dobrý den prosím o kontrolu logu, notebook Windows 7 zpomalený i nejsou spustit programy atd. Včera použit Adwcleaner
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by Denca (06-03-2018 11:47:27)
Running from C:\Users\Denca\Desktop
Windows 7 Professional Service Pack 1 (X64) (2017-09-14 14:17:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3287351460-178487067-2576288362-500 - Administrator - Disabled)
Denca (S-1-5-21-3287351460-178487067-2576288362-1000 - Administrator - Enabled) => C:\Users\Denca
Guest (S-1-5-21-3287351460-178487067-2576288362-501 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7 Sticky Notes (HKLM-x32\...\{2DB7DD8E-F17B-408A-B93B-92867EF7974D}_is1) (Version: - Fabio Martin)
ACA & MEP 2017 Object Enabler (HKLM\...\{28B89EEF-0004-0000-5102-CF3F3A09B77D}) (Version: 7.9.45.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-0001-0000-3102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.8 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
AutoCAD 2017 – Čeština (Czech) (HKLM\...\{28B89EEF-0001-0405-2102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 (HKLM\...\{28B89EEF-0001-0000-0102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
AutoCAD 2017 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-0001-0405-1102-CF3F3A09B77D}) (Version: 21.0.52.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2017 (HKLM-x32\...\{8ED2ED41-4455-449D-993C-751C039089B9}) (Version: 15.11.3.0 - Autodesk)
Autodesk App Manager 2016-2017 (HKLM-x32\...\{C0954809-F5DC-426C-847E-8409DE14E4C0}) (Version: 2.2.0 - Autodesk)
Autodesk AutoCAD 2017 – Čeština (Czech) (HKLM\...\AutoCAD 2017 – Čeština (Czech)) (Version: 21.0.52.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.5 (HKLM-x32\...\{8600F844-9AA5-412E-B6F2-F9C6CBCFD268}) (Version: 1.2.5.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2017 Add-in 64 bit (HKLM\...\{276A67E0-71EB-4827-B5F7-2ACF02BC1A5B}) (Version: 4.37.6853 - Autodesk)
Autodesk License Service (x64) - 3.1 (HKLM\...\{EB6FE58F-8576-4272-BB9C-6B47D9EDFA4D}) (Version: 3.1.26.0 - Autodesk)
Autodesk Material Library 2017 (HKLM-x32\...\{8FB9F735-D64C-4991-8D91-4CDDAB1ABDEE}) (Version: 15.11.3.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2017 (HKLM-x32\...\{3FBFBC43-9882-43FA-B979-2D53896747B3}) (Version: 15.11.3.0 - Autodesk)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (11/20/2013 1.0.0.194) (HKLM\...\8BA9C239ED04E09F06755E1497239BEFC08085C2) (Version: 11/20/2013 1.0.0.194 - ASUS)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre 64bit (HKLM\...\{B16F2206-747F-4758-ADA9-76148D2C0C35}) (Version: 3.7.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
Crystal Reports for Visual Studio (HKLM-x32\...\{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}) (Version: 12.51.0.240 - SAP) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Discord) (Version: 0.0.299 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 390.65 - NVIDIA Corporation) Hidden
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Driver Booster 4.5 (HKLM-x32\...\Driver Booster_is1) (Version: 4.5.0 - IObit)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
iCloud (HKLM\...\{694E3E02-E14A-4BB2-A970-CF7F017FD5CC}) (Version: 7.3.0.20 - Apple Inc.)
Import souborů SketchUp 2016-2017 (HKLM-x32\...\{063925DB-9D8C-48E2-8F04-1B7038B6C783}) (Version: 2.2.0 - Autodesk)
inSSIDer Office (HKLM-x32\...\{F7F37748-A121-4B38-8192-6453E1FF5ADD}) (Version: 4.4.0.6 - MetaGeek, LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation)
iTunes (HKLM\...\{412595B6-5162-4792-8DEE-2766FBC6C1EC}) (Version: 12.7.2.60 - Apple Inc.)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.9001.2171 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.02200 - Nero AG)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 390.65 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Odinstalace tiskárny EPSON XP-342 343 345 Series (HKLM\...\EPSON XP-342 343 345 Series) (Version: - Seiko Epson Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9001.2171 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2171 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2171 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.9001.2171 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.12.32066 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 390.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 390.65 - NVIDIA Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.6.378 - Autodesk)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Prerequisite installer (HKLM-x32\...\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0005 - Nero AG) Hidden
ProgDVB x64 x64 (HKLM\...\ProgDVB) (Version: 7.x - Prog)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 2.2.2.2 - Ralink)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.27055 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.115.1208.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Speciální aplikace Autodesk 2016-2017 (HKLM-x32\...\{27C15055-713B-4D0E-881F-19598A2DFD59}) (Version: 2.2.0 - Autodesk)
Sql Server Customer Experience Improvement Program (HKLM\...\{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}) (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Stronghold Crusader 2_is1) (Version: - )
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.5 - Electronic Arts)
Uplay (HKLM-x32\...\Uplay) (Version: 45.1 - Ubisoft)
Viber (HKLM-x32\...\{4A9DFEB9-9877-4BE6-ADA9-ABCE377FADD9}) (Version: 6.9.5.1166 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\{c180934f-5f69-4377-8153-a1c4b6380796}) (Version: 6.9.5.1166 - Viber Media Inc.)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
War Thunder Launcher 1.0.3.60 (HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2014.3 - URSoft, Inc.)
zavvyuka (HKLM-x32\...\{94A65759-6B3F-4AF8-944A-66F3FABDEFDE}_is1) (Version: 1.0.05 - Novuco)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3287351460-178487067-2576288362-1000_Classes\CLSID\{0D327DA6-B4DF-4842-B833-2CFF84F0948F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3287351460-178487067-2576288362-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2017\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3287351460-178487067-2576288362-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2017\cs-CZ\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> [CC]{2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => -> No File
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-01-10] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2013-02-21] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-01-04] (NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0133BAB9-D53E-4724-9702-FF52D150EDA8} - System32\Tasks\Driver Booster SkipUAC (Denca) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe [2017-07-28] (IObit)
Task: {064EAEA7-639C-4FCC-8EAA-772993E94AB0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-08] (Microsoft Corporation)
Task: {0DDEA17B-498F-4107-AE72-769BCEF809EB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-04] (NVIDIA Corporation)
Task: {0EDF2946-0369-48BA-9C4B-10B814B23544} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-08-20] (Nero AG)
Task: {11D73D69-13E4-4D14-8CBF-2C07482E72B9} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-04-13] (Realtek Semiconductor)
Task: {1C836F1C-E2B2-47FC-BADC-00F7B005D280} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {276D852E-277E-430D-A8CC-A5359890CBE3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {3363D201-DA2D-4A54-BC48-558B3AC41359} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {3D5923B4-A34E-4A48-B958-D5921F4802B8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-04] (NVIDIA Corporation)
Task: {405F975F-77D0-4E13-82FA-AA44902DB4FE} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-04] (NVIDIA Corporation)
Task: {5686986F-EBD6-4CDF-96E1-77A5429C7AFA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_126_pepper.exe [2017-12-12] (Adobe Systems Incorporated)
Task: {695EC18D-F428-4CA0-9C7F-8199945B31C0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-20] (Microsoft Corporation)
Task: {794BAA93-7A8C-4F23-9DDF-833158258C58} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-02-20] (Microsoft Corporation)
Task: {7C891675-3BDC-4FC1-88AD-86FE6FE52219} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-12-12] (AsusTek)
Task: {88BA1E53-3BFD-4A7E-B65D-9B8C084F3E08} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-04] (NVIDIA Corporation)
Task: {9687DF2E-E9B0-4DD9-BC5A-99D4D9D9AB7C} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-09-09] (ASUSTek Computer Inc.)
Task: {9985FD77-9023-4D3B-8F47-07DB39689E65} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {9C88C390-2177-4425-B12C-5AD401A7B9F0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-04] (NVIDIA Corporation)
Task: {A15328F2-FA52-4FEF-AA81-4C85798ED8D2} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2017-04-13] (Realtek Semiconductor)
Task: {A24083F2-D2E0-481A-BE13-5AF9EE27F248} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-14] (Google Inc.)
Task: {A3FC6F6E-1D88-403E-B69A-588F98486AAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-14] (Google Inc.)
Task: {AA203FB6-B3E1-49D8-B3D4-9644233BC183} - System32\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSREE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {B6E67482-D228-4014-9EEE-41C8B23803AD} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-04] (NVIDIA Corporation)
Task: {C9D7F3E2-1621-43AA-8AF8-5ED518182797} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-20] (Microsoft Corporation)
Task: {DF9F7976-D52C-450E-9CB6-81B5B0D3F560} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-04] (NVIDIA Corporation)
Task: {E7C5277C-4C45-4D8B-8FFE-0F5939909082} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {EB012B64-CE19-468D-9777-1B01E37783D9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-04] (NVIDIA Corporation)
Task: {EB1CF7CB-9F4A-4AE1-BB6E-849ABA30CC08} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-02-20] (Microsoft Corporation)
Task: {FE049E83-8BCB-4472-ABF7-BF11901C6570} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-02-20] (Microsoft Corporation)
Task: {FFB002EA-2394-4DFD-9D69-090EFF239FB2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-08] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSREE.EXE:/EXE:{423033FF-215C-40B8-AF9E-2835D185F5F1} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [152]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\sharepoint.com -> hxxps://upolomouc-myfiles.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Denca\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
bfe => Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Denca\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: Discord => C:\Users\Denca\AppData\Local\Discord\app-0.0.299\Discord.exe
MSCONFIG\startupreg: Gaijin.Net Agent => "C:\Users\Denca\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E67B96FE-D73D-4729-8445-0E4CF4C2289C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DB94B342-A199-45AC-BA3D-8720DE72D0A4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0549CB1A-EEB5-47E2-B2D9-CEE8B3E693AC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0085026D-7F5C-4818-9FDD-89D135EF9FAE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{29D2C391-A641-489B-9435-FD31F8B57703}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{1DB9D77A-5BE8-4A55-8839-6CA5201ED2B7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C7E7E7A3-A7E5-4780-B609-BB3760A68F36}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{C9E43C98-DB73-4203-A673-73BFD1075D93}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{486FCDD4-0B74-4B92-A9B6-67A93B0C0D14}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{76E8EAA4-2346-4F72-942E-8218E665D771}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
FirewallRules: [{813DC8DD-755B-4727-91E9-0509DAF42187}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{7B5EBF84-3CCB-4F75-881A-398C83482AB6}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DBDownloader.exe
FirewallRules: [{EBB69094-12FC-42AD-86D3-952CAB2E6A04}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [{ECFF5796-A7DC-42C7-A71F-D4AC74DA0C5A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.5.0\AutoUpdate.exe
FirewallRules: [TCP Query User{4E150CF0-D277-481A-89DB-FCD3C7D2F845}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{C3EC8029-0256-4DEA-89C0-D4EB6464E56D}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [TCP Query User{CB15654D-7902-4551-BDA4-1F1A31C772DD}C:\program files (x86)\ioquake3&ta\ioquake3.x86-ta.exe] => (Allow) C:\program files (x86)\ioquake3&ta\ioquake3.x86-ta.exe
FirewallRules: [UDP Query User{850957E9-C286-456E-BAC6-FBC120D0BA2C}C:\program files (x86)\ioquake3&ta\ioquake3.x86-ta.exe] => (Allow) C:\program files (x86)\ioquake3&ta\ioquake3.x86-ta.exe
FirewallRules: [TCP Query User{6973887B-B6CF-48FD-8E39-6ECD80276493}C:\program files (x86)\ioquake3&ta\ioquake3.x86.exe] => (Allow) C:\program files (x86)\ioquake3&ta\ioquake3.x86.exe
FirewallRules: [UDP Query User{F15ACEF2-8ADB-441B-A142-55FB67C9176D}C:\program files (x86)\ioquake3&ta\ioquake3.x86.exe] => (Allow) C:\program files (x86)\ioquake3&ta\ioquake3.x86.exe
FirewallRules: [{4D964B64-4C3A-428D-B1AD-4E58681F2248}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{3DD062D5-E761-4DAC-81DB-C902D1BF7314}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [TCP Query User{EF84C1F0-CB19-4E28-B34B-44E69FB9EE52}C:\users\denca\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\denca\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B16D587A-1717-4BCF-96DC-8BE1814C1014}C:\users\denca\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\denca\appdata\local\akamai\netsession_win.exe
FirewallRules: [{567A66A8-1FE5-4AEC-A0C7-AEE8BF1640BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe
FirewallRules: [{FA3EEE29-9475-44B8-8E82-9D04092E4DB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Squad\binaries\win32\BlackSquadGame.exe
FirewallRules: [TCP Query User{C7566FBC-FF9C-459C-A93D-4452E324B300}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{838F406F-2342-42C6-8254-5DCDAF28BCFD}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [TCP Query User{5AAEB6D4-272C-44E7-8AD5-6E93332DD73D}C:\users\denca\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\denca\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2DC1CF88-F102-4933-A960-DCDD42119EB5}C:\users\denca\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\denca\appdata\local\akamai\netsession_win.exe
FirewallRules: [{3EF98C42-D31B-400C-A357-C8BBEE93B426}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{904D89BB-1B41-4175-8C35-89663AD5CD61}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EF562EA0-A98C-48D8-89FD-473044EAADB2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{91AAE0EE-49F0-4699-B791-5702E540E19C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{54EA9C9D-C0A0-408F-A7C1-B082985B46A0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{A477978C-4175-41BF-998B-59F1F3B9810E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{4EC9A1C9-0B78-4E1C-867F-075FE7A67811}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{C6624E71-42CB-4B0D-880E-71BA7307F407}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [TCP Query User{9A8CF98C-8B93-4191-A64C-4EBC255F869C}C:\hry\warthunder\launcher.exe] => (Allow) C:\hry\warthunder\launcher.exe
FirewallRules: [UDP Query User{A414C8DA-BC87-4319-ACF2-9C2CA8849C9E}C:\hry\warthunder\launcher.exe] => (Allow) C:\hry\warthunder\launcher.exe
FirewallRules: [{7752262D-0F5E-4E08-8452-CD316BF50AB2}] => (Block) C:\hry\warthunder\launcher.exe
FirewallRules: [{D03358AF-76B2-4A90-90A1-7AD008FAB133}] => (Block) C:\hry\warthunder\launcher.exe
FirewallRules: [TCP Query User{AAF2DFB0-AD29-4BF7-A2D8-A0A66F97CC74}C:\hry\warthunder\win64\aces.exe] => (Allow) C:\hry\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{49AB005E-9992-4F43-904C-7DD27C93BD22}C:\hry\warthunder\win64\aces.exe] => (Allow) C:\hry\warthunder\win64\aces.exe
FirewallRules: [{E2E8C090-2333-4165-80F9-182C48E5150A}] => (Block) C:\hry\warthunder\win64\aces.exe
FirewallRules: [{F5E76655-FC8B-4D40-9E78-07D8B84C3461}] => (Block) C:\hry\warthunder\win64\aces.exe
FirewallRules: [{30F6CA9D-7CDE-4BAC-90D8-C256B7CF837E}] => (Allow) C:\Hry\Assassin's Creed III\AC3SP.exe
FirewallRules: [{E99AB17C-BB30-4848-94E8-4E1A911DB0F2}] => (Allow) C:\Hry\Assassin's Creed III\AC3SP.exe
FirewallRules: [{17F14D10-0031-4868-9151-69C26E69A1D0}] => (Allow) C:\Hry\Assassin's Creed III\AC3MP.exe
FirewallRules: [{E7025CC1-59A7-4B21-A45C-C26592E1018F}] => (Allow) C:\Hry\Assassin's Creed III\AC3MP.exe
FirewallRules: [TCP Query User{7BD9C624-4660-4768-B709-8B4247E97FC7}C:\hry\assassin's creed iii\ac3sp.exe] => (Allow) C:\hry\assassin's creed iii\ac3sp.exe
FirewallRules: [UDP Query User{821D7E0F-67CF-4769-AF10-39F4DF1A7944}C:\hry\assassin's creed iii\ac3sp.exe] => (Allow) C:\hry\assassin's creed iii\ac3sp.exe
FirewallRules: [TCP Query User{8F1276B8-8BF4-4BEB-A892-8A3CEB013311}C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe] => (Allow) C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe
FirewallRules: [UDP Query User{53D8CADD-8AC6-4E66-AAF9-7ABF36AA4819}C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe] => (Allow) C:\program files (x86)\stronghold crusader 2\bin\win32_release\crusader2.exe
FirewallRules: [{8AC2E63C-6CA3-42D4-ADB7-1E8DFFC68CBE}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{6CA2AEDF-F607-49FA-AF5F-873B7B27F0A1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{5C80F283-106C-4DD2-8222-B855C86ADC08}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{C3AC3450-ADCA-4F75-8AE0-75D4D18A107A}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{59779F33-5DB5-4008-A633-29CADC240D41}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{ECFE75DE-4B50-4DD3-BAFC-6D727FB152DE}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{54BD4BDD-6688-4044-A24D-084388EC181B}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{20AA0AE3-05CB-41AB-8573-07D9B981A21B}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{562C9B29-BE49-4715-BE2A-DB6025BBA36C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{95843758-89DB-4FE0-AB23-B622906296CB}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{5B5B6F01-783F-47C8-A781-2C4F71C3DBCE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{D3285F2B-9A28-4006-BA71-2300F0694A48}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{35CF27F8-52C9-47F8-ACB0-FB07F18D82F6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5F407F7A-C372-487A-96A6-907F0F8030D6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{401DE19C-57FA-4D1B-975E-1534587B5CE5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{856BEF37-27A4-4C20-8055-C4624B45FEB4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DFE6FF67-ED63-488C-AC40-086D6BEEFD5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{533CFCFA-74FE-4332-AF1D-E7469CAD9FBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Paladins\Binaries\Win32\HirezBridge.exe
FirewallRules: [{76F8C946-44BD-479F-A170-EF8918920ADD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LMS\Launcher.exe
FirewallRules: [{56DF53CA-B0EE-41D6-B50F-A3740D165D0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\LMS\Launcher.exe
FirewallRules: [TCP Query User{83CFAFD4-5CAA-4878-95E3-D0F00C6EB4E2}C:\program files (x86)\steam\steamapps\common\lms\lms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lms\lms.exe
FirewallRules: [UDP Query User{95C7AF3B-A39F-42D7-AC88-D2E997D81D1A}C:\program files (x86)\steam\steamapps\common\lms\lms.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\lms\lms.exe
FirewallRules: [{12EC9DFB-B0C6-4D98-B50E-F48B9AE20576}] => (Block) C:\program files (x86)\steam\steamapps\common\lms\lms.exe
FirewallRules: [{DD9DD266-1B9A-4E70-8EDD-1211C1821F63}] => (Block) C:\program files (x86)\steam\steamapps\common\lms\lms.exe
FirewallRules: [{229B2B7F-7269-4B36-8023-0B141B1E502C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{02272149-A662-4B75-98EB-0A231B1ECC93}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7D509A37-3C60-4FC6-B76B-F992DBB87D1C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D09CC6FD-7D36-4397-81CA-0263225CF3ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{958BB1BD-0668-4D7A-8AAC-205E7CEDD538}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{2831A85A-0BDE-46E1-8B6F-07F8AE064B82}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{67B5D3D4-7239-41D5-8EC7-16BCDF960109}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [{34F2B042-2B51-489D-83F7-C178A32BAF06}] => (Allow) D:\HRY\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
FirewallRules: [{2ED8FAA5-5709-47A6-8C0D-70AB7623A34B}] => (Allow) D:\HRY\Theme Hospital\data\Game\DOSBox\EALaunchHelper.exe
FirewallRules: [{D9223132-89EA-4894-9A6B-B9F603D79870}] => (Allow) D:\HRY\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{37DEBA4A-F1A3-49F3-901F-12317CA505E4}] => (Allow) D:\HRY\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{B74012C8-FFF4-420C-A0C8-A461C5AFD182}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [TCP Query User{8ACF390B-4588-41E3-A6C5-57A116F0CE75}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{A43A8AE6-FFF7-4A16-A881-7AD623280F33}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{110F8D77-6665-49C7-ADA8-F281F0090CC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Uživatelská infračervená zařízení
Description: Uživatelská infračervená zařízení
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: circlass
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (03/06/2018 11:47:38 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007043c, Tuto službu nelze spustit v nouzovém režimu.
.
Operace:
Vytvoření instance serveru VSS
Error: (03/06/2018 11:47:38 AM) (Source: VSS) (EventID: 18) (User: )
Description: Chyba služby Stínová kopie svazku: Server COM s identifikátorem CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} a názvem IVssCoordinatorEx2 nelze spustit v nouzovém režimu.
Službu Stínová kopie svazku nelze spustit v nouzovém režimu. [0x8007043c, Tuto službu nelze spustit v nouzovém režimu.
]
Operace:
Vytvoření instance serveru VSS
Error: (03/05/2018 01:00:49 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Službu nelze spustit. System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
v SetupAfterRebootService.SetupARService.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/05/2018 07:41:16 AM) (Source: SetupARService) (EventID: 0) (User: )
Description: Službu nelze spustit. System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
v SetupAfterRebootService.SetupARService.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/05/2018 04:26:50 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Microsoft Office Click-to-Run Client.
Program: Microsoft Office Click-to-Run Client
Soubor: C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.
Další údaje
Hodnota chyby: C0000185
Typ disku: 3
Error: (03/05/2018 04:26:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: OfficeC2RClient.exe, verze: 16.0.9001.2171, časové razítko: 0x5a7cdc18
Název chybujícího modulu: OfficeC2RClient.exe, verze: 16.0.9001.2171, časové razítko: 0x5a7cdc18
Kód výjimky: 0xc0000006
Posun chyby: 0x00000000000ca61c
ID chybujícího procesu: 0x10f0
Čas spuštění chybující aplikace: 0x01d3b4303521cf8c
Cesta k chybující aplikaci: C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
Cesta k chybujícímu modulu: C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
ID zprávy: 0a8a5103-2025-11e8-ab19-e03f49d4230d
Error: (03/05/2018 04:23:54 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru C:\Windows\System32\qmgr.dll z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program Host Process for Windows Services.
Program: Host Process for Windows Services
Soubor: C:\Windows\System32\qmgr.dll
Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.
Další údaje
Hodnota chyby: C0000185
Typ disku: 3
Error: (03/05/2018 04:23:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_BITS, verze: 6.1.7600.16385, časové razítko: 0x4a5bc3c1
Název chybujícího modulu: qmgr.dll, verze: 7.5.7601.17514, časové razítko: 0x4ce7c961
Kód výjimky: 0xc0000006
Posun chyby: 0x000000000003402b
ID chybujícího procesu: 0x1e8
Čas spuštění chybující aplikace: 0x01d3b3f16a4b173a
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: c:\windows\system32\qmgr.dll
ID zprávy: a1c070f8-2024-11e8-ab19-e03f49d4230d
System errors:
=============
Error: (03/06/2018 11:47:38 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1084 = Tuto službu nelze spustit v nouzovém režimu. při pokusu o spuštění služby VSS s argumenty za účelem spuštění serveru:
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
Error: (03/06/2018 11:46:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (03/06/2018 11:46:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (03/06/2018 11:46:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (03/06/2018 11:21:38 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (03/06/2018 11:17:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Rozpoznávací modul sběrnice PnP-X IP závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (03/06/2018 11:16:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Error: (03/06/2018 11:16:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.
Windows Defender:
===================================
Date: 2017-09-15 14:56:03.878
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{B2B31BB7-4DC3-475F-B638-9D1D8732857F}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2018-03-04 21:41:28.879
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Zálohování
Kód chyby:0x8007045d
Popis chyby:Žádost nebylo možno provést z důvodu chyby zařízení I/O.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2018-03-04 11:00:28.226
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Zálohování
Kód chyby:0x8007045d
Popis chyby:Žádost nebylo možno provést z důvodu chyby zařízení I/O.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
Date: 2018-03-03 12:05:40.256
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80096010
Popis chyby:Digitální podpis objektu nebyl ověřen.
Verze podpisu:1.263.48.0
Verze modulu:1.1.14600.4
Date: 2017-12-23 11:44:50.170
Description:
Modul programu %1 byl ukončen v důsledku neočekávané chyby.
Typ chyby:%5
Kód výjimky:%6
Zdroj:%3
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 26%
Total physical RAM: 3981.62 MB
Available physical RAM: 2942.48 MB
Total Virtual: 9950.8 MB
Available Virtual: 9061.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:537.11 GB) (Free:108.16 GB) NTFS
Drive d: () (Fixed) (Total:161.43 GB) (Free:132.84 GB) NTFS
Drive f: (KINGSTON) (Removable) (Total:14.43 GB) (Free:10.07 GB) NTFS
\\?\Volume{a1a65d1b-9952-11e7-bcb5-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: DC0C5B75)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=537.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=161.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 14.4 GB) (Disk ID: 438FC030)
Partition 1: (Active) - (Size=14.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalý notebook, při otevření program zamrzá systém
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118248
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý notebook, při otevření program zamrzá systém
Zdravím!
Kromě Additional bych ještě potřeboval vidět obsah souboru frst.txt. Děkuji.
Kromě Additional bych ještě potřeboval vidět obsah souboru frst.txt. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý notebook, při otevření program zamrzá systém
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018
Ran by Denca (administrator) on DENCA-PC (06-03-2018 11:46:21)
Running from C:\Users\Denca\Desktop
Loaded Profiles: Denca (Available Profiles: Denca)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Run: [ProgLauncher] => C:\Program Files\ProgDVB x64\ProgLauncher.exe [659184 2017-09-07] ()
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\MountPoints2: {4f4feeae-12f2-11e8-81fb-e03f49d4230d} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171896 2018-01-04] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244
Tcpip\..\Interfaces\{44BD4DEE-C181-46AE-9F4D-078C73818CCE}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{66E8D58B-9077-453D-AC43-3AE2D0C6278B}: [DhcpNameServer] 94.74.192.252 94.74.192.244
Internet Explorer:
==================
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-02-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-02-06] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-02-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-08-20] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.funnysearching.com/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default [2018-03-06]
CHR Extension: (Prezentace) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-14]
CHR Extension: (YouTube) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-14]
CHR Extension: (Slinky Elegantní) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2017-09-18]
CHR Extension: (Facebook) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-09-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-19]
CHR Extension: (Tabulky) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-14]
CHR Extension: (Gmail) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-14]
CHR Extension: (Chrome Media Router) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk Inc.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-10-02] ()
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7968424 2018-02-08] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526888 2017-10-19] (EasyAntiCheat Ltd)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2156864 2018-03-02] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3026760 2018-03-02] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2018-01-08] ()
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2018-02-21] (Realtek Semiconductor.) [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [73512 2017-09-20] (ASUS Corporation)
S3 AVerAF35; C:\Windows\System32\Drivers\HPAF35.sys [511104 2009-10-19] (Hewlett-Packard)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-16] (Disc Soft Ltd)
S3 HPIR; C:\Windows\System32\DRIVERS\HPIR.sys [93184 2009-11-16] (Hewlett-Packard)
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-20] (REALiX(tm))
S3 m76usb; C:\Windows\System32\DRIVERS\m76usb.sys [539336 2017-09-20] (Ralink Technology Corp.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2017-09-20] (Intel Corporation)
S3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2502288 2017-09-20] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2018-01-04] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2018-01-04] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2018-01-04] (NVIDIA Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-06 11:46 - 2018-03-06 11:47 - 000012405 _____ C:\Users\Denca\Desktop\FRST.txt
2018-03-06 11:46 - 2018-03-06 11:46 - 000000000 ____D C:\FRST
2018-03-06 11:45 - 2018-03-06 11:44 - 002403328 _____ (Farbar) C:\Users\Denca\Desktop\FRST64.exe
2018-03-06 11:23 - 2018-03-06 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup
2018-03-04 11:31 - 2018-03-04 17:31 - 000000000 _____ C:\Users\Denca\AppData\Local\{F8446C91-683C-41EF-A097-38DB4301E7BF}
2018-03-04 11:10 - 2018-03-04 11:11 - 000775384 _____ C:\Windows\Minidump\030418-33867-01.dmp
2018-03-04 11:10 - 2018-03-04 11:10 - 477277874 _____ C:\Windows\MEMORY.DMP
2018-03-04 08:40 - 2018-03-04 08:40 - 000000000 ____D C:\Qoobox
2018-03-04 08:39 - 2018-03-04 08:39 - 000000000 ____D C:\Windows\erdnt
2018-03-03 09:05 - 2018-03-03 09:07 - 000000000 ____D C:\AdwCleaner
2018-03-03 09:02 - 2018-03-06 11:46 - 002091692 _____ C:\Windows\ntbtlog.txt
2018-03-02 12:17 - 2018-03-02 12:17 - 000000000 ____D C:\Users\Denca\AppData\Local\Apple Inc
2018-03-02 12:01 - 2018-03-04 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-03-02 12:00 - 2018-03-02 12:00 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2018-03-02 12:00 - 2018-03-02 12:00 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-03-02 11:12 - 2018-03-02 11:12 - 000566305 _____ C:\Users\Denca\Desktop\(1)2_zadost_o_vydani_ZP_XX.pdf
2018-02-28 12:13 - 2018-02-28 16:13 - 000000000 ____D C:\Users\Denca\Desktop\Nová složka
2018-02-27 12:48 - 2018-02-27 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-02-27 12:48 - 2018-02-27 12:48 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2018-02-27 11:42 - 2018-03-05 07:43 - 000000911 _____ C:\Windows\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1}.job
2018-02-27 11:42 - 2018-02-27 11:42 - 000003978 _____ C:\Windows\System32\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1}
2018-02-27 11:42 - 2018-02-27 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-02-27 11:42 - 2018-02-27 11:42 - 000000000 ____D C:\Program Files\Common Files\EPSON
2018-02-27 11:41 - 2018-02-27 12:47 - 000000000 ____D C:\ProgramData\EPSON
2018-02-27 11:41 - 2015-12-09 04:08 - 000182784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBREE.DLL
2018-02-27 11:41 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BREE.DLL
2018-02-26 19:05 - 2018-02-26 19:05 - 000000000 ____D C:\Users\Denca\AppData\LocalLow\Red Dot Games
2018-02-25 18:13 - 2018-02-25 18:14 - 000000000 ____D C:\Users\Denca\AppData\Local\Viber
2018-02-22 16:04 - 2018-02-22 16:04 - 000003168 _____ C:\Windows\System32\Tasks\RTKCPL
2018-02-21 20:01 - 2018-02-22 16:04 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-02-21 20:01 - 2007-08-24 09:10 - 000196608 _____ (Realtek Semiconductor Corp.) C:\Windows\RTASIOCP.exe
2018-02-21 15:02 - 2018-02-21 15:02 - 000049085 _____ C:\Users\Denca\Desktop\pozemek1.pdf
2018-02-21 15:01 - 2018-02-21 15:01 - 000020272 _____ C:\Users\Denca\Desktop\pozemek.pdf
2018-02-20 09:58 - 2018-01-18 22:49 - 000980424 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2018-02-20 09:58 - 2018-01-18 22:49 - 000122816 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2018-02-18 18:32 - 2018-02-18 18:32 - 000000000 ____D C:\Users\Denca\AppData\Local\WellWeWeb
2018-02-18 18:32 - 2018-02-18 18:32 - 000000000 ____D C:\Users\Denca\AppData\Local\Chevolume.com
2018-02-18 18:27 - 2018-02-18 18:27 - 000000000 ____D C:\Program Files (x86)\WellWeWeb
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Roaming\NVIDIA
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Local\SKIDROW
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Local\2K Games
2018-02-18 17:47 - 2018-02-18 17:47 - 000000708 _____ C:\Users\Denca\Desktop\MAFIA II .lnk
2018-02-14 10:59 - 2018-01-22 00:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-02-14 10:59 - 2018-01-22 00:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-02-14 10:59 - 2018-01-19 15:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-02-06 19:14 - 2018-02-06 19:14 - 000000000 ____D C:\ProgramData\EA Logs
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-06 11:43 - 2017-12-19 08:21 - 000000000 ____D C:\ProgramData\TEMP
2018-03-06 11:41 - 2017-10-06 17:07 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-03-06 11:22 - 2009-07-14 16:18 - 000735288 _____ C:\Windows\system32\perfh005.dat
2018-03-06 11:22 - 2009-07-14 16:18 - 000167006 _____ C:\Windows\system32\perfc005.dat
2018-03-06 11:22 - 2009-07-14 06:13 - 001771280 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-06 11:22 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-05 12:59 - 2018-01-10 19:24 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-05 12:58 - 2018-02-02 09:06 - 000000000 ____D C:\ProgramData\Origin
2018-03-05 12:57 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-05 08:50 - 2017-11-16 21:54 - 000000000 ____D C:\Users\Denca\Desktop\BYDLENÍ
2018-03-05 04:27 - 2009-07-14 06:08 - 000019410 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-03-05 04:23 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-05 04:23 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-05 04:16 - 2017-12-11 12:19 - 000000000 ____D C:\Users\Denca\AppData\Local\CrashDumps
2018-03-04 11:10 - 2017-11-02 18:50 - 000000000 ____D C:\Windows\Minidump
2018-03-03 11:18 - 2017-09-14 15:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-03 11:16 - 2017-11-16 22:09 - 000004130 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-03-02 16:28 - 2017-09-17 20:33 - 000000000 ____D C:\Users\Denca\Documents\ViberDownloads
2018-03-02 12:17 - 2017-11-09 10:28 - 000000000 ____D C:\Users\Denca\AppData\Roaming\Apple Computer
2018-03-02 12:14 - 2018-02-02 09:32 - 000000000 ____D C:\Program Files (x86)\Origin
2018-03-02 12:01 - 2017-11-09 10:28 - 000000000 ____D C:\Users\Denca\AppData\Local\Apple Computer
2018-03-02 12:01 - 2017-11-09 10:23 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-03-02 12:00 - 2017-11-09 10:24 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-03-02 11:55 - 2017-09-24 18:11 - 000000000 ____D C:\Users\Denca\Desktop\třeťák
2018-03-01 11:38 - 2017-09-18 15:27 - 000000000 ____D C:\Users\Denca\AppData\Roaming\vlc
2018-02-28 16:44 - 2017-10-03 14:42 - 000000000 ____D C:\Users\Denca\Desktop\filmy
2018-02-28 11:10 - 2017-09-14 15:53 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-28 11:10 - 2017-09-14 15:53 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-27 11:45 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-02-27 00:26 - 2017-09-15 15:06 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-26 22:35 - 2017-09-18 15:31 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-26 22:34 - 2017-09-18 15:32 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-26 11:08 - 2017-12-13 10:29 - 000000000 ____D C:\Hry
2018-02-26 10:35 - 2018-02-02 09:23 - 000000000 ____D C:\Users\Denca\Desktop\hry
2018-02-25 18:13 - 2017-09-17 20:33 - 000000000 ____D C:\Users\Denca\AppData\Roaming\ViberPC
2018-02-22 16:04 - 2017-11-16 22:18 - 000003180 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2018-02-22 16:04 - 2017-09-20 11:04 - 000319042 _____ C:\Windows\system32\Drivers\RTWAVES40.dat
2018-02-22 16:00 - 2017-10-05 13:34 - 000000000 ____D C:\Users\Denca\AppData\Local\ElevatedDiagnostics
2018-02-22 15:56 - 2017-09-14 16:04 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-02-21 19:54 - 2017-09-14 15:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-20 09:58 - 2017-09-14 16:01 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-02-20 07:55 - 2017-09-17 20:57 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-20 07:51 - 2017-09-17 20:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-18 18:31 - 2017-09-20 11:06 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-15 18:38 - 2017-09-21 13:09 - 000000000 ____D C:\Windows\system32\appraiser
2018-02-15 09:13 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-02-15 09:06 - 2017-10-12 08:09 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-02-15 09:06 - 2017-09-14 16:04 - 000000000 ____D C:\Windows\system32\MRT
2018-02-15 09:05 - 2017-09-14 16:03 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-02-10 08:44 - 2018-02-02 09:33 - 000000000 ____D C:\Users\Denca\AppData\Roaming\Origin
2018-02-10 08:18 - 2017-09-14 16:11 - 001746930 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-02-08 12:28 - 2018-02-02 10:14 - 000000000 ____D C:\Users\Denca\Desktop\Večerníčky
2018-02-06 19:14 - 2018-02-02 10:24 - 000000000 ____D C:\ProgramData\Electronic Arts
==================== Files in the root of some directories =======
2017-10-05 13:21 - 2017-10-05 13:21 - 000000017 _____ () C:\Users\Denca\AppData\Local\resmon.resmoncfg
2018-03-04 11:31 - 2018-03-04 17:31 - 000000000 _____ () C:\Users\Denca\AppData\Local\{F8446C91-683C-41EF-A097-38DB4301E7BF}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-27 12:23
==================== End of FRST.txt ============================
Ran by Denca (administrator) on DENCA-PC (06-03-2018 11:46:21)
Running from C:\Users\Denca\Desktop
Loaded Profiles: Denca (Available Profiles: Denca)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Run: [ProgLauncher] => C:\Program Files\ProgDVB x64\ProgLauncher.exe [659184 2017-09-07] ()
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\MountPoints2: {4f4feeae-12f2-11e8-81fb-e03f49d4230d} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171896 2018-01-04] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244
Tcpip\..\Interfaces\{44BD4DEE-C181-46AE-9F4D-078C73818CCE}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{66E8D58B-9077-453D-AC43-3AE2D0C6278B}: [DhcpNameServer] 94.74.192.252 94.74.192.244
Internet Explorer:
==================
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-02-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-02-06] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-02-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-08-20] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.funnysearching.com/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default [2018-03-06]
CHR Extension: (Prezentace) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-14]
CHR Extension: (YouTube) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-14]
CHR Extension: (Slinky Elegantní) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2017-09-18]
CHR Extension: (Facebook) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-09-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-19]
CHR Extension: (Tabulky) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-14]
CHR Extension: (Gmail) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-14]
CHR Extension: (Chrome Media Router) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk Inc.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-10-02] ()
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7968424 2018-02-08] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526888 2017-10-19] (EasyAntiCheat Ltd)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2156864 2018-03-02] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3026760 2018-03-02] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2018-01-08] ()
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2018-02-21] (Realtek Semiconductor.) [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [73512 2017-09-20] (ASUS Corporation)
S3 AVerAF35; C:\Windows\System32\Drivers\HPAF35.sys [511104 2009-10-19] (Hewlett-Packard)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-16] (Disc Soft Ltd)
S3 HPIR; C:\Windows\System32\DRIVERS\HPIR.sys [93184 2009-11-16] (Hewlett-Packard)
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-20] (REALiX(tm))
S3 m76usb; C:\Windows\System32\DRIVERS\m76usb.sys [539336 2017-09-20] (Ralink Technology Corp.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2017-09-20] (Intel Corporation)
S3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2502288 2017-09-20] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2018-01-04] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2018-01-04] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2018-01-04] (NVIDIA Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-06 11:46 - 2018-03-06 11:47 - 000012405 _____ C:\Users\Denca\Desktop\FRST.txt
2018-03-06 11:46 - 2018-03-06 11:46 - 000000000 ____D C:\FRST
2018-03-06 11:45 - 2018-03-06 11:44 - 002403328 _____ (Farbar) C:\Users\Denca\Desktop\FRST64.exe
2018-03-06 11:23 - 2018-03-06 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup
2018-03-04 11:31 - 2018-03-04 17:31 - 000000000 _____ C:\Users\Denca\AppData\Local\{F8446C91-683C-41EF-A097-38DB4301E7BF}
2018-03-04 11:10 - 2018-03-04 11:11 - 000775384 _____ C:\Windows\Minidump\030418-33867-01.dmp
2018-03-04 11:10 - 2018-03-04 11:10 - 477277874 _____ C:\Windows\MEMORY.DMP
2018-03-04 08:40 - 2018-03-04 08:40 - 000000000 ____D C:\Qoobox
2018-03-04 08:39 - 2018-03-04 08:39 - 000000000 ____D C:\Windows\erdnt
2018-03-03 09:05 - 2018-03-03 09:07 - 000000000 ____D C:\AdwCleaner
2018-03-03 09:02 - 2018-03-06 11:46 - 002091692 _____ C:\Windows\ntbtlog.txt
2018-03-02 12:17 - 2018-03-02 12:17 - 000000000 ____D C:\Users\Denca\AppData\Local\Apple Inc
2018-03-02 12:01 - 2018-03-04 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-03-02 12:00 - 2018-03-02 12:00 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2018-03-02 12:00 - 2018-03-02 12:00 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-03-02 11:12 - 2018-03-02 11:12 - 000566305 _____ C:\Users\Denca\Desktop\(1)2_zadost_o_vydani_ZP_XX.pdf
2018-02-28 12:13 - 2018-02-28 16:13 - 000000000 ____D C:\Users\Denca\Desktop\Nová složka
2018-02-27 12:48 - 2018-02-27 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-02-27 12:48 - 2018-02-27 12:48 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2018-02-27 11:42 - 2018-03-05 07:43 - 000000911 _____ C:\Windows\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1}.job
2018-02-27 11:42 - 2018-02-27 11:42 - 000003978 _____ C:\Windows\System32\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1}
2018-02-27 11:42 - 2018-02-27 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-02-27 11:42 - 2018-02-27 11:42 - 000000000 ____D C:\Program Files\Common Files\EPSON
2018-02-27 11:41 - 2018-02-27 12:47 - 000000000 ____D C:\ProgramData\EPSON
2018-02-27 11:41 - 2015-12-09 04:08 - 000182784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBREE.DLL
2018-02-27 11:41 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BREE.DLL
2018-02-26 19:05 - 2018-02-26 19:05 - 000000000 ____D C:\Users\Denca\AppData\LocalLow\Red Dot Games
2018-02-25 18:13 - 2018-02-25 18:14 - 000000000 ____D C:\Users\Denca\AppData\Local\Viber
2018-02-22 16:04 - 2018-02-22 16:04 - 000003168 _____ C:\Windows\System32\Tasks\RTKCPL
2018-02-21 20:01 - 2018-02-22 16:04 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-02-21 20:01 - 2007-08-24 09:10 - 000196608 _____ (Realtek Semiconductor Corp.) C:\Windows\RTASIOCP.exe
2018-02-21 15:02 - 2018-02-21 15:02 - 000049085 _____ C:\Users\Denca\Desktop\pozemek1.pdf
2018-02-21 15:01 - 2018-02-21 15:01 - 000020272 _____ C:\Users\Denca\Desktop\pozemek.pdf
2018-02-20 09:58 - 2018-01-18 22:49 - 000980424 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2018-02-20 09:58 - 2018-01-18 22:49 - 000122816 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2018-02-18 18:32 - 2018-02-18 18:32 - 000000000 ____D C:\Users\Denca\AppData\Local\WellWeWeb
2018-02-18 18:32 - 2018-02-18 18:32 - 000000000 ____D C:\Users\Denca\AppData\Local\Chevolume.com
2018-02-18 18:27 - 2018-02-18 18:27 - 000000000 ____D C:\Program Files (x86)\WellWeWeb
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Roaming\NVIDIA
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Local\SKIDROW
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Local\2K Games
2018-02-18 17:47 - 2018-02-18 17:47 - 000000708 _____ C:\Users\Denca\Desktop\MAFIA II .lnk
2018-02-14 10:59 - 2018-01-22 00:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-02-14 10:59 - 2018-01-22 00:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-02-14 10:59 - 2018-01-19 15:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-02-06 19:14 - 2018-02-06 19:14 - 000000000 ____D C:\ProgramData\EA Logs
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-06 11:43 - 2017-12-19 08:21 - 000000000 ____D C:\ProgramData\TEMP
2018-03-06 11:41 - 2017-10-06 17:07 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-03-06 11:22 - 2009-07-14 16:18 - 000735288 _____ C:\Windows\system32\perfh005.dat
2018-03-06 11:22 - 2009-07-14 16:18 - 000167006 _____ C:\Windows\system32\perfc005.dat
2018-03-06 11:22 - 2009-07-14 06:13 - 001771280 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-06 11:22 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-05 12:59 - 2018-01-10 19:24 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-05 12:58 - 2018-02-02 09:06 - 000000000 ____D C:\ProgramData\Origin
2018-03-05 12:57 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-05 08:50 - 2017-11-16 21:54 - 000000000 ____D C:\Users\Denca\Desktop\BYDLENÍ
2018-03-05 04:27 - 2009-07-14 06:08 - 000019410 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-03-05 04:23 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-05 04:23 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-05 04:16 - 2017-12-11 12:19 - 000000000 ____D C:\Users\Denca\AppData\Local\CrashDumps
2018-03-04 11:10 - 2017-11-02 18:50 - 000000000 ____D C:\Windows\Minidump
2018-03-03 11:18 - 2017-09-14 15:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-03 11:16 - 2017-11-16 22:09 - 000004130 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-03-02 16:28 - 2017-09-17 20:33 - 000000000 ____D C:\Users\Denca\Documents\ViberDownloads
2018-03-02 12:17 - 2017-11-09 10:28 - 000000000 ____D C:\Users\Denca\AppData\Roaming\Apple Computer
2018-03-02 12:14 - 2018-02-02 09:32 - 000000000 ____D C:\Program Files (x86)\Origin
2018-03-02 12:01 - 2017-11-09 10:28 - 000000000 ____D C:\Users\Denca\AppData\Local\Apple Computer
2018-03-02 12:01 - 2017-11-09 10:23 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-03-02 12:00 - 2017-11-09 10:24 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-03-02 11:55 - 2017-09-24 18:11 - 000000000 ____D C:\Users\Denca\Desktop\třeťák
2018-03-01 11:38 - 2017-09-18 15:27 - 000000000 ____D C:\Users\Denca\AppData\Roaming\vlc
2018-02-28 16:44 - 2017-10-03 14:42 - 000000000 ____D C:\Users\Denca\Desktop\filmy
2018-02-28 11:10 - 2017-09-14 15:53 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-28 11:10 - 2017-09-14 15:53 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-27 11:45 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-02-27 00:26 - 2017-09-15 15:06 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-26 22:35 - 2017-09-18 15:31 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-26 22:34 - 2017-09-18 15:32 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-26 11:08 - 2017-12-13 10:29 - 000000000 ____D C:\Hry
2018-02-26 10:35 - 2018-02-02 09:23 - 000000000 ____D C:\Users\Denca\Desktop\hry
2018-02-25 18:13 - 2017-09-17 20:33 - 000000000 ____D C:\Users\Denca\AppData\Roaming\ViberPC
2018-02-22 16:04 - 2017-11-16 22:18 - 000003180 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2018-02-22 16:04 - 2017-09-20 11:04 - 000319042 _____ C:\Windows\system32\Drivers\RTWAVES40.dat
2018-02-22 16:00 - 2017-10-05 13:34 - 000000000 ____D C:\Users\Denca\AppData\Local\ElevatedDiagnostics
2018-02-22 15:56 - 2017-09-14 16:04 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-02-21 19:54 - 2017-09-14 15:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-20 09:58 - 2017-09-14 16:01 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-02-20 07:55 - 2017-09-17 20:57 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-20 07:51 - 2017-09-17 20:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-18 18:31 - 2017-09-20 11:06 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-15 18:38 - 2017-09-21 13:09 - 000000000 ____D C:\Windows\system32\appraiser
2018-02-15 09:13 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-02-15 09:06 - 2017-10-12 08:09 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-02-15 09:06 - 2017-09-14 16:04 - 000000000 ____D C:\Windows\system32\MRT
2018-02-15 09:05 - 2017-09-14 16:03 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-02-10 08:44 - 2018-02-02 09:33 - 000000000 ____D C:\Users\Denca\AppData\Roaming\Origin
2018-02-10 08:18 - 2017-09-14 16:11 - 001746930 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-02-08 12:28 - 2018-02-02 10:14 - 000000000 ____D C:\Users\Denca\Desktop\Večerníčky
2018-02-06 19:14 - 2018-02-02 10:24 - 000000000 ____D C:\ProgramData\Electronic Arts
==================== Files in the root of some directories =======
2017-10-05 13:21 - 2017-10-05 13:21 - 000000017 _____ () C:\Users\Denca\AppData\Local\resmon.resmoncfg
2018-03-04 11:31 - 2018-03-04 17:31 - 000000000 _____ () C:\Users\Denca\AppData\Local\{F8446C91-683C-41EF-A097-38DB4301E7BF}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-27 12:23
==================== End of FRST.txt ============================
Re: Pomalý notebook, při otevření program zamrzá systém
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018
Ran by Denca (administrator) on DENCA-PC (06-03-2018 11:46:21)
Running from C:\Users\Denca\Desktop
Loaded Profiles: Denca (Available Profiles: Denca)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Run: [ProgLauncher] => C:\Program Files\ProgDVB x64\ProgLauncher.exe [659184 2017-09-07] ()
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\MountPoints2: {4f4feeae-12f2-11e8-81fb-e03f49d4230d} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171896 2018-01-04] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244
Tcpip\..\Interfaces\{44BD4DEE-C181-46AE-9F4D-078C73818CCE}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{66E8D58B-9077-453D-AC43-3AE2D0C6278B}: [DhcpNameServer] 94.74.192.252 94.74.192.244
Internet Explorer:
==================
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-02-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-02-06] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-02-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-08-20] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.funnysearching.com/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default [2018-03-06]
CHR Extension: (Prezentace) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-14]
CHR Extension: (YouTube) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-14]
CHR Extension: (Slinky Elegantní) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2017-09-18]
CHR Extension: (Facebook) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-09-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-19]
CHR Extension: (Tabulky) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-14]
CHR Extension: (Gmail) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-14]
CHR Extension: (Chrome Media Router) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk Inc.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-10-02] ()
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7968424 2018-02-08] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526888 2017-10-19] (EasyAntiCheat Ltd)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2156864 2018-03-02] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3026760 2018-03-02] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2018-01-08] ()
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2018-02-21] (Realtek Semiconductor.) [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [73512 2017-09-20] (ASUS Corporation)
S3 AVerAF35; C:\Windows\System32\Drivers\HPAF35.sys [511104 2009-10-19] (Hewlett-Packard)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-16] (Disc Soft Ltd)
S3 HPIR; C:\Windows\System32\DRIVERS\HPIR.sys [93184 2009-11-16] (Hewlett-Packard)
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-20] (REALiX(tm))
S3 m76usb; C:\Windows\System32\DRIVERS\m76usb.sys [539336 2017-09-20] (Ralink Technology Corp.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2017-09-20] (Intel Corporation)
S3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2502288 2017-09-20] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2018-01-04] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2018-01-04] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2018-01-04] (NVIDIA Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-06 11:46 - 2018-03-06 11:47 - 000012405 _____ C:\Users\Denca\Desktop\FRST.txt
2018-03-06 11:46 - 2018-03-06 11:46 - 000000000 ____D C:\FRST
2018-03-06 11:45 - 2018-03-06 11:44 - 002403328 _____ (Farbar) C:\Users\Denca\Desktop\FRST64.exe
2018-03-06 11:23 - 2018-03-06 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup
2018-03-04 11:31 - 2018-03-04 17:31 - 000000000 _____ C:\Users\Denca\AppData\Local\{F8446C91-683C-41EF-A097-38DB4301E7BF}
2018-03-04 11:10 - 2018-03-04 11:11 - 000775384 _____ C:\Windows\Minidump\030418-33867-01.dmp
2018-03-04 11:10 - 2018-03-04 11:10 - 477277874 _____ C:\Windows\MEMORY.DMP
2018-03-04 08:40 - 2018-03-04 08:40 - 000000000 ____D C:\Qoobox
2018-03-04 08:39 - 2018-03-04 08:39 - 000000000 ____D C:\Windows\erdnt
2018-03-03 09:05 - 2018-03-03 09:07 - 000000000 ____D C:\AdwCleaner
2018-03-03 09:02 - 2018-03-06 11:46 - 002091692 _____ C:\Windows\ntbtlog.txt
2018-03-02 12:17 - 2018-03-02 12:17 - 000000000 ____D C:\Users\Denca\AppData\Local\Apple Inc
2018-03-02 12:01 - 2018-03-04 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-03-02 12:00 - 2018-03-02 12:00 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2018-03-02 12:00 - 2018-03-02 12:00 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-03-02 11:12 - 2018-03-02 11:12 - 000566305 _____ C:\Users\Denca\Desktop\(1)2_zadost_o_vydani_ZP_XX.pdf
2018-02-28 12:13 - 2018-02-28 16:13 - 000000000 ____D C:\Users\Denca\Desktop\Nová složka
2018-02-27 12:48 - 2018-02-27 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-02-27 12:48 - 2018-02-27 12:48 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2018-02-27 11:42 - 2018-03-05 07:43 - 000000911 _____ C:\Windows\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1}.job
2018-02-27 11:42 - 2018-02-27 11:42 - 000003978 _____ C:\Windows\System32\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1}
2018-02-27 11:42 - 2018-02-27 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-02-27 11:42 - 2018-02-27 11:42 - 000000000 ____D C:\Program Files\Common Files\EPSON
2018-02-27 11:41 - 2018-02-27 12:47 - 000000000 ____D C:\ProgramData\EPSON
2018-02-27 11:41 - 2015-12-09 04:08 - 000182784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBREE.DLL
2018-02-27 11:41 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BREE.DLL
2018-02-26 19:05 - 2018-02-26 19:05 - 000000000 ____D C:\Users\Denca\AppData\LocalLow\Red Dot Games
2018-02-25 18:13 - 2018-02-25 18:14 - 000000000 ____D C:\Users\Denca\AppData\Local\Viber
2018-02-22 16:04 - 2018-02-22 16:04 - 000003168 _____ C:\Windows\System32\Tasks\RTKCPL
2018-02-21 20:01 - 2018-02-22 16:04 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-02-21 20:01 - 2007-08-24 09:10 - 000196608 _____ (Realtek Semiconductor Corp.) C:\Windows\RTASIOCP.exe
2018-02-21 15:02 - 2018-02-21 15:02 - 000049085 _____ C:\Users\Denca\Desktop\pozemek1.pdf
2018-02-21 15:01 - 2018-02-21 15:01 - 000020272 _____ C:\Users\Denca\Desktop\pozemek.pdf
2018-02-20 09:58 - 2018-01-18 22:49 - 000980424 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2018-02-20 09:58 - 2018-01-18 22:49 - 000122816 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2018-02-18 18:32 - 2018-02-18 18:32 - 000000000 ____D C:\Users\Denca\AppData\Local\WellWeWeb
2018-02-18 18:32 - 2018-02-18 18:32 - 000000000 ____D C:\Users\Denca\AppData\Local\Chevolume.com
2018-02-18 18:27 - 2018-02-18 18:27 - 000000000 ____D C:\Program Files (x86)\WellWeWeb
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Roaming\NVIDIA
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Local\SKIDROW
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Local\2K Games
2018-02-18 17:47 - 2018-02-18 17:47 - 000000708 _____ C:\Users\Denca\Desktop\MAFIA II .lnk
2018-02-14 10:59 - 2018-01-22 00:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-02-14 10:59 - 2018-01-22 00:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-02-14 10:59 - 2018-01-19 15:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-02-06 19:14 - 2018-02-06 19:14 - 000000000 ____D C:\ProgramData\EA Logs
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-06 11:43 - 2017-12-19 08:21 - 000000000 ____D C:\ProgramData\TEMP
2018-03-06 11:41 - 2017-10-06 17:07 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-03-06 11:22 - 2009-07-14 16:18 - 000735288 _____ C:\Windows\system32\perfh005.dat
2018-03-06 11:22 - 2009-07-14 16:18 - 000167006 _____ C:\Windows\system32\perfc005.dat
2018-03-06 11:22 - 2009-07-14 06:13 - 001771280 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-06 11:22 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-05 12:59 - 2018-01-10 19:24 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-05 12:58 - 2018-02-02 09:06 - 000000000 ____D C:\ProgramData\Origin
2018-03-05 12:57 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-05 08:50 - 2017-11-16 21:54 - 000000000 ____D C:\Users\Denca\Desktop\BYDLENÍ
2018-03-05 04:27 - 2009-07-14 06:08 - 000019410 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-03-05 04:23 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-05 04:23 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-05 04:16 - 2017-12-11 12:19 - 000000000 ____D C:\Users\Denca\AppData\Local\CrashDumps
2018-03-04 11:10 - 2017-11-02 18:50 - 000000000 ____D C:\Windows\Minidump
2018-03-03 11:18 - 2017-09-14 15:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-03 11:16 - 2017-11-16 22:09 - 000004130 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-03-02 16:28 - 2017-09-17 20:33 - 000000000 ____D C:\Users\Denca\Documents\ViberDownloads
2018-03-02 12:17 - 2017-11-09 10:28 - 000000000 ____D C:\Users\Denca\AppData\Roaming\Apple Computer
2018-03-02 12:14 - 2018-02-02 09:32 - 000000000 ____D C:\Program Files (x86)\Origin
2018-03-02 12:01 - 2017-11-09 10:28 - 000000000 ____D C:\Users\Denca\AppData\Local\Apple Computer
2018-03-02 12:01 - 2017-11-09 10:23 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-03-02 12:00 - 2017-11-09 10:24 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-03-02 11:55 - 2017-09-24 18:11 - 000000000 ____D C:\Users\Denca\Desktop\třeťák
2018-03-01 11:38 - 2017-09-18 15:27 - 000000000 ____D C:\Users\Denca\AppData\Roaming\vlc
2018-02-28 16:44 - 2017-10-03 14:42 - 000000000 ____D C:\Users\Denca\Desktop\filmy
2018-02-28 11:10 - 2017-09-14 15:53 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-28 11:10 - 2017-09-14 15:53 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-27 11:45 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-02-27 00:26 - 2017-09-15 15:06 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-26 22:35 - 2017-09-18 15:31 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-26 22:34 - 2017-09-18 15:32 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-26 11:08 - 2017-12-13 10:29 - 000000000 ____D C:\Hry
2018-02-26 10:35 - 2018-02-02 09:23 - 000000000 ____D C:\Users\Denca\Desktop\hry
2018-02-25 18:13 - 2017-09-17 20:33 - 000000000 ____D C:\Users\Denca\AppData\Roaming\ViberPC
2018-02-22 16:04 - 2017-11-16 22:18 - 000003180 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2018-02-22 16:04 - 2017-09-20 11:04 - 000319042 _____ C:\Windows\system32\Drivers\RTWAVES40.dat
2018-02-22 16:00 - 2017-10-05 13:34 - 000000000 ____D C:\Users\Denca\AppData\Local\ElevatedDiagnostics
2018-02-22 15:56 - 2017-09-14 16:04 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-02-21 19:54 - 2017-09-14 15:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-20 09:58 - 2017-09-14 16:01 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-02-20 07:55 - 2017-09-17 20:57 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-20 07:51 - 2017-09-17 20:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-18 18:31 - 2017-09-20 11:06 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-15 18:38 - 2017-09-21 13:09 - 000000000 ____D C:\Windows\system32\appraiser
2018-02-15 09:13 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-02-15 09:06 - 2017-10-12 08:09 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-02-15 09:06 - 2017-09-14 16:04 - 000000000 ____D C:\Windows\system32\MRT
2018-02-15 09:05 - 2017-09-14 16:03 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-02-10 08:44 - 2018-02-02 09:33 - 000000000 ____D C:\Users\Denca\AppData\Roaming\Origin
2018-02-10 08:18 - 2017-09-14 16:11 - 001746930 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-02-08 12:28 - 2018-02-02 10:14 - 000000000 ____D C:\Users\Denca\Desktop\Večerníčky
2018-02-06 19:14 - 2018-02-02 10:24 - 000000000 ____D C:\ProgramData\Electronic Arts
==================== Files in the root of some directories =======
2017-10-05 13:21 - 2017-10-05 13:21 - 000000017 _____ () C:\Users\Denca\AppData\Local\resmon.resmoncfg
2018-03-04 11:31 - 2018-03-04 17:31 - 000000000 _____ () C:\Users\Denca\AppData\Local\{F8446C91-683C-41EF-A097-38DB4301E7BF}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-27 12:23
==================== End of FRST.txt ============================
Ran by Denca (administrator) on DENCA-PC (06-03-2018 11:46:21)
Running from C:\Users\Denca\Desktop
Loaded Profiles: Denca (Available Profiles: Denca)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Run: [ProgLauncher] => C:\Program Files\ProgDVB x64\ProgLauncher.exe [659184 2017-09-07] ()
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\MountPoints2: {4f4feeae-12f2-11e8-81fb-e03f49d4230d} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171896 2018-01-04] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244
Tcpip\..\Interfaces\{44BD4DEE-C181-46AE-9F4D-078C73818CCE}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{66E8D58B-9077-453D-AC43-3AE2D0C6278B}: [DhcpNameServer] 94.74.192.252 94.74.192.244
Internet Explorer:
==================
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-02-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-02-06] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-02-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-02-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-02-06] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-21] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-08-20] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.funnysearching.com/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default [2018-03-06]
CHR Extension: (Prezentace) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-14]
CHR Extension: (YouTube) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-14]
CHR Extension: (Slinky Elegantní) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2017-09-18]
CHR Extension: (Facebook) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-09-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-19]
CHR Extension: (Tabulky) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-14]
CHR Extension: (Gmail) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-14]
CHR Extension: (Chrome Media Router) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk Inc.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-10-02] ()
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7968424 2018-02-08] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526888 2017-10-19] (EasyAntiCheat Ltd)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2156864 2018-03-02] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3026760 2018-03-02] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2018-01-08] ()
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2018-02-21] (Realtek Semiconductor.) [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [73512 2017-09-20] (ASUS Corporation)
S3 AVerAF35; C:\Windows\System32\Drivers\HPAF35.sys [511104 2009-10-19] (Hewlett-Packard)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-16] (Disc Soft Ltd)
S3 HPIR; C:\Windows\System32\DRIVERS\HPIR.sys [93184 2009-11-16] (Hewlett-Packard)
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-20] (REALiX(tm))
S3 m76usb; C:\Windows\System32\DRIVERS\m76usb.sys [539336 2017-09-20] (Ralink Technology Corp.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2017-09-20] (Intel Corporation)
S3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2502288 2017-09-20] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2018-01-04] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2018-01-04] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2018-01-04] (NVIDIA Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-06 11:46 - 2018-03-06 11:47 - 000012405 _____ C:\Users\Denca\Desktop\FRST.txt
2018-03-06 11:46 - 2018-03-06 11:46 - 000000000 ____D C:\FRST
2018-03-06 11:45 - 2018-03-06 11:44 - 002403328 _____ (Farbar) C:\Users\Denca\Desktop\FRST64.exe
2018-03-06 11:23 - 2018-03-06 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup
2018-03-04 11:31 - 2018-03-04 17:31 - 000000000 _____ C:\Users\Denca\AppData\Local\{F8446C91-683C-41EF-A097-38DB4301E7BF}
2018-03-04 11:10 - 2018-03-04 11:11 - 000775384 _____ C:\Windows\Minidump\030418-33867-01.dmp
2018-03-04 11:10 - 2018-03-04 11:10 - 477277874 _____ C:\Windows\MEMORY.DMP
2018-03-04 08:40 - 2018-03-04 08:40 - 000000000 ____D C:\Qoobox
2018-03-04 08:39 - 2018-03-04 08:39 - 000000000 ____D C:\Windows\erdnt
2018-03-03 09:05 - 2018-03-03 09:07 - 000000000 ____D C:\AdwCleaner
2018-03-03 09:02 - 2018-03-06 11:46 - 002091692 _____ C:\Windows\ntbtlog.txt
2018-03-02 12:17 - 2018-03-02 12:17 - 000000000 ____D C:\Users\Denca\AppData\Local\Apple Inc
2018-03-02 12:01 - 2018-03-04 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-03-02 12:00 - 2018-03-02 12:00 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2018-03-02 12:00 - 2018-03-02 12:00 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-03-02 11:12 - 2018-03-02 11:12 - 000566305 _____ C:\Users\Denca\Desktop\(1)2_zadost_o_vydani_ZP_XX.pdf
2018-02-28 12:13 - 2018-02-28 16:13 - 000000000 ____D C:\Users\Denca\Desktop\Nová složka
2018-02-27 12:48 - 2018-02-27 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-02-27 12:48 - 2018-02-27 12:48 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2018-02-27 11:42 - 2018-03-05 07:43 - 000000911 _____ C:\Windows\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1}.job
2018-02-27 11:42 - 2018-02-27 11:42 - 000003978 _____ C:\Windows\System32\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1}
2018-02-27 11:42 - 2018-02-27 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-02-27 11:42 - 2018-02-27 11:42 - 000000000 ____D C:\Program Files\Common Files\EPSON
2018-02-27 11:41 - 2018-02-27 12:47 - 000000000 ____D C:\ProgramData\EPSON
2018-02-27 11:41 - 2015-12-09 04:08 - 000182784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBREE.DLL
2018-02-27 11:41 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BREE.DLL
2018-02-26 19:05 - 2018-02-26 19:05 - 000000000 ____D C:\Users\Denca\AppData\LocalLow\Red Dot Games
2018-02-25 18:13 - 2018-02-25 18:14 - 000000000 ____D C:\Users\Denca\AppData\Local\Viber
2018-02-22 16:04 - 2018-02-22 16:04 - 000003168 _____ C:\Windows\System32\Tasks\RTKCPL
2018-02-21 20:01 - 2018-02-22 16:04 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-02-21 20:01 - 2007-08-24 09:10 - 000196608 _____ (Realtek Semiconductor Corp.) C:\Windows\RTASIOCP.exe
2018-02-21 15:02 - 2018-02-21 15:02 - 000049085 _____ C:\Users\Denca\Desktop\pozemek1.pdf
2018-02-21 15:01 - 2018-02-21 15:01 - 000020272 _____ C:\Users\Denca\Desktop\pozemek.pdf
2018-02-20 09:58 - 2018-01-18 22:49 - 000980424 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2018-02-20 09:58 - 2018-01-18 22:49 - 000122816 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2018-02-18 18:32 - 2018-02-18 18:32 - 000000000 ____D C:\Users\Denca\AppData\Local\WellWeWeb
2018-02-18 18:32 - 2018-02-18 18:32 - 000000000 ____D C:\Users\Denca\AppData\Local\Chevolume.com
2018-02-18 18:27 - 2018-02-18 18:27 - 000000000 ____D C:\Program Files (x86)\WellWeWeb
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Roaming\NVIDIA
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Local\SKIDROW
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Local\2K Games
2018-02-18 17:47 - 2018-02-18 17:47 - 000000708 _____ C:\Users\Denca\Desktop\MAFIA II .lnk
2018-02-14 10:59 - 2018-01-22 00:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-02-14 10:59 - 2018-01-22 00:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-02-14 10:59 - 2018-01-19 15:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-02-06 19:14 - 2018-02-06 19:14 - 000000000 ____D C:\ProgramData\EA Logs
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-06 11:43 - 2017-12-19 08:21 - 000000000 ____D C:\ProgramData\TEMP
2018-03-06 11:41 - 2017-10-06 17:07 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-03-06 11:22 - 2009-07-14 16:18 - 000735288 _____ C:\Windows\system32\perfh005.dat
2018-03-06 11:22 - 2009-07-14 16:18 - 000167006 _____ C:\Windows\system32\perfc005.dat
2018-03-06 11:22 - 2009-07-14 06:13 - 001771280 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-06 11:22 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-05 12:59 - 2018-01-10 19:24 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-05 12:58 - 2018-02-02 09:06 - 000000000 ____D C:\ProgramData\Origin
2018-03-05 12:57 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-05 08:50 - 2017-11-16 21:54 - 000000000 ____D C:\Users\Denca\Desktop\BYDLENÍ
2018-03-05 04:27 - 2009-07-14 06:08 - 000019410 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-03-05 04:23 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-05 04:23 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-05 04:16 - 2017-12-11 12:19 - 000000000 ____D C:\Users\Denca\AppData\Local\CrashDumps
2018-03-04 11:10 - 2017-11-02 18:50 - 000000000 ____D C:\Windows\Minidump
2018-03-03 11:18 - 2017-09-14 15:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-03 11:16 - 2017-11-16 22:09 - 000004130 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-03-02 16:28 - 2017-09-17 20:33 - 000000000 ____D C:\Users\Denca\Documents\ViberDownloads
2018-03-02 12:17 - 2017-11-09 10:28 - 000000000 ____D C:\Users\Denca\AppData\Roaming\Apple Computer
2018-03-02 12:14 - 2018-02-02 09:32 - 000000000 ____D C:\Program Files (x86)\Origin
2018-03-02 12:01 - 2017-11-09 10:28 - 000000000 ____D C:\Users\Denca\AppData\Local\Apple Computer
2018-03-02 12:01 - 2017-11-09 10:23 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-03-02 12:00 - 2017-11-09 10:24 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-03-02 11:55 - 2017-09-24 18:11 - 000000000 ____D C:\Users\Denca\Desktop\třeťák
2018-03-01 11:38 - 2017-09-18 15:27 - 000000000 ____D C:\Users\Denca\AppData\Roaming\vlc
2018-02-28 16:44 - 2017-10-03 14:42 - 000000000 ____D C:\Users\Denca\Desktop\filmy
2018-02-28 11:10 - 2017-09-14 15:53 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-28 11:10 - 2017-09-14 15:53 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-27 11:45 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-02-27 00:26 - 2017-09-15 15:06 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-26 22:35 - 2017-09-18 15:31 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-26 22:34 - 2017-09-18 15:32 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-26 11:08 - 2017-12-13 10:29 - 000000000 ____D C:\Hry
2018-02-26 10:35 - 2018-02-02 09:23 - 000000000 ____D C:\Users\Denca\Desktop\hry
2018-02-25 18:13 - 2017-09-17 20:33 - 000000000 ____D C:\Users\Denca\AppData\Roaming\ViberPC
2018-02-22 16:04 - 2017-11-16 22:18 - 000003180 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2018-02-22 16:04 - 2017-09-20 11:04 - 000319042 _____ C:\Windows\system32\Drivers\RTWAVES40.dat
2018-02-22 16:00 - 2017-10-05 13:34 - 000000000 ____D C:\Users\Denca\AppData\Local\ElevatedDiagnostics
2018-02-22 15:56 - 2017-09-14 16:04 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-02-21 19:54 - 2017-09-14 15:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-20 09:58 - 2017-09-14 16:01 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-02-20 07:55 - 2017-09-17 20:57 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-02-20 07:51 - 2017-09-17 20:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-02-18 18:31 - 2017-09-20 11:06 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-15 18:38 - 2017-09-21 13:09 - 000000000 ____D C:\Windows\system32\appraiser
2018-02-15 09:13 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-02-15 09:06 - 2017-10-12 08:09 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-02-15 09:06 - 2017-09-14 16:04 - 000000000 ____D C:\Windows\system32\MRT
2018-02-15 09:05 - 2017-09-14 16:03 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-02-10 08:44 - 2018-02-02 09:33 - 000000000 ____D C:\Users\Denca\AppData\Roaming\Origin
2018-02-10 08:18 - 2017-09-14 16:11 - 001746930 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-02-08 12:28 - 2018-02-02 10:14 - 000000000 ____D C:\Users\Denca\Desktop\Večerníčky
2018-02-06 19:14 - 2018-02-02 10:24 - 000000000 ____D C:\ProgramData\Electronic Arts
==================== Files in the root of some directories =======
2017-10-05 13:21 - 2017-10-05 13:21 - 000000017 _____ () C:\Users\Denca\AppData\Local\resmon.resmoncfg
2018-03-04 11:31 - 2018-03-04 17:31 - 000000000 _____ () C:\Users\Denca\AppData\Local\{F8446C91-683C-41EF-A097-38DB4301E7BF}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-27 12:23
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118248
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý notebook, při otevření program zamrzá systém
Teď je to OK. Spusťte tuto utilitu:
Pokud by PC při spuštění zamrzl, můžete spustit i v nouz. režomu.Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý notebook, při otevření program zamrzá systém
adwcleaner už jsem spouštěl včera a nyní bez nálezu
včerejší nalez - je to jediný který jsem našel
# AdwCleaner 7.0.8.0 - Logfile created on Sat Mar 05 08:07:41 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 02-08-2018.1
# Running on Windows 7 Professional (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
PUP.Optional.Legacy, Driver Booster Scheduler
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
včerejší nalez - je to jediný který jsem našel
# AdwCleaner 7.0.8.0 - Logfile created on Sat Mar 05 08:07:41 2018
# Updated on 2018/08/02 by Malwarebytes
# Database: 02-08-2018.1
# Running on Windows 7 Professional (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
PUP.Optional.Legacy, Driver Booster Scheduler
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118248
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý notebook, při otevření program zamrzá systém
V ADW ještě klikněte na mazání, restartujte a dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý notebook, při otevření program zamrzá systém
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018
Ran by Denca (administrator) on DENCA-PC (07-03-2018 18:37:15)
Running from C:\Users\Denca\Desktop
Loaded Profiles: Denca (Available Profiles: Denca)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\ProgDVB x64\ProgLauncher.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Run: [ProgLauncher] => C:\Program Files\ProgDVB x64\ProgLauncher.exe [659184 2017-09-07] ()
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\MountPoints2: {4f4feeae-12f2-11e8-81fb-e03f49d4230d} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171896 2018-01-04] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244
Tcpip\..\Interfaces\{44BD4DEE-C181-46AE-9F4D-078C73818CCE}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{66E8D58B-9077-453D-AC43-3AE2D0C6278B}: [DhcpNameServer] 94.74.192.252 94.74.192.244
Internet Explorer:
==================
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-06] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-03-06] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-03-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-03-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-06] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-06] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-06] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-08-20] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.funnysearching.com/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default [2018-03-07]
CHR Extension: (Prezentace) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-14]
CHR Extension: (YouTube) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-14]
CHR Extension: (Slinky Elegantní) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2017-09-18]
CHR Extension: (Facebook) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-09-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-19]
CHR Extension: (Tabulky) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-14]
CHR Extension: (Gmail) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-14]
CHR Extension: (Chrome Media Router) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-10-02] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7962800 2018-02-22] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526888 2017-10-19] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2156864 2018-03-02] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3026760 2018-03-02] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2018-01-08] ()
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2018-02-21] (Realtek Semiconductor.) [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [73512 2017-09-20] (ASUS Corporation)
S3 AVerAF35; C:\Windows\System32\Drivers\HPAF35.sys [511104 2009-10-19] (Hewlett-Packard)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-16] (Disc Soft Ltd)
S3 HPIR; C:\Windows\System32\DRIVERS\HPIR.sys [93184 2009-11-16] (Hewlett-Packard)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-20] (REALiX(tm))
R3 m76usb; C:\Windows\System32\DRIVERS\m76usb.sys [539336 2017-09-20] (Ralink Technology Corp.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2017-09-20] (Intel Corporation)
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2502288 2017-09-20] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2018-01-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2018-01-04] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2018-01-04] (NVIDIA Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-07 17:54 - 2018-03-07 17:57 - 000000000 ____D C:\AdwCleaner
2018-03-06 16:36 - 2018-03-06 16:37 - 000334344 _____ C:\Windows\Minidump\030618-27908-01.dmp
2018-03-06 16:13 - 2018-03-06 16:13 - 000000000 ____D C:\Users\Denca\Desktop\Prirodopis 6-20180306T150951Z-001
2018-03-06 11:55 - 2018-03-06 11:54 - 008222496 _____ (Malwarebytes) C:\Users\Denca\Desktop\adwcleaner_7.0.8.0.exe
2018-03-06 11:47 - 2018-03-06 11:47 - 000060309 _____ C:\Users\Denca\Desktop\Addition.txt
2018-03-06 11:46 - 2018-03-07 18:38 - 000014713 _____ C:\Users\Denca\Desktop\FRST.txt
2018-03-06 11:46 - 2018-03-07 18:37 - 000000000 ____D C:\FRST
2018-03-06 11:45 - 2018-03-06 11:44 - 002403328 _____ (Farbar) C:\Users\Denca\Desktop\FRST64.exe
2018-03-06 11:23 - 2018-03-06 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup
2018-03-04 11:31 - 2018-03-04 17:31 - 000000000 _____ C:\Users\Denca\AppData\Local\{F8446C91-683C-41EF-A097-38DB4301E7BF}
2018-03-04 11:10 - 2018-03-06 16:36 - 498625554 _____ C:\Windows\MEMORY.DMP
2018-03-04 11:10 - 2018-03-04 11:11 - 000775384 _____ C:\Windows\Minidump\030418-33867-01.dmp
2018-03-04 08:40 - 2018-03-04 08:40 - 000000000 ____D C:\Qoobox
2018-03-04 08:39 - 2018-03-04 08:39 - 000000000 ____D C:\Windows\erdnt
2018-03-03 09:02 - 2018-03-06 11:58 - 002093316 _____ C:\Windows\ntbtlog.txt
2018-03-02 12:17 - 2018-03-02 12:17 - 000000000 ____D C:\Users\Denca\AppData\Local\Apple Inc
2018-03-02 12:01 - 2018-03-04 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-03-02 12:00 - 2018-03-02 12:00 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2018-03-02 12:00 - 2018-03-02 12:00 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-03-02 11:12 - 2018-03-02 11:12 - 000566305 _____ C:\Users\Denca\Desktop\(1)2_zadost_o_vydani_ZP_XX.pdf
2018-02-28 12:13 - 2018-02-28 16:13 - 000000000 ____D C:\Users\Denca\Desktop\Nová složka
2018-02-27 12:48 - 2018-02-27 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-02-27 12:48 - 2018-02-27 12:48 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2018-02-27 11:42 - 2018-03-07 17:42 - 000000911 _____ C:\Windows\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1}.job
2018-02-27 11:42 - 2018-02-27 11:42 - 000003978 _____ C:\Windows\System32\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1}
2018-02-27 11:42 - 2018-02-27 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-02-27 11:42 - 2018-02-27 11:42 - 000000000 ____D C:\Program Files\Common Files\EPSON
2018-02-27 11:41 - 2018-02-27 12:47 - 000000000 ____D C:\ProgramData\EPSON
2018-02-27 11:41 - 2015-12-09 04:08 - 000182784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBREE.DLL
2018-02-27 11:41 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BREE.DLL
2018-02-26 19:05 - 2018-02-26 19:05 - 000000000 ____D C:\Users\Denca\AppData\LocalLow\Red Dot Games
2018-02-25 18:13 - 2018-02-25 18:14 - 000000000 ____D C:\Users\Denca\AppData\Local\Viber
2018-02-22 16:04 - 2018-02-22 16:04 - 000003168 _____ C:\Windows\System32\Tasks\RTKCPL
2018-02-21 20:01 - 2018-02-22 16:04 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-02-21 20:01 - 2007-08-24 09:10 - 000196608 _____ (Realtek Semiconductor Corp.) C:\Windows\RTASIOCP.exe
2018-02-21 15:02 - 2018-02-21 15:02 - 000049085 _____ C:\Users\Denca\Desktop\pozemek1.pdf
2018-02-21 15:01 - 2018-02-21 15:01 - 000020272 _____ C:\Users\Denca\Desktop\pozemek.pdf
2018-02-20 09:58 - 2018-01-18 22:49 - 000980424 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2018-02-20 09:58 - 2018-01-18 22:49 - 000122816 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2018-02-18 18:32 - 2018-02-18 18:32 - 000000000 ____D C:\Users\Denca\AppData\Local\WellWeWeb
2018-02-18 18:32 - 2018-02-18 18:32 - 000000000 ____D C:\Users\Denca\AppData\Local\Chevolume.com
2018-02-18 18:27 - 2018-02-18 18:27 - 000000000 ____D C:\Program Files (x86)\WellWeWeb
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Roaming\NVIDIA
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Local\SKIDROW
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Local\2K Games
2018-02-18 17:47 - 2018-02-18 17:47 - 000000708 _____ C:\Users\Denca\Desktop\MAFIA II .lnk
2018-02-14 10:59 - 2018-01-22 00:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-02-14 10:59 - 2018-01-22 00:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-02-14 10:59 - 2018-01-19 15:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-02-06 19:14 - 2018-02-06 19:14 - 000000000 ____D C:\ProgramData\EA Logs
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-07 18:08 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-07 18:08 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-07 17:54 - 2009-07-14 16:18 - 000735288 _____ C:\Windows\system32\perfh005.dat
2018-03-07 17:54 - 2009-07-14 16:18 - 000167006 _____ C:\Windows\system32\perfc005.dat
2018-03-07 17:54 - 2009-07-14 06:13 - 001771280 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-07 17:54 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-07 17:48 - 2018-01-10 19:24 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-07 17:48 - 2017-10-06 17:07 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-03-07 17:47 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-06 16:36 - 2017-11-02 18:50 - 000000000 ____D C:\Windows\Minidump
2018-03-06 15:27 - 2017-09-24 18:11 - 000000000 ____D C:\Users\Denca\Desktop\třeťák
2018-03-06 12:26 - 2009-07-14 06:08 - 000020550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-03-06 12:21 - 2017-09-17 20:57 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-06 12:18 - 2017-09-17 20:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-03-06 11:43 - 2017-12-19 08:21 - 000000000 ____D C:\ProgramData\TEMP
2018-03-05 12:58 - 2018-02-02 09:06 - 000000000 ____D C:\ProgramData\Origin
2018-03-05 08:50 - 2017-11-16 21:54 - 000000000 ____D C:\Users\Denca\Desktop\BYDLENÍ
2018-03-05 04:16 - 2017-12-11 12:19 - 000000000 ____D C:\Users\Denca\AppData\Local\CrashDumps
2018-03-03 11:18 - 2017-09-14 15:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-03 11:16 - 2017-11-16 22:09 - 000004130 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-03-02 16:28 - 2017-09-17 20:33 - 000000000 ____D C:\Users\Denca\Documents\ViberDownloads
2018-03-02 12:17 - 2017-11-09 10:28 - 000000000 ____D C:\Users\Denca\AppData\Roaming\Apple Computer
2018-03-02 12:14 - 2018-02-02 09:32 - 000000000 ____D C:\Program Files (x86)\Origin
2018-03-02 12:01 - 2017-11-09 10:28 - 000000000 ____D C:\Users\Denca\AppData\Local\Apple Computer
2018-03-02 12:01 - 2017-11-09 10:23 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-03-02 12:00 - 2017-11-09 10:24 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-03-01 11:38 - 2017-09-18 15:27 - 000000000 ____D C:\Users\Denca\AppData\Roaming\vlc
2018-02-28 16:44 - 2017-10-03 14:42 - 000000000 ____D C:\Users\Denca\Desktop\filmy
2018-02-28 11:10 - 2017-09-14 15:53 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-28 11:10 - 2017-09-14 15:53 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-27 11:45 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-02-27 00:26 - 2017-09-15 15:06 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-26 22:35 - 2017-09-18 15:31 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-26 22:34 - 2017-09-18 15:32 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-26 11:08 - 2017-12-13 10:29 - 000000000 ____D C:\Hry
2018-02-26 10:35 - 2018-02-02 09:23 - 000000000 ____D C:\Users\Denca\Desktop\hry
2018-02-25 18:13 - 2017-09-17 20:33 - 000000000 ____D C:\Users\Denca\AppData\Roaming\ViberPC
2018-02-22 16:04 - 2017-11-16 22:18 - 000003180 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2018-02-22 16:04 - 2017-09-20 11:04 - 000319042 _____ C:\Windows\system32\Drivers\RTWAVES40.dat
2018-02-22 16:00 - 2017-10-05 13:34 - 000000000 ____D C:\Users\Denca\AppData\Local\ElevatedDiagnostics
2018-02-22 15:56 - 2017-09-14 16:04 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-02-21 19:54 - 2017-09-14 15:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-20 09:58 - 2017-09-14 16:01 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-02-18 18:31 - 2017-09-20 11:06 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-15 18:38 - 2017-09-21 13:09 - 000000000 ____D C:\Windows\system32\appraiser
2018-02-15 09:13 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-02-15 09:06 - 2017-10-12 08:09 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-02-15 09:06 - 2017-09-14 16:04 - 000000000 ____D C:\Windows\system32\MRT
2018-02-15 09:05 - 2017-09-14 16:03 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-02-10 08:44 - 2018-02-02 09:33 - 000000000 ____D C:\Users\Denca\AppData\Roaming\Origin
2018-02-10 08:18 - 2017-09-14 16:11 - 001746930 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-02-08 12:28 - 2018-02-02 10:14 - 000000000 ____D C:\Users\Denca\Desktop\Večerníčky
2018-02-06 19:14 - 2018-02-02 10:24 - 000000000 ____D C:\ProgramData\Electronic Arts
==================== Files in the root of some directories =======
2017-10-05 13:21 - 2017-10-05 13:21 - 000000017 _____ () C:\Users\Denca\AppData\Local\resmon.resmoncfg
2018-03-04 11:31 - 2018-03-04 17:31 - 000000000 _____ () C:\Users\Denca\AppData\Local\{F8446C91-683C-41EF-A097-38DB4301E7BF}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-27 12:23
==================== End of FRST.txt ============================
Ran by Denca (administrator) on DENCA-PC (07-03-2018 18:37:15)
Running from C:\Users\Denca\Desktop
Loaded Profiles: Denca (Available Profiles: Denca)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\ProgDVB x64\ProgLauncher.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Run: [ProgLauncher] => C:\Program Files\ProgDVB x64\ProgLauncher.exe [659184 2017-09-07] ()
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\Policies\Explorer: []
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\MountPoints2: {4f4feeae-12f2-11e8-81fb-e03f49d4230d} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171896 2018-01-04] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149736 2018-01-04] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244
Tcpip\..\Interfaces\{44BD4DEE-C181-46AE-9F4D-078C73818CCE}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{66E8D58B-9077-453D-AC43-3AE2D0C6278B}: [DhcpNameServer] 94.74.192.252 94.74.192.244
Internet Explorer:
==================
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-06] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2018-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-03-06] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-03-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2018-03-06] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-06] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-06] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll [2009-08-17] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-06] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2013-08-20] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.funnysearching.com/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default [2018-03-07]
CHR Extension: (Prezentace) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-14]
CHR Extension: (YouTube) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-14]
CHR Extension: (Slinky Elegantní) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2017-09-18]
CHR Extension: (Facebook) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-09-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-19]
CHR Extension: (Tabulky) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-14]
CHR Extension: (Gmail) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-14]
CHR Extension: (Chrome Media Router) - C:\Users\Denca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-01]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1353208 2017-06-15] (Autodesk Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530888 2017-10-02] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7962800 2018-02-22] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526888 2017-10-19] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2018-01-04] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2156864 2018-03-02] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3026760 2018-03-02] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2018-01-08] ()
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2018-02-21] (Realtek Semiconductor.) [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [73512 2017-09-20] (ASUS Corporation)
S3 AVerAF35; C:\Windows\System32\Drivers\HPAF35.sys [511104 2009-10-19] (Hewlett-Packard)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-16] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-16] (Disc Soft Ltd)
S3 HPIR; C:\Windows\System32\DRIVERS\HPIR.sys [93184 2009-11-16] (Hewlett-Packard)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-20] (REALiX(tm))
R3 m76usb; C:\Windows\System32\DRIVERS\m76usb.sys [539336 2017-09-20] (Ralink Technology Corp.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2017-09-20] (Intel Corporation)
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2502288 2017-09-20] (MediaTek Inc.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2018-01-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2018-01-04] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2018-01-04] (NVIDIA Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-07 17:54 - 2018-03-07 17:57 - 000000000 ____D C:\AdwCleaner
2018-03-06 16:36 - 2018-03-06 16:37 - 000334344 _____ C:\Windows\Minidump\030618-27908-01.dmp
2018-03-06 16:13 - 2018-03-06 16:13 - 000000000 ____D C:\Users\Denca\Desktop\Prirodopis 6-20180306T150951Z-001
2018-03-06 11:55 - 2018-03-06 11:54 - 008222496 _____ (Malwarebytes) C:\Users\Denca\Desktop\adwcleaner_7.0.8.0.exe
2018-03-06 11:47 - 2018-03-06 11:47 - 000060309 _____ C:\Users\Denca\Desktop\Addition.txt
2018-03-06 11:46 - 2018-03-07 18:38 - 000014713 _____ C:\Users\Denca\Desktop\FRST.txt
2018-03-06 11:46 - 2018-03-07 18:37 - 000000000 ____D C:\FRST
2018-03-06 11:45 - 2018-03-06 11:44 - 002403328 _____ (Farbar) C:\Users\Denca\Desktop\FRST64.exe
2018-03-06 11:23 - 2018-03-06 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup
2018-03-04 11:31 - 2018-03-04 17:31 - 000000000 _____ C:\Users\Denca\AppData\Local\{F8446C91-683C-41EF-A097-38DB4301E7BF}
2018-03-04 11:10 - 2018-03-06 16:36 - 498625554 _____ C:\Windows\MEMORY.DMP
2018-03-04 11:10 - 2018-03-04 11:11 - 000775384 _____ C:\Windows\Minidump\030418-33867-01.dmp
2018-03-04 08:40 - 2018-03-04 08:40 - 000000000 ____D C:\Qoobox
2018-03-04 08:39 - 2018-03-04 08:39 - 000000000 ____D C:\Windows\erdnt
2018-03-03 09:02 - 2018-03-06 11:58 - 002093316 _____ C:\Windows\ntbtlog.txt
2018-03-02 12:17 - 2018-03-02 12:17 - 000000000 ____D C:\Users\Denca\AppData\Local\Apple Inc
2018-03-02 12:01 - 2018-03-04 08:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-03-02 12:00 - 2018-03-02 12:00 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2018-03-02 12:00 - 2018-03-02 12:00 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-03-02 11:12 - 2018-03-02 11:12 - 000566305 _____ C:\Users\Denca\Desktop\(1)2_zadost_o_vydani_ZP_XX.pdf
2018-02-28 12:13 - 2018-02-28 16:13 - 000000000 ____D C:\Users\Denca\Desktop\Nová složka
2018-02-27 12:48 - 2018-02-27 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2018-02-27 12:48 - 2018-02-27 12:48 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2018-02-27 11:42 - 2018-03-07 17:42 - 000000911 _____ C:\Windows\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1}.job
2018-02-27 11:42 - 2018-02-27 11:42 - 000003978 _____ C:\Windows\System32\Tasks\EPSON XP-342 343 345 Series Update {423033FF-215C-40B8-AF9E-2835D185F5F1}
2018-02-27 11:42 - 2018-02-27 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2018-02-27 11:42 - 2018-02-27 11:42 - 000000000 ____D C:\Program Files\Common Files\EPSON
2018-02-27 11:41 - 2018-02-27 12:47 - 000000000 ____D C:\ProgramData\EPSON
2018-02-27 11:41 - 2015-12-09 04:08 - 000182784 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YLMBREE.DLL
2018-02-27 11:41 - 2011-03-15 03:03 - 000083968 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_YD4BREE.DLL
2018-02-26 19:05 - 2018-02-26 19:05 - 000000000 ____D C:\Users\Denca\AppData\LocalLow\Red Dot Games
2018-02-25 18:13 - 2018-02-25 18:14 - 000000000 ____D C:\Users\Denca\AppData\Local\Viber
2018-02-22 16:04 - 2018-02-22 16:04 - 000003168 _____ C:\Windows\System32\Tasks\RTKCPL
2018-02-21 20:01 - 2018-02-22 16:04 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-02-21 20:01 - 2007-08-24 09:10 - 000196608 _____ (Realtek Semiconductor Corp.) C:\Windows\RTASIOCP.exe
2018-02-21 15:02 - 2018-02-21 15:02 - 000049085 _____ C:\Users\Denca\Desktop\pozemek1.pdf
2018-02-21 15:01 - 2018-02-21 15:01 - 000020272 _____ C:\Users\Denca\Desktop\pozemek.pdf
2018-02-20 09:58 - 2018-01-18 22:49 - 000980424 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2018-02-20 09:58 - 2018-01-18 22:49 - 000122816 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2018-02-18 18:32 - 2018-02-18 18:32 - 000000000 ____D C:\Users\Denca\AppData\Local\WellWeWeb
2018-02-18 18:32 - 2018-02-18 18:32 - 000000000 ____D C:\Users\Denca\AppData\Local\Chevolume.com
2018-02-18 18:27 - 2018-02-18 18:27 - 000000000 ____D C:\Program Files (x86)\WellWeWeb
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Roaming\NVIDIA
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Local\SKIDROW
2018-02-18 17:55 - 2018-02-18 17:55 - 000000000 ____D C:\Users\Denca\AppData\Local\2K Games
2018-02-18 17:47 - 2018-02-18 17:47 - 000000708 _____ C:\Users\Denca\Desktop\MAFIA II .lnk
2018-02-14 10:59 - 2018-01-22 00:50 - 000136424 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-02-14 10:59 - 2018-01-22 00:40 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-02-14 10:59 - 2018-01-19 15:05 - 001569280 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000604672 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-02-14 10:59 - 2018-01-19 15:05 - 000236544 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-02-06 19:14 - 2018-02-06 19:14 - 000000000 ____D C:\ProgramData\EA Logs
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-07 18:08 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-07 18:08 - 2009-07-14 05:45 - 000014256 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-07 17:54 - 2009-07-14 16:18 - 000735288 _____ C:\Windows\system32\perfh005.dat
2018-03-07 17:54 - 2009-07-14 16:18 - 000167006 _____ C:\Windows\system32\perfc005.dat
2018-03-07 17:54 - 2009-07-14 06:13 - 001771280 _____ C:\Windows\system32\PerfStringBackup.INI
2018-03-07 17:54 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-03-07 17:48 - 2018-01-10 19:24 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-07 17:48 - 2017-10-06 17:07 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2018-03-07 17:47 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-03-06 16:36 - 2017-11-02 18:50 - 000000000 ____D C:\Windows\Minidump
2018-03-06 15:27 - 2017-09-24 18:11 - 000000000 ____D C:\Users\Denca\Desktop\třeťák
2018-03-06 12:26 - 2009-07-14 06:08 - 000020550 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-03-06 12:21 - 2017-09-17 20:57 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-06 12:18 - 2017-09-17 20:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-03-06 11:43 - 2017-12-19 08:21 - 000000000 ____D C:\ProgramData\TEMP
2018-03-05 12:58 - 2018-02-02 09:06 - 000000000 ____D C:\ProgramData\Origin
2018-03-05 08:50 - 2017-11-16 21:54 - 000000000 ____D C:\Users\Denca\Desktop\BYDLENÍ
2018-03-05 04:16 - 2017-12-11 12:19 - 000000000 ____D C:\Users\Denca\AppData\Local\CrashDumps
2018-03-03 11:18 - 2017-09-14 15:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-03 11:16 - 2017-11-16 22:09 - 000004130 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-03-02 16:28 - 2017-09-17 20:33 - 000000000 ____D C:\Users\Denca\Documents\ViberDownloads
2018-03-02 12:17 - 2017-11-09 10:28 - 000000000 ____D C:\Users\Denca\AppData\Roaming\Apple Computer
2018-03-02 12:14 - 2018-02-02 09:32 - 000000000 ____D C:\Program Files (x86)\Origin
2018-03-02 12:01 - 2017-11-09 10:28 - 000000000 ____D C:\Users\Denca\AppData\Local\Apple Computer
2018-03-02 12:01 - 2017-11-09 10:23 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-03-02 12:00 - 2017-11-09 10:24 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-03-01 11:38 - 2017-09-18 15:27 - 000000000 ____D C:\Users\Denca\AppData\Roaming\vlc
2018-02-28 16:44 - 2017-10-03 14:42 - 000000000 ____D C:\Users\Denca\Desktop\filmy
2018-02-28 11:10 - 2017-09-14 15:53 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-28 11:10 - 2017-09-14 15:53 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-27 11:45 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-02-27 00:26 - 2017-09-15 15:06 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-26 22:35 - 2017-09-18 15:31 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-26 22:34 - 2017-09-18 15:32 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-02-26 11:08 - 2017-12-13 10:29 - 000000000 ____D C:\Hry
2018-02-26 10:35 - 2018-02-02 09:23 - 000000000 ____D C:\Users\Denca\Desktop\hry
2018-02-25 18:13 - 2017-09-17 20:33 - 000000000 ____D C:\Users\Denca\AppData\Roaming\ViberPC
2018-02-22 16:04 - 2017-11-16 22:18 - 000003180 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2018-02-22 16:04 - 2017-09-20 11:04 - 000319042 _____ C:\Windows\system32\Drivers\RTWAVES40.dat
2018-02-22 16:00 - 2017-10-05 13:34 - 000000000 ____D C:\Users\Denca\AppData\Local\ElevatedDiagnostics
2018-02-22 15:56 - 2017-09-14 16:04 - 000000000 ___HD C:\Program Files (x86)\Temp
2018-02-21 19:54 - 2017-09-14 15:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-20 09:58 - 2017-09-14 16:01 - 000000000 ____D C:\Program Files (x86)\Realtek
2018-02-18 18:31 - 2017-09-20 11:06 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-15 18:38 - 2017-09-21 13:09 - 000000000 ____D C:\Windows\system32\appraiser
2018-02-15 09:13 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2018-02-15 09:06 - 2017-10-12 08:09 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-02-15 09:06 - 2017-09-14 16:04 - 000000000 ____D C:\Windows\system32\MRT
2018-02-15 09:05 - 2017-09-14 16:03 - 130067560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-02-10 08:44 - 2018-02-02 09:33 - 000000000 ____D C:\Users\Denca\AppData\Roaming\Origin
2018-02-10 08:18 - 2017-09-14 16:11 - 001746930 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-02-08 12:28 - 2018-02-02 10:14 - 000000000 ____D C:\Users\Denca\Desktop\Večerníčky
2018-02-06 19:14 - 2018-02-02 10:24 - 000000000 ____D C:\ProgramData\Electronic Arts
==================== Files in the root of some directories =======
2017-10-05 13:21 - 2017-10-05 13:21 - 000000017 _____ () C:\Users\Denca\AppData\Local\resmon.resmoncfg
2018-03-04 11:31 - 2018-03-04 17:31 - 000000000 _____ () C:\Users\Denca\AppData\Local\{F8446C91-683C-41EF-A097-38DB4301E7BF}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-27 12:23
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118248
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý notebook, při otevření program zamrzá systém
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\MountPoints2: {4f4feeae-12f2-11e8-81fb-e03f49d4230d} - F:\HiSuiteDownLoader.exe
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý notebook, při otevření program zamrzá systém
Fix result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by Denca (08-03-2018 14:45:31) Run:2
Running from C:\Users\Denca\Desktop
Loaded Profiles: Denca (Available Profiles: Denca)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\MountPoints2: {4f4feeae-12f2-11e8-81fb-e03f49d4230d} - F:\HiSuiteDownLoader.exe
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f4feeae-12f2-11e8-81fb-e03f49d4230d} => not found
HKLM\Software\Classes\CLSID\{4f4feeae-12f2-11e8-81fb-e03f49d4230d} => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => not found
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3558732 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 10502 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
Denca => 6950 B
UpdatusUser => 0 B
UpdatusUser => 0 B
RecycleBin => 0 B
EmptyTemp: => 11.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:45:42 ====
Ran by Denca (08-03-2018 14:45:31) Run:2
Running from C:\Users\Denca\Desktop
Loaded Profiles: Denca (Available Profiles: Denca)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\...\MountPoints2: {4f4feeae-12f2-11e8-81fb-e03f49d4230d} - F:\HiSuiteDownLoader.exe
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-3287351460-178487067-2576288362-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f4feeae-12f2-11e8-81fb-e03f49d4230d} => not found
HKLM\Software\Classes\CLSID\{4f4feeae-12f2-11e8-81fb-e03f49d4230d} => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => not found
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3558732 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 10502 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
Denca => 6950 B
UpdatusUser => 0 B
UpdatusUser => 0 B
RecycleBin => 0 B
EmptyTemp: => 11.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:45:42 ====
-
Rudy
- Site Admin
- Příspěvky: 118248
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý notebook, při otevření program zamrzá systém
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý notebook, při otevření program zamrzá systém
Omlouvám byl jsem nějakou dobu mimo poškozené pc, chod ntb se zlepšil jen občas vykazuje vyšší vytížení. Díky za pomoc
-
Rudy
- Site Admin
- Příspěvky: 118248
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý notebook, při otevření program zamrzá systém
Tal to jsem rád. Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?