EAE-8F68-1C0C063BF0F0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6858C9E9-C5A9-4EAE-8F68-1C0C063BF0F0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BCE8286-5473-4A66-9631-ED3855AC4D34}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BCE8286-5473-4A66-9631-ED3855AC4D34}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{80479685-3534-4BE7-8CE1-00F3D7008EE2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80479685-3534-4BE7-8CE1-00F3D7008EE2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8310BD37-C671-4E35-A3B1-1774326841EF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8310BD37-C671-4E35-A3B1-1774326841EF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8EAA295E-872C-4853-9415-59F74E1F419E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8EAA295E-872C-4853-9415-59F74E1F419E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BFB60210-7750-49F4-88E7-1C3432A5900B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFB60210-7750-49F4-88E7-1C3432A5900B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{C03F7A78-6F95-4D46-8910-909E3985D166}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C03F7A78-6F95-4D46-8910-909E3985D166}" => removed successfully
C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1478728427 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SafeZone scheduled Autoupdate 1478728427" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7794263-B06F-4A93-91BA-900ED6CFED2B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7794263-B06F-4A93-91BA-900ED6CFED2B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CDB774BA-F500-4B07-903A-7CA61B58EC47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CDB774BA-F500-4B07-903A-7CA61B58EC47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FKHUqGXICk" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CE95F748-542D-4D0F-A392-50EE2896DF84}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE95F748-542D-4D0F-A392-50EE2896DF84}" => removed successfully
C:\WINDOWS\System32\Tasks\Maylace2 Metrics HTML Editor => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Maylace2 Metrics HTML Editor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB7C433E-629D-4BCB-B165-B5816269C6C8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB7C433E-629D-4BCB-B165-B5816269C6C8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0FDF5A5-BA03-4731-A1CD-FF830940DE4D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0FDF5A5-BA03-4731-A1CD-FF830940DE4D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E9B1DA97-6A22-45C2-A2DC-986D5B51ACE1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E9B1DA97-6A22-45C2-A2DC-986D5B51ACE1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8EE0164-C9F6-4355-AFE8-DAAB2326BFC5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8EE0164-C9F6-4355-AFE8-DAAB2326BFC5}" => removed successfully
C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DropboxUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FACA9332-1499-453B-AF6C-A5F1114DF88A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FACA9332-1499-453B-AF6C-A5F1114DF88A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
HKLM\System\CurrentControlSet\Services\semav6msr64 => removed successfully
semav6msr64 => service removed successfully
HKLM\System\CurrentControlSet\Services\SWDUMon => removed successfully
SWDUMon => service removed successfully
HKLM\System\CurrentControlSet\Services\WinRing0_1_2_0 => removed successfully
WinRing0_1_2_0 => service removed successfully
"C:\Users\RR\AppData\Local\Temp\tmp67F.tmp" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WondershareVideoConverterFileOpreation => removed successfully
HKLM\Software\Classes\CLSID\{FEB746CA-95C2-485F-B386-C30D4E56D22E} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\ProgramData\TEMP => ":58A5270D" ADS removed successfully
C:\ProgramData\TEMP => ":D8999815" ADS removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24230048 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 167978 B
Edge => 5948678 B
Chrome => 240892646 B
Brave => 280221 B
Firefox => 11499046 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 15402 B
NetworkService => 5863740 B
RR => 95907767 B
DefaultAppPool => 95907767 B

RecycleBin => 0 B
EmptyTemp: => 458.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:34:55 ====

offline
  • helen1  Male
  • Anti Malware Fighter
    Rank 2
  • Master učitelj
  • Pridružio: 27 Avg 2005
  • Poruke: 8488
  • Gde živiš: Novi Beograd

Da li ima nekog poboljsanja?

Ko je trenutno na forumu
 

Ukupno su 590 korisnika na forumu :: 25 registrovanih, 3 sakrivenih i 562 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: amaterSRB, bato, croato, darkstar101, dragon986, Dragstor, Gagi193, Georgius, GrobarRomanticar, liman, loon123, Mercury, moldway, mustangkg, nuke92, pedja.st, Srki94, stug, Tas011, vasa.93, vobo, willie, wizzardone, zodiac94, Zuna77