Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

kontrola logu PC, nabourán email

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
ondrejs
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 20 kvě 2009 14:07

kontrola logu PC, nabourán email

#1 Příspěvek od ondrejs »

Ahoj,

poprosil bych o kontrolu PC a notebooku, nejdřív sem hodím PC. Projel jsem těsně předtím už Adwcleanerem, snad to nebude kontraproduktivní.

Někdo se mi dostal přes Steam klienta do k němu napojeného mailu a změnil mi heslo tam i tam. :boxed:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.11.2018
Ran by Ondra (administrator) on ONDRA-PC (29-11-2018 10:19:45)
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Gaijin Entertainment) C:\Users\Ondra\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(Malwarebytes) C:\Users\Ondra\Desktop\adwcleaner_7.2.5.0.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Ondra\AppData\Roaming\Spotify\Spotify.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Users\Ondra\AppData\Roaming\iRadioDesktop\app.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Spotify Ltd) C:\Users\Ondra\AppData\Roaming\Spotify\Spotify.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
() C:\Users\Ondra\AppData\Roaming\iRadioDesktop\app.exe
() C:\Users\Ondra\AppData\Roaming\iRadioDesktop\app.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Users\Ondra\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Ondra\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-20] (AVAST Software)
HKLM\...\Run: [Autodesk Sync] => [X]
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-08-23] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [547984 2012-08-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [Gaijin.Net Agent] => C:\Users\Ondra\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2125384 2018-10-29] (Gaijin Entertainment)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [Spotify] => C:\Users\Ondra\AppData\Roaming\Spotify\Spotify.exe [25301224 2018-11-29] (Spotify Ltd)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-13] (Piriform Ltd)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: {e86c5651-7638-11e5-a315-c860009b5672} - I:\AUTORUN.EXE
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2018-05-11]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2018-05-10]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iRadio.lnk [2016-09-16]
ShortcutTarget: iRadio.lnk -> C:\Users\Ondra\AppData\Roaming\iRadioDesktop\iRadioDesktop.exe (Český rozhlas)
Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk [2015-09-06]
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{4C5A43F0-60A8-43F2-9734-478159F245C2}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5AF28075-C305-421E-8366-F86E3EA69F2A}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{916CE3ED-6FFB-428B-8262-DAEF4FBD3E7C}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{D5199E61-C6AB-44C3-88E7-B3835FC508F7}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{D5C59211-F42F-4FB8-9AB8-419D9B2ECD34}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2018-05-11] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2018-05-11] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-180312543-2219060438-160504956-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default [2018-11-29]
FF Homepage: Mozilla\Firefox\Profiles\k72m93dr.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\k72m93dr.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10181_1320_170619
FF Extension: (No Name) - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2018-10-19]
FF Extension: (Avast SafePrice) - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default\Extensions\sp@avast.com.xpi [2018-06-21]
FF Extension: (Avast Online Security) - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default\Extensions\wrc@avast.com.xpi [2018-11-20]
FF Extension: (Boomerang for Gmail) - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default\Extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi [2018-02-13]
FF Extension: (Vývojové sestavení Adblock Plus) - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-11-15]
FF Extension: (DownThemAll!) - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-09-29] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll [2018-11-20] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-20] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [2012-09-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2018-05-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2018-05-11] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-180312543-2219060438-160504956-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ondra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-10-26] (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default [2018-10-11]
CHR Extension: (Prezentace) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22]
CHR Extension: (Disk Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-22]
CHR Extension: (YouTube) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-22]
CHR Extension: (Avast SafePrice) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-10-22]
CHR Extension: (Tabulky) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-22]
CHR Extension: (Avast Online Security) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-10-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-13]
CHR Extension: (Gmail) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-13]
CHR HKU\S-1-5-21-180312543-2219060438-160504956-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-08-23] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2015-09-06] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2015-09-06] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2015-09-06] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2015-09-06] (ASUSTeK Computer Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-11-20] (AVAST Software)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-20] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2017-10-06] (Dassault Systèmes) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-11] (Seiko Epson Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67224 2014-06-09] (Robert McNeel & Associates)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-05-05] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671512 2014-12-22] (Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-23] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-11-20] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-11-20] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-11-20] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-11-20] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-11-20] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2018-11-26] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-11-20] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-11-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-11-20] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-11-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-11-20] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-11-20] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-11-20] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-11-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-11-20] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-20] (Disc Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2016-12-26] (Duplex Secure Ltd.)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2016-06-29] (Seiko Epson Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [105160 2012-12-20] (WIBU-SYSTEMS AG)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-29 10:19 - 2018-11-29 10:19 - 000029085 _____ C:\Users\Ondra\Desktop\FRST.txt
2018-11-29 10:18 - 2018-11-29 10:18 - 002416640 _____ (Farbar) C:\Users\Ondra\Desktop\FRST64.exe
2018-11-29 10:16 - 2018-11-29 10:16 - 000000004 ____H C:\ProgramData\cm-lock
2018-11-29 10:13 - 2018-11-29 10:14 - 000000000 ____D C:\zaloha3
2018-11-29 10:13 - 2018-11-29 10:13 - 007321808 _____ (Malwarebytes) C:\Users\Ondra\Desktop\adwcleaner_7.2.5.0.exe
2018-11-29 09:34 - 2018-11-29 09:34 - 004900183 _____ C:\Users\Ondra\Downloads\UP.zip
2018-11-28 16:20 - 2018-11-28 16:20 - 000183758 _____ C:\Users\Ondra\Downloads\kinematic-toy(1).zip
2018-11-28 15:40 - 2018-11-28 15:40 - 001034289 _____ C:\Users\Ondra\Downloads\Evia-S+(2).skp
2018-11-28 10:51 - 2018-11-28 10:52 - 083318911 _____ C:\Users\Ondra\Downloads\ObraDinn-0.1.23-Windows.zip
2018-11-27 19:18 - 2018-11-27 19:18 - 001161253 _____ C:\Users\Ondra\Downloads\hreben_50_RIJEN_15(1).dwg
2018-11-27 12:33 - 2018-11-27 12:33 - 001273367 _____ C:\Users\Ondra\Downloads\Cesca(1).skp
2018-11-27 11:29 - 2018-11-27 11:29 - 053617878 _____ C:\Users\Ondra\Downloads\2965-steelcut-trio-3-low-res-60aa5b79521853726580cc589d1b9620.zip
2018-11-27 11:26 - 2018-11-27 11:26 - 004825052 _____ C:\Users\Ondra\Downloads\kvadrat-upholstery-textile-manual-uk.pdf
2018-11-26 15:31 - 2018-11-26 15:32 - 000917262 _____ C:\Users\Ondra\Downloads\0001-walnut-wood-fine-medium-color-texture-seamless.zip
2018-11-26 15:22 - 2018-11-26 15:22 - 001112322 _____ C:\Users\Ondra\Downloads\0002-dark-fine-wood-texture-seamless.zip
2018-11-26 15:21 - 2018-11-26 15:21 - 000604042 _____ C:\Users\Ondra\Downloads\0049-dark-fine-wood-texture-seamless.zip
2018-11-26 13:45 - 2018-11-26 13:45 - 000307596 _____ C:\Users\Ondra\Downloads\FV - Ing. Barbora Trundová.pdf
2018-11-26 08:29 - 2018-11-26 08:29 - 000739029 _____ C:\Users\Ondra\Downloads\katalog solara 2015 - stresni okna pro pamatky.pdf
2018-11-20 13:21 - 2018-11-20 13:21 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-11-16 11:43 - 2018-11-28 22:40 - 000000000 ____D C:\Users\Ondra\Desktop\barosovi
2018-11-15 21:28 - 2018-11-15 21:28 - 000128501 _____ C:\Users\Ondra\Downloads\CENIK+SORTIMENT.xlsx
2018-11-14 14:07 - 2018-11-14 14:07 - 019357204 _____ C:\Users\Ondra\Downloads\18BAR_2018_04_18_skica.3dm
2018-11-14 14:06 - 2018-11-14 14:07 - 124859257 _____ C:\Users\Ondra\Downloads\barosovi_zaloha2.3dm
2018-11-14 09:03 - 2018-11-16 17:50 - 000000000 ____D C:\Users\Ondra\Desktop\zavodni
2018-11-11 11:43 - 2018-11-11 11:43 - 000000000 _____ C:\Users\Ondra\Downloads\sav4160.tmp
2018-11-11 11:33 - 2018-11-11 11:33 - 000000194 ____H C:\Users\Ondra\Downloads\heidrich_rijen_listopad2.dwl2
2018-11-11 11:33 - 2018-11-11 11:33 - 000000044 ____H C:\Users\Ondra\Downloads\heidrich_rijen_listopad2.dwl
2018-11-11 11:02 - 2018-11-11 11:33 - 001749275 _____ C:\Users\Ondra\Downloads\heidrich_rijen_listopad2.dwg
2018-11-11 10:53 - 2018-11-11 10:54 - 009542965 _____ C:\Users\Ondra\Downloads\Fundremax desky.pdf
2018-11-11 10:45 - 2018-11-11 10:45 - 002557067 _____ C:\Users\Ondra\Downloads\FunderMax(1).pdf
2018-11-11 10:34 - 2018-11-11 10:35 - 001435081 _____ C:\Users\Ondra\Downloads\heidrich_rijen_listopad.dwg
2018-11-08 15:41 - 2018-11-08 15:41 - 000108444 _____ C:\Users\Ondra\Downloads\poptavka_116487(1).pdf
2018-11-08 12:51 - 2018-11-08 12:51 - 000330454 _____ C:\Users\Ondra\Downloads\D.1.1.2 půdorys_varianta1.pdf
2018-11-08 12:51 - 2018-11-08 12:51 - 000190255 _____ C:\Users\Ondra\Downloads\D.1.1.3 rez A-A´_varianta2.pdf
2018-11-08 12:51 - 2018-11-08 12:51 - 000187709 _____ C:\Users\Ondra\Downloads\D.1.1.3 rez A-A´_varianta1.pdf
2018-11-08 12:50 - 2018-11-08 12:50 - 000329261 _____ C:\Users\Ondra\Downloads\D.1.1.2 půdorys_varianta2.pdf
2018-11-08 11:34 - 2018-11-08 11:34 - 000108444 _____ C:\Users\Ondra\Downloads\poptavka_116487.pdf
2018-11-07 10:26 - 2018-11-07 10:26 - 000021836 _____ C:\Users\Ondra\Downloads\faktura_20181001.pdf
2018-11-05 10:56 - 2018-11-05 10:56 - 000103412 _____ C:\Users\Ondra\Downloads\Varianta_2.pdf
2018-11-05 10:56 - 2018-11-05 10:56 - 000102744 _____ C:\Users\Ondra\Downloads\Varianta_3.pdf
2018-11-05 10:56 - 2018-11-05 10:56 - 000096742 _____ C:\Users\Ondra\Downloads\Varianta_1.pdf
2018-11-02 08:43 - 2018-11-02 08:43 - 011154498 _____ C:\Users\Ondra\Downloads\drive-download-20181102T074320Z-001.zip
2018-11-01 17:13 - 2018-11-01 17:13 - 001244453 _____ C:\Users\Ondra\Downloads\drive-download-20181101T161345Z-001.zip
2018-10-31 11:00 - 2018-10-31 11:00 - 000036525 _____ C:\Users\Ondra\Downloads\1. VŠK JLF Csoc - DPS, stav TZ.pdf
2018-10-30 15:57 - 2018-10-30 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-10-30 15:57 - 2018-10-30 15:57 - 000000000 ____D C:\Program Files\iTunes
2018-10-30 15:57 - 2018-10-30 15:57 - 000000000 ____D C:\Program Files\iPod
2018-10-30 15:52 - 2018-10-30 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2018-10-30 14:18 - 2018-10-30 14:18 - 000989862 _____ C:\Users\Ondra\Downloads\hreben_50_RIJEN_15_recover.dwg
2018-10-30 12:16 - 2018-10-30 12:16 - 001066481 _____ C:\Users\Ondra\Downloads\2017_skrine(1).dwg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-29 10:20 - 2015-10-19 18:23 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\Skype
2018-11-29 10:19 - 2016-01-08 10:06 - 000000000 ____D C:\FRST
2018-11-29 10:17 - 2018-04-05 08:10 - 000000000 ____D C:\Users\Ondra\AppData\Local\AVAST Software
2018-11-29 10:17 - 2016-11-29 20:42 - 000000000 ___RD C:\Users\Ondra\Disk Google
2018-11-29 10:17 - 2016-09-24 10:03 - 000000000 ____D C:\Users\Ondra\AppData\Local\Spotify
2018-11-29 10:17 - 2016-09-24 10:02 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\Spotify
2018-11-29 10:17 - 2016-01-22 13:12 - 000000000 ____D C:\Program Files (x86)\Steam
2018-11-29 10:16 - 2016-11-15 23:05 - 000000000 ____D C:\Users\Ondra\AppData\LocalLow\Mozilla
2018-11-29 10:16 - 2016-09-17 08:58 - 000000000 ____D C:\Users\Ondra\AppData\Local\iRadio
2018-11-29 10:16 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-29 10:16 - 2009-01-02 20:50 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-29 10:15 - 2017-06-19 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-11-29 10:15 - 2016-01-08 10:26 - 000000000 ____D C:\AdwCleaner
2018-11-29 09:42 - 2015-10-16 18:26 - 000000000 ____D C:\Users\Ondra\AppData\Local\Adobe
2018-11-29 09:41 - 2009-07-14 16:18 - 000668866 _____ C:\Windows\system32\perfh005.dat
2018-11-29 09:41 - 2009-07-14 16:18 - 000141526 _____ C:\Windows\system32\perfc005.dat
2018-11-29 09:41 - 2009-07-14 06:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-29 09:41 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-11-29 09:39 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-29 09:39 - 2009-07-14 05:45 - 000014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-28 22:40 - 2015-11-01 21:48 - 000000000 ____D C:\instalace
2018-11-28 17:36 - 2015-12-20 16:21 - 000000000 ____D C:\foto
2018-11-28 17:23 - 2017-04-05 08:13 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-11-28 16:46 - 2015-11-24 22:18 - 000000132 _____ C:\Users\Ondra\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-11-28 16:21 - 2009-01-02 21:35 - 000000500 _____ C:\Windows\SysWOW64\Drivers\iczgzv_568.set
2018-11-28 16:21 - 2009-01-02 21:35 - 000000500 _____ C:\Windows\SysWOW64\Drivers\deqordi254.dat
2018-11-28 16:21 - 2009-01-02 21:35 - 000000500 _____ C:\Windows\d_kenkpm223.ini
2018-11-28 11:03 - 2018-09-14 15:44 - 000003134 _____ C:\Windows\System32\Tasks\{F70070D8-4DF0-4A1A-97C1-D875901EEE4B}
2018-11-28 11:03 - 2018-07-06 14:31 - 000003314 _____ C:\Windows\System32\Tasks\{CAE7ABA3-58CD-4A93-A715-17DF1E092BE5}
2018-11-28 11:03 - 2018-03-29 08:41 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-11-28 11:03 - 2018-03-13 12:33 - 000004528 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-28 11:03 - 2018-01-31 17:12 - 000003458 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-Ondra-PC-Ondra
2018-11-28 11:03 - 2017-06-19 10:21 - 000003218 _____ C:\Windows\System32\Tasks\klcp_update
2018-11-28 11:03 - 2017-03-08 16:15 - 000003148 _____ C:\Windows\System32\Tasks\{9B5D7231-6742-41AA-BBF3-EC20D6DFF924}
2018-11-28 11:03 - 2016-11-29 20:33 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-11-28 11:03 - 2016-11-29 20:33 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-11-28 11:03 - 2016-01-20 12:02 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-11-28 11:03 - 2015-12-10 20:02 - 000002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-11-28 11:03 - 2015-12-10 18:48 - 000003502 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Ondra-PC-Ondra
2018-11-28 11:03 - 2015-11-25 13:26 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-28 11:03 - 2015-10-21 09:31 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-11-27 19:45 - 2017-06-30 09:43 - 000000000 ____D C:\Users\Ondra\Desktop\hreben
2018-11-26 19:50 - 2018-01-05 16:44 - 000239840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-11-26 08:52 - 2015-10-18 21:48 - 000000000 ____D C:\Users\Ondra\AppData\Local\cache
2018-11-26 08:25 - 2015-09-06 14:31 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-23 13:13 - 2018-04-05 08:10 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-11-22 20:53 - 2015-10-16 14:04 - 000000000 ____D C:\WarThunder
2018-11-20 15:33 - 2015-11-25 13:26 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-20 15:33 - 2015-11-25 13:26 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-20 15:33 - 2015-11-25 13:26 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-20 13:21 - 2018-10-23 09:07 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-11-20 13:21 - 2017-11-18 15:30 - 000201240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-11-20 13:21 - 2017-04-05 08:13 - 000346592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-11-20 13:21 - 2017-04-05 08:13 - 000230344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-11-20 13:21 - 2017-04-05 08:13 - 000201768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-11-20 13:21 - 2017-04-05 08:13 - 000059496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-11-20 13:21 - 2016-01-20 12:01 - 001028680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-11-20 13:21 - 2016-01-20 12:01 - 000469272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-11-20 13:21 - 2016-01-20 12:01 - 000380464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-11-20 13:21 - 2016-01-20 12:01 - 000208472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-11-20 13:21 - 2016-01-20 12:01 - 000163208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-11-20 13:21 - 2016-01-20 12:01 - 000111800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-11-20 13:21 - 2016-01-20 12:01 - 000087432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-11-20 13:21 - 2016-01-20 12:01 - 000046384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-11-19 14:45 - 2009-01-02 15:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-19 08:47 - 2017-04-20 09:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-15 21:41 - 2018-05-07 11:38 - 000026830 _____ C:\Windows\BRRBCOM.INI
2018-11-14 09:12 - 2017-01-29 21:00 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-05 17:07 - 2017-09-25 14:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-11-02 20:22 - 2015-10-17 00:02 - 000000000 ____D C:\Users\Ondra\AppData\Roaming\uTorrent
2018-11-01 09:51 - 2015-11-04 22:07 - 000000000 ____D C:\Users\Ondra\AppData\Local\Black_Tree_Gaming
2018-11-01 09:51 - 2015-11-04 21:11 - 000000000 ____D C:\Program Files\Nexus Mod Manager
2018-10-30 15:56 - 2016-06-05 18:26 - 000000000 ____D C:\Program Files\Common Files\Apple

==================== Files in the root of some directories =======

2018-05-06 13:54 - 2018-05-06 13:54 - 000000132 _____ () C:\Users\Ondra\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2015-11-24 22:18 - 2018-11-28 16:46 - 000000132 _____ () C:\Users\Ondra\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2017-10-05 11:24 - 2018-04-26 20:26 - 000001480 _____ () C:\Users\Ondra\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2018-09-27 17:12 - 2018-09-27 17:12 - 000000000 _____ () C:\Users\Ondra\AppData\Local\oobelibMkey.log

Some files in TEMP:
====================
2018-10-16 15:04 - 2018-10-16 15:04 - 002016632 _____ (Flexera Software LLC) C:\Users\Ondra\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
2018-10-29 14:22 - 2018-10-29 14:22 - 000937664 _____ (adaware) C:\Users\Ondra\AppData\Local\Temp\WCU008.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-26 09:36

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.11.2018
Ran by Ondra (29-11-2018 10:20:07)
Running from C:\Users\Ondra\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-09-06 13:18:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-180312543-2219060438-160504956-500 - Administrator - Disabled)
Guest (S-1-5-21-180312543-2219060438-160504956-501 - Limited - Disabled)
Ondra (S-1-5-21-180312543-2219060438-160504956-1000 - Administrator - Enabled) => C:\Users\Ondra

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Design Standard (HKLM-x32\...\{0327A4BF-62BF-48BB-8928-B971B749E9E1}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.02 - ASUSTeK Computer Inc.)
Aktualizace NVIDIA 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ArchiCAD 16 CZE (HKLM\...\001FFF2FFF16FF00FF1101F01F02F000-R1) (Version: 16.0 - GRAPHISOFT)
ArchiCAD 17 CZE (HKLM\...\001FFF2FFF17FF00FF1101F01F02F000-R1) (Version: 17.0 - GRAPHISOFT)
ArchiCAD 19 CZE (HKLM\...\001FFF2FFF19FF00FF1101F01F02F000-R1) (Version: 19.0 - GRAPHISOFT)
Arx Libertatis (HKLM\...\ArxLibertatis) (Version: 1.1.2 - )
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.03.00 - ASUSTeK Computer Inc.)
ASUS GPU Tweak (HKLM-x32\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0000-0102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0409-2102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (HKLM\...\{5783F2D7-D001-0409-1102-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{62F029AB-85F2-0000-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Featured Apps (HKLM-x32\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\{31ABA3F2-0000-1033-0102-111D43815377}) (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap Language Pack-English (HKLM\...\{31ABA3F2-0010-1033-0102-111D43815377}) (Version: 1.0.43.13 - Autodesk) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.0.917.102 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
BatchInDatabase (HKLM-x32\...\{BC910E5C-DB9F-4EF9-B9EF-10930139E62A}) (Version: 4.2.0 - CADManagerTools)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Blast2GO 4.0 (HKLM\...\8925-5630-7404-4860) (Version: 4.0 - BioBam Bioinformatics S.L.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-J5720DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDG Purge 4.0 (HKLM-x32\...\CDG Purge 4.0_is1) (Version: 4.0 - )
CodeMeter Runtime Kit v5.21 (HKLM\...\{05CA69B3-6699-425F-8223-39E4E00B6581}) (Version: 5.21.1478.500 - WIBU-SYSTEMS AG)
Convert MOV to AVI 1.0 (HKLM-x32\...\{A39EA3C8-7BF3-4FA7-9A67-3D3611BAE59E}_is1) (Version: - convertmovtoavi.com)
CPU Thermometer (HKLM-x32\...\{06EA836D-C7AD-42A0-9C17-47BCDE7E015B}_is1) (Version: - cputhermometer.com)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DraftSight 2018 SP0 x64 (HKLM\...\{99275069-64ED-476E-A87B-756DC6C8BA59}) (Version: 18.0.2051 - Dassault Systemes)
Drawing Purge (HKLM-x32\...\{D25CA69F-AA95-4548-B3D9-443CCBB266EE}) (Version: 8.2.0.0 - Ajilal Vijayan)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-202 203 206 Series Printer Uninstall (HKLM\...\EPSON XP-202 203 206 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.8.1 - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
FastStone Image Viewer 5.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.5 - FastStone Soft)
FlatOut (HKLM-x32\...\GOGPACKFLATOUT_is1) (Version: 2.0.0.3 - GOG.com)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free MBOX File Viewer version v2.0 (HKLM-x32\...\{3F361893-2832-4F6A-908F-957908E24EA4}_is1) (Version: v2.0 - www.freeviewer.org)
Free Video Joiner (HKLM-x32\...\{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1) (Version: - FreeVideoJoiner.com)
GMX - Enhanced by Google (HKLM-x32\...\{92E27A22-C262-ABA2-73E2-DB22A36208A2}) (Version: - )
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
iTunes (HKLM\...\{9F1EE6A3-7BDE-48CC-BC81-1EA3D21D94E3}) (Version: 12.9.0.167 - Apple Inc.)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 13.2.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.2.0 - KLCP)
Live for Speed (HKLM-x32\...\Live for Speed) (Version: 0.6G - Jimbo)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
LOOT version 0.8.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.8.1 - LOOT Team)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation)
Mozilla Firefox 63.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 63.0.3 (x64 en-US)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.62 - NVIDIA Corporation) Hidden
Pathologic Classic HD (HKLM-x32\...\Pathologic Classic HD_is1) (Version: - )
PDF Editor 5 (HKLM-x32\...\PDF Editor 5) (Version: - )
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
PDFsam Basic (HKLM-x32\...\{910EA44E-8446-405D-BFE1-82F562F847D0}) (Version: 3.30.0.0 - Andrea Vacondio)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.7 - Power Software Ltd)
PrusaControl verze 0.9.4.415_beta (HKLM\...\{92AE905A-ABAD-43C4-ACA3-AF62E2B32B5C}_is1) (Version: 0.9.4.415_beta - Prusa Research s.r.o.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Ralink RT2870 Wireless LAN Card (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 1.5.14.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rhino RDK (HKLM-x32\...\Rhino RDK) (Version: - )
Rhinoceros 4.0 (HKLM-x32\...\{5C2CBFFD-FC3B-4AA9-993B-CE2B8DA25B87}) (Version: 4.0.20118 - McNeel & Associates)
Rhinoceros 4.0 SR6 (HKLM-x32\...\{6B9DD988-5ECB-4623-BBFF-8A8F2DA3ED16}) (Version: 4.0.40709 - Robert McNeel & Associates)
Rhinoceros 4.0 SR7 (HKLM-x32\...\{ECC0CADD-0491-4FB0-AAB8-5DC6C371890E}) (Version: 4.0.41030 - Robert McNeel & Associates)
Rhinoceros 5 (64-bit) (HKLM\...\{2E56CC75-611E-4278-9DFE-0912997A1E89}) (Version: 5.9.40609.20145 - Robert McNeel & Associates)
RhinoSlic3r version WIP 0.2.2 (HKLM-x32\...\{EC75D7AD-0280-4787-BBE3-A2DE84FB6609}_is1) (Version: WIP 0.2.2 - Kinematiq)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.1.0 - Samsung Electronics)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
SimLab 3D PDF Exporter 3.3.2 For Rhino x64 (HKLM\...\{BA61D51A-2A01-4025-BFA5-B5193191ED05}) (Version: 3.3.2 - SimLab)
SketchUp 2017 (HKLM\...\{BCA90A4C-9C6A-49D1-91F9-594A0BE02432}) (Version: 17.1.174 - Trimble, Inc.)
SketchUp Import for AutoCAD 2014 (HKLM-x32\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SL-6640-SBK BLACK WIDOW Flightstick (HKLM-x32\...\SL-6640-SBK BLACK WIDOW Flightstick) (Version: - )
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version: - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Spotify) (Version: 1.0.94.262.g3d5c231c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TL-WN851ND Driver (HKLM-x32\...\{4BAE4C76-44C3-418F-B715-6BBF5A65323E}) (Version: 1.00.0000 - TP-LINK)
TransMac version 11.10 (HKLM-x32\...\TransMac_is1) (Version: 11.10 - Acute Systems)
Unity Web Player (HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
V-Ray for Rhinoceros (HKLM-x32\...\{1C21A34A-5CBA-4AC2-8EDD-6531C06B520E}) (Version: 01.05.29 - ASGvis, LLC) Hidden
V-Ray for Rhinoceros (HKLM-x32\...\{40625DE4-DCDB-44FE-84B5-E65F1365BF44}) (Version: 01.05.29 - ASGvis, LLC)
V-Ray for Rhinoceros (HKLM-x32\...\{50566374-A1F2-4608-A173-771BEEFABAEE}) (Version: 01.05.29 - ASGvis, LLC) Hidden
V-Ray for Rhinoceros (HKLM-x32\...\{C541BF6F-EC08-4447-8A5B-2A4801465650}) (Version: 01.05.29 - ASGvis, LLC) Hidden
V-Ray for Rhinoceros 5 x64 adv (HKLM-x32\...\V-Ray for Rhinoceros 5 x64 adv 2.00.23938) (Version: 2.00.23938 - Chaos Software, Ltd)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11w3 - Wacom Technology Corp.)
Web Companion (HKLM-x32\...\{56d48a59-b14a-4bdb-befc-4c2df82ec6b8}) (Version: 4.4.1950.3825 - Lavasoft)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.10a of 2012-Dec-20 (Build 1023) (Setup) - WIBU-SYSTEMS AG)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 307.2018.0704.0057 - Wrye & Wrye Bash Development Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-180312543-2219060438-160504956-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-180312543-2219060438-160504956-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-180312543-2219060438-160504956-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-180312543-2219060438-160504956-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-20] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-20] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2013-02-08] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-20] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1-x32: [RhinoShExt] -> {C81DCBCA-8AE2-41FC-9C39-78B160393210} => C:\Program Files (x86)\Rhinoceros 4.0\System\RhinoShExt.dll [2009-10-30] (Robert McNeel & Associates)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-20] (AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-07-23] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-20] (AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {077244E3-0819-449A-ADF2-777625A57EE7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-13] (Piriform Ltd)
Task: {0B74A1BF-87EA-4356-9EC9-6A2DE6F4927F} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
Task: {1191AA8C-FEAA-427B-B1AD-FF677ED8CEF2} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {1B698746-622E-4E5C-93D5-48DC1F0A7759} - System32\Tasks\AdobeGCInvoker-1.0-Ondra-PC-Ondra => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {293858C7-A1FF-4617-A98C-C61D6EB28475} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-20] (AVAST Software)
Task: {3DBD4A4F-4FB1-4C9C-B1C9-F92DDFE5F565} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-29] (AVAST Software)
Task: {48412EC4-2A5A-4A69-8BE3-728653A378D4} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2012-11-09] ()
Task: {4B4B9177-10B0-42E6-85D4-97D19CD0C9B9} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {52DB3E89-92D5-4A59-B1A5-6C6508B8ED3E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {53C1E96B-726F-4085-B9DE-9077C8DBC062} - System32\Tasks\{CAE7ABA3-58CD-4A93-A715-17DF1E092BE5} => C:\Windows\system32\pcalua.exe -a "G:\instalace\games\Skyrim\The Elder Scrolls V Skyrim CZ 2011 KAMCA\ISO\install.exe" -d "G:\instalace\games\Skyrim\The Elder Scrolls V Skyrim CZ 2011 KAMCA\ISO"
Task: {693DF93D-273D-48FE-8DDF-492D0FC73625} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {6B5A42F7-5F42-4542-B7BB-8FC3DF59492E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {738A788C-BFAA-4ED5-A304-279E25BAD6A5} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe [2012-07-23] (ASUSTeK Computer Inc.)
Task: {82AB4B45-1FE6-4EAE-ADEC-31EDE0F6F925} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2017-05-24] ()
Task: {8A9ECCB8-C41C-45A2-AD10-C61DBBC9BD7F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {8E314429-1AAE-46CB-8474-10C3227DECB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-29] (Google Inc.)
Task: {975591EB-D178-47CE-A319-F22C0C4F9BF8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {98C37AB8-8868-496E-854E-A42996E6A6E7} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {AC25B183-31D0-48D6-959A-73FBA5A80053} - System32\Tasks\{9B5D7231-6742-41AA-BBF3-EC20D6DFF924} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lig ... rror=12031
Task: {AEE55409-7B42-488D-B8A6-32C5DFD84293} - System32\Tasks\{F70070D8-4DF0-4A1A-97C1-D875901EEE4B} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\GRAPHISOFT\ArchiCAD 17\Uninstall.AC\uninstaller.exe"
Task: {C9BEA266-EF6B-4ACC-90D9-E3F701A6C36F} - System32\Tasks\AdobeAAMUpdater-1.0-Ondra-PC-Ondra => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {E0B7464B-4A0D-4D19-BD41-59A819314DE0} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-20] (Adobe Systems Incorporated)
Task: {E2D60AB1-2F16-46F1-9779-299A6C58BAB2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-13] (Piriform Ltd)
Task: {EABA08E8-B1A2-487A-9290-FDBB06D3B192} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-29] (Google Inc.)
Task: {F2E2BD02-6658-419A-A603-332601F96FD2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-20] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2009-01-02 20:50 - 2015-07-23 02:31 - 000116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-06-23 05:56 - 2018-06-23 05:56 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-06 14:29 - 2015-09-06 14:29 - 000920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2012-01-17 11:24 - 2012-01-17 11:24 - 000055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-11-25 04:57 - 2017-05-05 15:22 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2018-05-09 11:07 - 2005-04-22 05:36 - 000143360 _____ () C:\Windows\system32\BrSNMP64.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-08-28 10:46 - 2018-08-28 10:46 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2015-09-06 14:29 - 2012-11-09 15:34 - 001406336 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
2016-08-26 18:42 - 2014-12-22 21:42 - 001356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2015-11-16 17:55 - 2018-09-13 15:43 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2016-09-16 09:20 - 2016-09-16 09:21 - 043104710 _____ () C:\Users\Ondra\AppData\Roaming\iRadioDesktop\app.exe
2018-11-29 10:16 - 2018-11-29 10:16 - 000113664 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\_ctypes.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000080896 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\bz2.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 001792512 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\_hashlib.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000128512 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\win32api.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000137728 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\pywintypes27.dll
2018-11-29 10:16 - 2018-11-29 10:16 - 000548864 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\pythoncom27.dll
2018-11-29 10:16 - 2018-11-29 10:16 - 000689664 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\unicodedata.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000438784 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\win32com.shell.shell.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 001489408 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\wx._core_.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 001007104 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\wx._gdi_.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 001039872 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\wx._windows_.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 001325056 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\wx._controls_.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000916992 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\wx._misc_.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 001084416 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\pysqlite2._sqlite.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000149504 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\win32file.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000136192 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\win32security.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000007680 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\hashobjs_ext.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000020992 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\thumbnails_ext.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000118784 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\usb_ext.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000047616 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\_socket.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 002224640 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\_ssl.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000014848 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\common.time34.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000023040 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\win32event.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000034304 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\windows.conditional.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000020480 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\windows.winwrap.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000110080 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\windows.volumes.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000223232 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\win32gui.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000173568 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\_elementtree.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000169472 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\pyexpat.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000048128 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\win32inet.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000103424 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\wx._html2.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000046080 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\_psutil_windows.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000633272 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\windows._cacheinvalidation.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000011776 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\win32crypt.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000301568 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\PIL._imaging.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000032256 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\_multiprocessing.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 005752320 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\cello.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000026112 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\_yappi.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000044032 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\win32process.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000027648 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\win32pipe.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000010752 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\select.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000029696 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\win32pdh.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000038400 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\windows.connectivity.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000073216 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\windows.device_monitor.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000020480 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\win32profile.pyd
2018-11-29 10:16 - 2018-11-29 10:16 - 000026624 _____ () C:\Users\Ondra\AppData\Local\Temp\_MEI48042\win32ts.pyd
2018-11-20 13:21 - 2018-11-20 13:21 - 000728792 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2018-08-30 08:12 - 2018-10-30 19:06 - 001057056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2018-08-30 08:12 - 2018-09-23 01:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-08-30 08:12 - 2018-09-23 01:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-08-30 08:12 - 2018-09-23 01:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2018-11-20 13:21 - 2018-11-20 13:21 - 000919256 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-11-20 13:21 - 2018-11-20 13:21 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-11-28 21:35 - 2018-11-28 21:35 - 005792912 _____ () C:\Program Files\AVAST Software\Avast\defs\18112806\algo.dll
2018-11-20 13:21 - 2018-11-20 13:21 - 000496344 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-11-20 13:21 - 2018-11-20 13:21 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-11-20 13:21 - 2018-11-20 13:21 - 001112280 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2015-09-06 14:29 - 2018-11-29 10:16 - 000025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2015-09-06 14:29 - 2010-06-29 17:58 - 000104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2016-01-22 13:20 - 2018-10-30 19:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-01-22 13:20 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-01-22 13:20 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-01-22 13:20 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-01-22 13:20 - 2018-11-26 21:29 - 002649376 _____ () C:\Program Files (x86)\Steam\video.dll
2018-03-13 09:16 - 2017-12-20 02:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-03-13 09:16 - 2017-12-20 02:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-03-13 09:16 - 2017-12-20 02:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-03-13 09:16 - 2017-12-20 02:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-03-13 09:16 - 2017-12-20 02:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2016-01-22 13:20 - 2018-11-26 21:29 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-04-02 12:12 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-09-06 14:29 - 2012-11-01 14:48 - 005771120 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2015-09-06 14:29 - 2010-06-21 14:21 - 000208896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2017-09-26 21:22 - 2017-09-26 21:22 - 001984000 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2016-09-24 10:03 - 2018-11-29 09:32 - 086734056 _____ () C:\Users\Ondra\AppData\Roaming\Spotify\libcef.dll
2015-09-06 14:34 - 2013-05-17 18:02 - 000013824 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll
2018-05-07 11:25 - 2009-02-27 15:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2018-03-13 13:26 - 2018-03-13 13:26 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-09-16 09:21 - 2016-09-16 09:21 - 001311232 _____ () C:\Users\Ondra\AppData\Roaming\iRadioDesktop\libglesv2.dll
2016-09-16 09:21 - 2016-09-16 09:21 - 000212992 _____ () C:\Users\Ondra\AppData\Roaming\iRadioDesktop\libegl.dll
2016-09-16 09:21 - 2016-09-16 09:21 - 001681224 _____ () C:\Users\Ondra\AppData\Roaming\iRadioDesktop\ffmpegsumo.dll
2009-01-02 14:56 - 2015-10-12 04:05 - 000013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-24 10:03 - 2018-11-29 09:32 - 004318952 _____ () C:\Users\Ondra\AppData\Roaming\Spotify\libglesv2.dll
2016-09-24 10:03 - 2018-11-29 09:32 - 000098024 _____ () C:\Users\Ondra\AppData\Roaming\Spotify\libegl.dll
2015-09-06 14:31 - 2012-05-18 01:57 - 000043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2015-09-06 14:31 - 2012-07-05 11:05 - 000253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2015-09-06 14:29 - 2011-07-12 18:14 - 000147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2015-09-06 14:29 - 2010-10-05 07:22 - 000253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2015-09-06 14:29 - 2012-10-08 16:07 - 000972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2015-09-06 14:29 - 2012-08-01 09:51 - 001040896 ____N () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2015-09-06 14:30 - 2012-06-19 11:56 - 001305600 ____N () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2015-09-06 14:30 - 2012-07-25 08:56 - 001124864 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2015-09-06 14:30 - 2012-07-20 08:39 - 001047040 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2015-09-06 14:29 - 2012-05-25 09:33 - 000883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2015-09-06 14:29 - 2012-05-28 20:27 - 001622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2015-09-06 14:29 - 2011-09-19 19:18 - 001243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2015-09-06 14:29 - 2011-07-21 08:06 - 000846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2015-09-06 14:29 - 2012-08-29 17:09 - 000875520 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2015-09-06 14:29 - 2010-08-23 17:17 - 000662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2015-09-06 14:29 - 2010-10-05 07:22 - 000208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2015-09-06 14:29 - 2009-08-12 19:15 - 000253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2015-09-06 14:30 - 2012-07-31 14:21 - 000152064 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\gep.dll
2015-09-06 14:30 - 2012-08-08 15:45 - 000786432 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\func.dll
2015-09-06 14:30 - 2010-10-05 07:22 - 000253952 ____N () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\pngio.dll
2015-09-06 14:23 - 2012-06-25 09:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-180312543-2219060438-160504956-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2018-11-15 21:21 - 000000048 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-180312543-2219060438-160504956-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A9D078FF-3E45-4BB8-86ED-2C7EED6A688E}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{8C4A2980-8350-40E0-A78C-C8BE51A48406}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [TCP Query User{01661159-7E8A-46F3-9F14-EA247A98C9E7}C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe] => (Allow) C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe
FirewallRules: [UDP Query User{6115D7CA-56BF-4181-ABE7-00EDCDDB0852}C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe] => (Allow) C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe
FirewallRules: [{1B600BEA-5B98-42BF-87A6-81688C134245}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{52B7500D-095A-4FD8-BC40-807D486BBE01}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A5EF2720-C125-469E-844A-711A0E37B2E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{65E3DA83-EA68-4F02-84F4-31F8C581100E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{05370C7D-773B-4CE4-B90D-8EB5F7ECC21A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{ECCF23A4-3789-4817-8489-731F58C81043}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{686A9F2C-57CA-463E-8B1E-DA1C2E5ED8C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B1F9CBB7-57F8-43B7-9CB0-D899212FBB91}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{2B510C3D-391A-46F7-94C4-3B6CFBE3A88A}] => (Allow) C:\WarThunder\launcher.exe
FirewallRules: [{0BB73D01-F05F-4DAF-A36E-1150079FB6F5}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{44C99453-47F9-4240-8C72-BDEA85E40925}] => (Allow) C:\WarThunder\bpreport.exe
FirewallRules: [{29658E4A-FA7A-4A7F-990B-144064BBF17F}] => (Allow) LPort=80
FirewallRules: [{2A2906E0-8643-4040-A65D-7A9651888F95}] => (Allow) LPort=443
FirewallRules: [{7D5AD699-40F8-461B-A047-5FF02D35D6D7}] => (Allow) LPort=20010
FirewallRules: [{E1DD2450-765F-49FD-AB44-52AE95EA88A7}] => (Allow) LPort=3478
FirewallRules: [{6535D97D-F5C4-486A-B3CE-C51001663D7F}] => (Allow) LPort=7850
FirewallRules: [{BF936669-D86D-4E14-A16B-AB386CC7FA54}] => (Allow) LPort=7852
FirewallRules: [{F3320932-99A8-4F50-B110-1F3A91BD8632}] => (Allow) LPort=7853
FirewallRules: [{6C39112E-5452-475F-B918-AC8E143E9F2D}] => (Allow) LPort=27022
FirewallRules: [{66B665D9-6623-4530-B507-44BC16CA7D7A}] => (Allow) LPort=6881
FirewallRules: [{93FC71C3-EEBB-4033-BBE2-280E8463A0FB}] => (Allow) LPort=33333
FirewallRules: [{C0DFBA5A-60BB-47FC-BDC8-635F48CF1ECD}] => (Allow) LPort=20443
FirewallRules: [{6BCC0D81-B904-4EA0-BFBB-D0C1EE50E6E0}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{A6CCD7C2-97AD-4A64-9207-5F2066A49196}C:\warthunder\launcher.exe] => (Allow) C:\warthunder\launcher.exe
FirewallRules: [UDP Query User{C879EF3D-DFA3-4AD4-A2D3-F4AF1E49681F}C:\warthunder\launcher.exe] => (Allow) C:\warthunder\launcher.exe
FirewallRules: [TCP Query User{1128A195-84AD-46BB-B466-E479E72A610B}C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe] => (Allow) C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe
FirewallRules: [UDP Query User{150887E8-AE82-40E4-9F91-4D2AD2D792A7}C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe] => (Allow) C:\program files (x86)\rhinoceros 4.0\system\rhino4.exe
FirewallRules: [{C41FE9BF-8E81-4E39-A949-A4CE5B5E3021}] => (Allow) C:\Users\Ondra\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{43D9B205-6074-4BD4-809C-84757B8AE162}] => (Allow) C:\Users\Ondra\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{77D7E4DC-7BC9-49FC-BD29-E26F5E628FDE}] => (Allow) LPort=50248
FirewallRules: [{ABD00566-542E-4C89-842D-32E80A249E4D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4016363-1963-4146-9D75-82E42B628428}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{63045F6A-2232-4F61-8A87-D1D6FC868FFE}C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe] => (Allow) C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe
FirewallRules: [UDP Query User{6257B8F1-6211-4BF2-BD7F-D5A5F65F7434}C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe] => (Allow) C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe
FirewallRules: [TCP Query User{A328F433-821C-4B7C-878F-5273AE50D765}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{9AD90634-0850-4CBB-8088-2A127B32F034}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe
FirewallRules: [TCP Query User{86F06FAD-9CE6-4BF6-AEB5-CBBA7FEAF606}C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe] => (Allow) C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe
FirewallRules: [UDP Query User{322D36AD-666F-4D3A-9254-F0DAC8849220}C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe] => (Allow) C:\program files\rhinoceros 5 (64-bit)\system\rhino.exe
FirewallRules: [TCP Query User{C539DD8E-32F8-4813-9ACB-2E7407CDA9BA}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe
FirewallRules: [UDP Query User{90F08C5D-9640-496D-96C0-D80DFC6A648E}C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe] => (Allow) C:\programdata\asgvis\common\x64\vc10\distributed rendering\xmldrspawner.exe
FirewallRules: [{DEAA5CC6-D7DA-4D35-8C60-E1B482EC3032}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [{11626FC9-3132-4151-874D-E02183B4188F}] => (Allow) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe
FirewallRules: [{5FF617B7-3734-45ED-8D6B-DC80444B749A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2E1A111-4544-407F-AE9A-F13462185CF3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5FA863AB-4AF1-4DF3-BEF7-F42A907BCFFA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{16FA4AEE-A1D8-4591-B99F-09910302622C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B6972603-E921-4439-B6F9-72F216230E1D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2A2813C2-5B33-4F47-96D0-3EBE78C9169D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{8B1E49DF-6269-42FE-8472-1BACDCB5B01B}C:\program files (x86)\bugbear entertainment\next car game\redist\next car game.exe] => (Block) C:\program files (x86)\bugbear entertainment\next car game\redist\next car game.exe
FirewallRules: [UDP Query User{39E8BD21-C09B-4BEC-990B-A216652AAD88}C:\program files (x86)\bugbear entertainment\next car game\redist\next car game.exe] => (Block) C:\program files (x86)\bugbear entertainment\next car game\redist\next car game.exe
FirewallRules: [{9A71C007-25F2-446A-A0F9-E23A9C792363}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{82C205BD-9766-4F04-BFB7-8365B8CFD811}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{3FF40CAE-F789-4194-BFB6-772144EE0777}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{CFAFDE9C-DEA8-4A39-B255-6A07A61C297F}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{9304527E-F473-47FF-8BB8-DB2B8EB01A02}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{146D1F75-8F1B-46EA-B86C-7500061F7FD8}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [{2B494350-BF93-4477-8B21-B36F0A238D83}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{68C3D452-1D34-4A8C-A453-82DCDBBA7DF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E2F41571-4E3F-4746-9AE0-A06229B2823A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{17F312D2-8A9D-400C-9092-51008C21946A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{95CB426F-C76C-4C42-A778-EC84426A86E4}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{1C40A2E3-18F7-4462-B4BF-38E80EEB028C}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [TCP Query User{7C6DF1CA-BB4B-405F-BF2C-CBE0B44773A1}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{7B19E120-521E-4240-835E-2253ABF7EB8D}C:\warthunder\win64\aces.exe] => (Allow) C:\warthunder\win64\aces.exe
FirewallRules: [TCP Query User{E04FA46F-F33E-41C1-B1E8-B783F1EA3FA3}C:\users\ondra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ondra\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D0AACF6E-9E30-4A44-B1A0-08EC302ABC6E}C:\users\ondra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\ondra\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{2C3629C5-C1A5-42A5-AE5F-37A7625F6283}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{2E6D73FF-ED6C-4BC9-B33C-F32F637D3740}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{2CB1C3ED-9696-41FA-9F31-DD940AEA812D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arx Fatalis\arx.exe
FirewallRules: [{67321925-2A81-47D2-BDE3-C468B9B20CA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arx Fatalis\arx.exe
FirewallRules: [{9FDD6EFE-4115-424C-B1ED-C8E843EEB627}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{5FD5F5FB-7FDB-484E-AD48-5F473C6E34C0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{28FBCE25-FFF7-4FF5-A587-B333D15A2DF6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3388118B-BF9B-4494-AC5D-AE44E30FAB62}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{13343F8B-6E7C-472C-9E6E-C75A04FE51AF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{CD2D555F-4C5E-414A-B3C8-190B90784A2B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9E78AF57-0B75-4EC0-B33C-014F02C61F5A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{79C413E4-6676-49D5-A864-51ADA2CBC5CF}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield Bad Company 2\BFBC2Game.exe
FirewallRules: [{030455CF-6C49-48A6-8B87-426D5E884471}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B7BB6B7D-D6E5-4FB6-B3F8-26935C1DE3D2}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{3E1581E4-B1A2-475F-96AC-EE67F0FED5A1}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{41FD59CC-F5CD-43B4-B991-4ABD2D6D2627}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{04F41718-02B8-42A4-9C98-59F63ECB748B}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [TCP Query User{5C903A24-F982-49B9-BF41-CFEF0CDFFB9D}C:\program files\graphisoft\archicad 17\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 17\archicad.exe
FirewallRules: [UDP Query User{3D426B16-5341-47EA-A8BF-066395288039}C:\program files\graphisoft\archicad 17\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 17\archicad.exe
FirewallRules: [TCP Query User{F3C599C6-0CC6-43DD-8B15-E5BBDCC724F5}C:\program files\graphisoft\archicad 17\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 17\gsquicktimeserver\gsqtserver.exe
FirewallRules: [UDP Query User{8B2266E9-29AB-4593-BE70-11CAB0203911}C:\program files\graphisoft\archicad 17\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 17\gsquicktimeserver\gsqtserver.exe
FirewallRules: [TCP Query User{884C410E-BBCC-4CD4-A13E-291E03541C98}C:\users\ondra\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ondra\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3FFDFFEB-9A72-4FAC-855D-8431D5C317F5}C:\users\ondra\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ondra\appdata\roaming\spotify\spotify.exe
FirewallRules: [{33B7F933-05BD-4993-8E32-7CB07BA1AF4F}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{1810B4A2-B770-4B40-AE0C-59E1E42D2C2F}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [TCP Query User{39924200-927A-4726-A159-2F551F2F4467}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{1430C701-CD57-470A-BE3E-0859D40A48E7}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [{7F046DD2-89A9-4C79-8FA3-89A341531D67}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8E9C65F8-C448-4C89-B53C-93D5E1DDD88F}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14e\FAXRX.EXE
FirewallRules: [{16B0188F-D8F8-4CEF-A85F-A95E12DF8A67}] => (Allow) LPort=54925
FirewallRules: [{E025A7DC-DE97-4828-9F11-B35123791E0A}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 16\ArchiCAD.exe
FirewallRules: [{E9729AFA-EDD1-4DD0-B73B-0C5990000C0F}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 16\ArchiCAD.exe
FirewallRules: [{ED3B4956-1E71-4ECE-ADD9-0E428257F3F8}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 16\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{535643BB-0B94-48D7-9ECB-73AD17F61E4B}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 16\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{34E61CED-0D53-488E-AF28-A587831D37A3}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 17\ArchiCAD.exe
FirewallRules: [{6037D31D-BC6C-4149-A841-25BD10F6DA34}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 17\ArchiCAD.exe
FirewallRules: [{215B7857-CC0E-40D6-9096-F5BF1A207603}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 17\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{33A65AEC-F043-4C60-9EB0-41113B5804A2}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 17\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{422805E7-37EE-475B-B2EA-50C862B82AF2}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{211EFA4C-1BE0-4D5E-9CA4-285BD1EB0726}] => (Block) C:\Program Files\GRAPHISOFT\ArchiCAD 19\ArchiCAD.exe
FirewallRules: [{D3D4A62E-14AC-434E-B837-21C753E4347E}] => (Block) C:\Program Files\GRAPHISOFT\ArchiCAD 19\CineRender\CineRender 64bit.exe
FirewallRules: [{8B562590-2504-4300-A3DE-22E9554A6103}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 19\BIMxUploader.exe
FirewallRules: [{CC72C7BC-962F-4521-BC00-92F3DAD889CF}] => (Allow) C:\Program Files\Nexus Mod Manager\NexusClient.exe
FirewallRules: [{A8BEC7CB-71F5-4999-BA66-A366F10096CC}] => (Allow) C:\Program Files\Nexus Mod Manager\NexusClient.exe
FirewallRules: [{FE16C3F3-E98A-4C82-B674-45D476C1A7DB}] => (Allow) C:\Program Files\Nexus Mod Manager\NexusClient.exe
FirewallRules: [{A1DA1FF1-7C50-4FC5-973E-89B9A649D224}] => (Allow) C:\Program Files\Nexus Mod Manager\NexusClient.exe
FirewallRules: [{923C72C7-6B75-4C9F-9891-980AC9CC7AEA}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{AF5C143F-4DC9-4129-A905-F85A06AC0948}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{F4BB4E0D-4CA5-41AF-A7A6-37DCE7D546E1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{020A314B-5038-4542-9170-0CEF4F3AA42E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{4512CE8B-43A3-436E-AF28-E4AF7960B594}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{10123868-8FC0-4B43-9309-0B762788669D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{60136BCA-3DEC-4EAD-AC08-CA8A9EB40238}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{90B08B04-F6D1-42DE-AC2A-C054A2220137}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F6259E47-29E0-4F71-881F-BA8527B7FCA9}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{E6A5F204-587D-4C62-AA48-082929D7F742}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{52B985FE-3F8C-446D-B3D3-FC0CBAC777A4}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/29/2018 10:18:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (11/29/2018 10:18:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (11/29/2018 10:18:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (11/29/2018 10:18:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (11/29/2018 10:18:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (11/29/2018 10:18:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (11/29/2018 10:18:49 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (11/29/2018 10:16:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/m ... ootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.


System errors:
=============
Error: (11/29/2018 10:17:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/29/2018 10:17:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/29/2018 10:17:05 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (11/29/2018 10:17:05 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (11/29/2018 10:16:47 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (11/29/2018 10:16:47 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (11/29/2018 10:15:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BrYNSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/29/2018 10:15:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2016-09-21 13:30:37.513
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswHdsKe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-21 13:30:37.513
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswHdsKe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-20 13:27:46.969
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswHdsKe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-20 13:27:46.969
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswHdsKe.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2008-12-31 23:03:23.988
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

Date: 2008-12-31 23:03:06.119
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2008-12-31 23:03:06.088
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-08-11 07:22:25.207
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 27%
Total physical RAM: 16329.09 MB
Available physical RAM: 11786.66 MB
Total Virtual: 18642.06 MB
Available Virtual: 13845.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:1.18 GB) NTFS
Drive e: () (Removable) (Total:14.9 GB) (Free:2.19 GB) FAT32
Drive g: () (Fixed) (Total:931.51 GB) (Free:3.34 GB) NTFS
Drive h: () (Removable) (Total:14.83 GB) (Free:10.69 GB) FAT32

\\?\Volume{57c10176-5499-11e5-bd5b-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{e86c5651-7638-11e5-a315-c860009b5672}\ (SKYRIM_EN) (CDROM) (Total:5.12 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 43A742BF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Protective MBR) (Size: 14.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Protective MBR) (Size: 14.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0026193E)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118238
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: kontrola logu PC, nabourán email

#2 Příspěvek od Rudy »

Zdravím!
Především si změňte heslo k e-mailu. Pak spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ondrejs
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 20 kvě 2009 14:07

Re: kontrola logu PC, nabourán email

#3 Příspěvek od ondrejs »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-29-2018
# Duration: 00:00:00
# OS: Windows 7 Ultimate
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2561 octets] - [29/11/2018 10:15:29]
AdwCleaner[C00].txt - [2489 octets] - [29/11/2018 10:15:56]
AdwCleaner[S01].txt - [1375 octets] - [29/11/2018 12:04:02]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118238
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: kontrola logu PC, nabourán email

#4 Příspěvek od Rudy »

Tot je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\...\Run: [Autodesk Sync] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: {e86c5651-7638-11e5-a315-c860009b5672} - I:\AUTORUN.EXE
FF NewTab: Mozilla\Firefox\Profiles\k72m93dr.default -> hxxp://securedsearch.lavasoft.com/?pr=v ... 320_170619
C:\Windows\System32\Tasks\{F70070D8-4DF0-4A1A-97C1-D875901EEE4B}
C:\Windows\System32\Tasks\{CAE7ABA3-58CD-4A93-A715-17DF1E092BE5}
C:\Windows\System32\Tasks\{9B5D7231-6742-41AA-BBF3-EC20D6DFF924}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Ondra\AppData\Local\Temp
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
Task: {8E314429-1AAE-46CB-8474-10C3227DECB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-29] (Google Inc.)
Task: {EABA08E8-B1A2-487A-9290-FDBB06D3B192} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-29] (Google Inc.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
FirewallRules: [{2B494350-BF93-4477-8B21-B36F0A238D83}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{68C3D452-1D34-4A8C-A453-82DCDBBA7DF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E2F41571-4E3F-4746-9AE0-A06229B2823A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{17F312D2-8A9D-400C-9092-51008C21946A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ondrejs
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 20 kvě 2009 14:07

Re: kontrola logu PC, nabourán email

#5 Příspěvek od ondrejs »

Fix result of Farbar Recovery Scan Tool (x64) Version: 29.11.2018 01
Ran by Ondra (01-12-2018 11:28:46) Run:1
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\...\Run: [Autodesk Sync] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: I - I:\setup.exe
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: {e86c5651-7638-11e5-a315-c860009b5672} - I:\AUTORUN.EXE
FF NewTab: Mozilla\Firefox\Profiles\k72m93dr.default -> hxxp://securedsearch.lavasoft.com/?pr=v ... 320_170619
C:\Windows\System32\Tasks\{F70070D8-4DF0-4A1A-97C1-D875901EEE4B}
C:\Windows\System32\Tasks\{CAE7ABA3-58CD-4A93-A715-17DF1E092BE5}
C:\Windows\System32\Tasks\{9B5D7231-6742-41AA-BBF3-EC20D6DFF924}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Ondra\AppData\Local\Temp
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
Task: {8E314429-1AAE-46CB-8474-10C3227DECB2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-29] (Google Inc.)
Task: {EABA08E8-B1A2-487A-9290-FDBB06D3B192} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-29] (Google Inc.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
FirewallRules: [{2B494350-BF93-4477-8B21-B36F0A238D83}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{68C3D452-1D34-4A8C-A453-82DCDBBA7DF6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E2F41571-4E3F-4746-9AE0-A06229B2823A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{17F312D2-8A9D-400C-9092-51008C21946A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Autodesk Sync" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-180312543-2219060438-160504956-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I => removed successfully
HKU\S-1-5-21-180312543-2219060438-160504956-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e86c5651-7638-11e5-a315-c860009b5672} => removed successfully
HKLM\Software\Classes\CLSID\{e86c5651-7638-11e5-a315-c860009b5672} => not found
"Firefox newtab" => removed successfully
C:\Windows\System32\Tasks\{F70070D8-4DF0-4A1A-97C1-D875901EEE4B} => moved successfully
C:\Windows\System32\Tasks\{CAE7ABA3-58CD-4A93-A715-17DF1E092BE5} => moved successfully
C:\Windows\System32\Tasks\{9B5D7231-6742-41AA-BBF3-EC20D6DFF924} => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

"C:\Users\Ondra\AppData\Local\Temp" folder move:

Could not move "C:\Users\Ondra\AppData\Local\Temp" => Scheduled to move on reboot.

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => removed successfully
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => removed successfully
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8E314429-1AAE-46CB-8474-10C3227DECB2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E314429-1AAE-46CB-8474-10C3227DECB2}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EABA08E8-B1A2-487A-9290-FDBB06D3B192}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EABA08E8-B1A2-487A-9290-FDBB06D3B192}" => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`28hfm" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B494350-BF93-4477-8B21-B36F0A238D83}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{68C3D452-1D34-4A8C-A453-82DCDBBA7DF6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2F41571-4E3F-4746-9AE0-A06229B2823A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{17F312D2-8A9D-400C-9092-51008C21946A}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 266439018 B
Java, Flash, Steam htmlcache => 120941621 B
Windows/system/drivers => 14633443 B
Edge => 0 B
Chrome => 154583 B
Firefox => 273647992 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 101036 B
systemprofile32 => 692 B
LocalService => 132244 B
NetworkService => 66228 B
Ondra => 824512376 B
UpdatusUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 01-12-2018 11:30:21)

C:\Users\Ondra\AppData\Local\Temp => moved successfully

==== End of Fixlog 11:30:21 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118238
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: kontrola logu PC, nabourán email

#6 Příspěvek od Rudy »

Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ondrejs
Návštěvník
Návštěvník
Příspěvky: 43
Registrován: 20 kvě 2009 14:07

Re: kontrola logu PC, nabourán email

#7 Příspěvek od ondrejs »

Děkuji, s dovolením založím ještě téma pro NB.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118238
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: kontrola logu PC, nabourán email

#8 Příspěvek od Rudy »

Můžete to dát klidně sem.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“