Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zablokovaný řístup Google

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
kuba7710
Návštěvník
Návštěvník
Příspěvky: 102
Registrován: 13 dub 2007 18:08

Zablokovaný řístup Google

#1 Příspěvek od kuba7710 »

Dobrý den,
google píše ,že byla na mém počítači zaznamenána neobvyklá činnost. Prosím o kontrolu.

Předem děkuji
Kubíček

Logfile of random's system information tool 1.10 (written by random/random)
Run by Stehlici at 2019-01-30 08:13:27
Microsoft Windows 10 Pro
System drive C: has 13 GB (19%) free of 71 GB
Total RAM: 4012 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:13:32, on 30. 1. 2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
C:\Users\Stehlici\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Stehlici\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files\trend micro\Stehlici.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_8DFA5785C00E69819465D8C23CB31041] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Stehlici\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [World of Tanks] "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [Wargaming.net Game Center] "C:\ProgramData\Wargaming.net\GameCenter\wgc.exe" --background ''
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [ETP] C:\Users\Stehlici\AppData\Roaming\System\etp.exe /qn
O4 - HKCU\..\Run: [Plays] "C:\Users\Stehlici\AppData\Local\Plays\update.exe" --processStart "Plays.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Stehlici\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Stehlici\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Stehlici\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Stehlici\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Uninstall 18.222.1104.0007\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stehlici\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64"
O4 - HKCU\..\RunOnce: [Uninstall 18.222.1104.0007] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Stehlici\AppData\Local\Microsoft\OneDrive\18.222.1104.0007"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{b8640522-2a5e-43df-90fc-7a3b4f3ee44e}: NameServer = 93.153.117.33 93.153.117.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ba557da0-e471-47c0-a5f0-55d7e1b037d6}: NameServer = 93.153.117.33 93.153.117.17
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: @oem84.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee WebAdvisor - McAfee, Inc. - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 13203 bytes

======Listing Processes======









winlogon.exe

c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6544ad04-bb3d-408a-9160-5fb399cff06a -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ed57bbe2-8552-4697-8da7-15a0f3632b54 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-31d2e27b-2f9c-437d-a301-765feee92563 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9caaafd9-ac74-402a-a188-e565563cfdb8 -LifetimeId:f42910f3-4d88-4539-831f-1c60bbf4c54c -DeviceGroupId:WudfDefaultDevicePool
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p
dashost.exe {88d6f6e6-a646-437b-a5d95004db9b519e}
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s WwanSvc
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

atieclxx
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\WINDOWS\system32\CxAudMsg64.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks

c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
C:\WINDOWS\system32\BtwRSupportService.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\SysWOW64\svchost.exe -k MbnExt
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
"C:\Program Files\McAfee\WebAdvisor\UIHost.exe"
sihost.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
igfxEM.exe
igfxHK.exe
igfxTray.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX6an27ssxm1kq22j0wm54a996rsgjh8an.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.37.98.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
c:\windows\system32\svchost.exe -k netsvcs -p
AvastUI.exe /nogui
"C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" -tray
szndesktop.exe default start
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Users\Stehlici\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
c:\windows\system32\svchost.exe -k unistacksvcgroup

"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr.exe" --log_to_file --from_stub --startup
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
"C:\Users\Stehlici\AppData\Roaming\System\update-client.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
"C:\01\update-client.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s SmsRouter
raptr_im.exe
"C:\PROGRA~2\RAPTRI~1\Raptr\raptr_ep64.exe" 10396
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\rempl\sedsvc.exe"

"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
/updateInstalled /background
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files\rempl\sedlauncher.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
"C:\Program Files (x86)\Steam\Steam.exe" "steam://rungameid/730"
"C:\\ProgramData\\Wargaming.net\\GameCenter\\wgc.exe" --background --session-id B744565C34A3E40C4D3C25CCA2FDF1D7 --event-sequence-number 33 --start-up-time 2019-01-27T15:33:05 --wgc-api-versions-used --background
"C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe" --pipe "parent_pid_1264ikx3832x-8xk3-xk38-x3k8-6k3ix18xq32b" --superuserid "WGC"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\Stehlici\AppData\Local\Steam\htmlcache" "-steampid=13756" "-buildid=1546909276" "-steamid=0" "-steamuniverse=Dev" "-clientui=C:\Program Files (x86)\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-features=TouchpadAndWheelScrollLatching,AsyncWheelEvents --enable-media-stream --disable-smooth-scrolling --num-raster-threads=4 --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\Stehlici\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1546909276 --initial-client-data=0x2dc,0x2e0,0x2e4,0x2d8,0x2e8,0x7ffb5d4f1f78,0x7ffb5d4f1f88,0x7ffb5d4f1f98
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --lang=cs-CZ --buildid=1546909276 --steamid=0 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --lang=cs-CZ --buildid=1546909276 --steamid=0 --service-request-channel-token=697A5EF06642784488EA8D038C2FDE8F --mojo-platform-channel-handle=1320 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=292CF676CBFADC6E287FB27F62D57C8B --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --disable-spell-checking --buildid=1546909276 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=292CF676CBFADC6E287FB27F62D57C8B --renderer-client-id=4 --mojo-platform-channel-handle=1832 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=F21A5DB5F45C638120BF6D770923BD12 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --disable-spell-checking --buildid=1546909276 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=F21A5DB5F45C638120BF6D770923BD12 --renderer-client-id=5 --mojo-platform-channel-handle=2388 /prefetch:1
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService

C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService

"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
{DD975CEE-D1A0-484E-9443-7564BD85BEC5}
{A7DD9596-0C2C-4561-A4EF-5562D90A5C0E}
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s wcncsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\WINDOWS\system32\AUDIODG.EXE 0x688
C:\WINDOWS\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-628443383-1597414530-3784377036-100128_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-628443383-1597414530-3784377036-100128 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 756 760 768 8192 764
"C:\Users\Stehlici\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\RSITx64 (1).exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2018-12-15 1311032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-18 474688]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2018-12-15 978608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-18 188992]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-25 935104]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2013-07-19 6340312]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2015-01-06 15813616]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2015-01-06 80880]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-31 36352]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-01-07 261512]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03 3944136]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
"MouseDriver"=C:\WINDOWS\system32\TiltWheelMouse.exe [2012-12-19 241152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_8DFA5785C00E69819465D8C23CB31041"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2018-12-12 1587680]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2017-12-05 2171520]
"OneDrive"=C:\Users\Stehlici\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-01-27 1500976]
"World of Tanks"=C:\Games\World_of_Tanks\WargamingGameUpdater.exe []
"Wargaming.net Game Center"=C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2019-01-28 2536824]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-01-05 3133216]
"ETP"=C:\Users\Stehlici\AppData\Roaming\System\etp.exe [2018-08-30 2458334]
"Plays"=C:\Users\Stehlici\AppData\Local\Plays\update.exe [2018-10-12 1945736]
"cz.seznam.software.autoupdate"=C:\Users\Stehlici\AppData\Roaming\Seznam.cz\szninstall.exe [2018-03-27 1069296]
"cz.seznam.software.szndesktop"=C:\Users\Stehlici\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]
""= []
"NokiaSuite.exe"=C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [2013-04-19 1090912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Delete Cached Update Binary"=C:\WINDOWS\system32\cmd.exe [2018-04-12 273920]
"Delete Cached Standalone Update Binary"=C:\WINDOWS\system32\cmd.exe [2018-04-12 273920]
"Uninstall 18.222.1104.0007\amd64"=C:\WINDOWS\system32\cmd.exe [2018-04-12 273920]
"Uninstall 18.222.1104.0007"=C:\WINDOWS\system32\cmd.exe [2018-04-12 273920]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Raptr"=C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2017-05-30 58584]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2012-03-26 449168]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-12-19 587288]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2018-03-27 1069296]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-01-07 261512]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-01-30 08:13:27 ----D---- C:\rsit
2019-01-30 08:13:27 ----D---- C:\Program Files\trend micro
2019-01-14 14:53:35 ----A---- C:\WINDOWS\system32\drivers\aswbidsdriver.sys
2019-01-09 12:07:17 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2019-01-09 12:07:17 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2019-01-09 12:07:17 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 12:07:16 ----A---- C:\WINDOWS\system32\WinTypes.dll
2019-01-09 12:07:16 ----A---- C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 12:07:16 ----A---- C:\WINDOWS\system32\iertutil.dll
2019-01-09 12:07:15 ----A---- C:\WINDOWS\system32\hvloader.dll
2019-01-09 12:07:15 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2019-01-09 12:07:15 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2019-01-09 12:07:14 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2019-01-09 12:07:14 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2019-01-09 12:07:14 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-01-09 12:07:13 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2019-01-09 12:07:13 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2019-01-09 12:07:13 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2019-01-09 12:07:13 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2019-01-09 12:07:13 ----A---- C:\WINDOWS\system32\rpcss.dll
2019-01-09 12:07:13 ----A---- C:\WINDOWS\system32\hvax64.exe
2019-01-09 12:07:12 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 12:07:12 ----A---- C:\WINDOWS\system32\ieframe.dll
2019-01-09 12:07:12 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 12:07:11 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 12:07:11 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-01-09 12:07:11 ----A---- C:\WINDOWS\system32\Chakra.dll
2019-01-09 12:07:11 ----A---- C:\WINDOWS\system32\hvix64.exe
2019-01-09 12:07:11 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 12:07:10 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 12:07:10 ----A---- C:\WINDOWS\system32\msxml6.dll
2019-01-09 12:07:10 ----A---- C:\WINDOWS\system32\kerberos.dll
2019-01-09 12:07:10 ----A---- C:\WINDOWS\system32\combase.dll
2019-01-09 12:07:09 ----A---- C:\WINDOWS\system32\wininet.dll
2019-01-09 12:07:09 ----A---- C:\WINDOWS\system32\edgeIso.dll
2019-01-09 12:07:09 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 12:07:09 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-01-09 12:07:08 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-01-09 12:07:07 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 12:07:07 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 12:07:07 ----A---- C:\WINDOWS\system32\edgehtml.dll
2019-01-09 12:07:06 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2019-01-09 12:07:06 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2019-01-09 12:07:06 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2019-01-09 12:07:06 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2019-01-09 12:07:05 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2019-01-09 12:07:05 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2019-01-09 12:07:04 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2019-01-09 12:07:04 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2019-01-09 12:07:04 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2019-01-09 12:07:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 12:07:03 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 12:06:54 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 12:06:54 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 12:06:53 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2019-01-09 12:06:53 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 12:06:53 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2019-01-09 12:06:53 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2019-01-09 12:06:53 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2019-01-09 12:06:53 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 12:06:53 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 12:06:53 ----A---- C:\WINDOWS\system32\aadtb.dll
2019-01-09 12:06:52 ----A---- C:\WINDOWS\SYSWOW64\wlidcredprov.dll
2019-01-09 12:06:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Web.dll
2019-01-09 12:06:52 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2019-01-09 12:06:52 ----A---- C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 12:06:52 ----A---- C:\WINDOWS\system32\MusNotification.exe
2019-01-09 12:06:52 ----A---- C:\WINDOWS\system32\dssvc.dll
2019-01-09 12:06:52 ----A---- C:\WINDOWS\system32\browserexport.exe
2019-01-09 12:06:52 ----A---- C:\WINDOWS\system32\browserbroker.dll
2019-01-09 12:06:51 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2019-01-09 12:06:50 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 12:06:50 ----A---- C:\WINDOWS\system32\wlidprov.dll
2019-01-09 12:06:50 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 12:06:50 ----A---- C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 12:06:50 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 12:06:49 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2019-01-09 12:06:48 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll
2019-01-09 12:06:48 ----A---- C:\WINDOWS\SYSWOW64\wlidcli.dll
2019-01-09 12:06:48 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2019-01-09 12:06:48 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 12:06:48 ----A---- C:\WINDOWS\system32\wlidcli.dll
2019-01-09 12:06:48 ----A---- C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 12:06:48 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-01-09 12:06:48 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2019-01-09 12:06:48 ----A---- C:\WINDOWS\system32\browser_broker.exe
2019-01-09 12:06:47 ----A---- C:\WINDOWS\SYSWOW64\windowslivelogin.dll
2019-01-09 12:06:47 ----A---- C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 10:04:06 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-07 12:26:45 ----A---- C:\WINDOWS\system32\drivers\aswbuniv.sys
2019-01-07 12:26:45 ----A---- C:\WINDOWS\system32\drivers\aswblog.sys
2019-01-07 12:26:45 ----A---- C:\WINDOWS\system32\drivers\aswbidsh.sys
2019-01-07 12:26:45 ----A---- C:\WINDOWS\system32\drivers\aswArDisk.sys
2019-01-07 12:26:14 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2019-01-30 08:13:31 ----D---- C:\WINDOWS\system32\drivers\etc
2019-01-30 08:13:27 ----RD---- C:\Program Files
2019-01-30 08:09:33 ----D---- C:\WINDOWS\Temp
2019-01-30 08:05:03 ----D---- C:\WINDOWS\system32\sru
2019-01-30 08:04:23 ----D---- C:\WINDOWS\system32\SleepStudy
2019-01-29 07:11:42 ----D---- C:\WINDOWS\Prefetch
2019-01-28 20:33:40 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-01-28 17:17:36 ----D---- C:\Program Files (x86)\Steam
2019-01-28 11:13:45 ----D---- C:\WINDOWS\system32\LogFiles
2019-01-27 16:54:19 ----D---- C:\WINDOWS\system32\Tasks
2019-01-27 16:52:47 ----D---- C:\WINDOWS\AppReadiness
2019-01-27 16:52:44 ----HD---- C:\Program Files\WindowsApps
2019-01-27 16:48:40 ----D---- C:\Users\Stehlici\AppData\Roaming\Seznam.cz
2019-01-27 15:35:07 ----D---- C:\WINDOWS\System32
2019-01-27 15:35:07 ----D---- C:\WINDOWS\INF
2019-01-27 15:35:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-27 15:34:50 ----D---- C:\Users\Stehlici\AppData\Roaming\System
2019-01-27 15:34:49 ----SHDC---- C:\WINDOWS\Installer
2019-01-27 15:34:48 ----SHD---- C:\Config.Msi
2019-01-27 15:34:12 ----D---- C:\Users\Stehlici\AppData\Roaming\Raptr
2019-01-27 15:33:37 ----D---- C:\WINDOWS\system32\catroot2
2019-01-27 15:31:39 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-25 15:56:51 ----D---- C:\Windows
2019-01-21 11:23:22 ----D---- C:\WINDOWS\system32\config
2019-01-18 22:04:22 ----D---- C:\WINDOWS\WinSxS
2019-01-18 21:57:26 ----D---- C:\WINDOWS\Logs
2019-01-18 20:59:40 ----RD---- C:\WINDOWS\Microsoft.NET
2019-01-18 20:13:28 ----D---- C:\WINDOWS\system32\drivers
2019-01-18 17:24:33 ----AD---- C:\Program Files\rempl
2019-01-09 19:51:19 ----D---- C:\WINDOWS\system32\Microsoft
2019-01-09 19:13:44 ----D---- C:\WINDOWS\TextInput
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-01-09 19:13:44 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-01-09 19:13:43 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-01-09 19:13:43 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-01-09 19:13:43 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-01-09 19:13:43 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-01-09 19:13:43 ----D---- C:\WINDOWS\SysWOW64
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\zu-ZA
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\yo-NG
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\xh-ZA
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\wo-SN
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\tn-ZA
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\ti-ET
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\rw-RW
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\nso-ZA
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\ig-NG
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-01-09 19:13:42 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-01-09 19:13:41 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-01-09 19:13:40 ----D---- C:\WINDOWS\bcastdvr
2019-01-09 19:13:39 ----D---- C:\WINDOWS\system32\DriverStore
2019-01-09 17:13:41 ----D---- C:\WINDOWS\CbsTemp
2019-01-09 17:13:35 ----D---- C:\WINDOWS\system32\MRT
2019-01-09 14:54:45 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-01-07 12:26:14 ----HD---- C:\WINDOWS\ELAMBKUP
2019-01-05 21:53:47 ----D---- C:\WINDOWS\LiveKernelReports
2019-01-05 15:09:40 ----D---- C:\Users\Stehlici\AppData\Roaming\.minecraft
2019-01-02 20:41:40 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem7.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2017-10-13 106416]
R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2019-01-07 37304]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2019-01-07 196264]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswblog.sys [2019-01-07 320888]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2019-01-07 58160]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2019-01-07 15488]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2019-01-07 88144]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2019-01-07 380144]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-31 644968]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2018-12-08 304144]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2019-01-07 203488]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2019-01-14 223056]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2019-01-07 239808]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2019-01-07 42488]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2019-01-07 111992]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2019-01-07 1034056]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2019-01-07 474648]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2019-01-18 166792]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2019-01-07 218056]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-14 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R3 ACPIVPC;@oem34.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-01-06 35600]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [2017-10-13 38774688]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [2017-10-13 549792]
R3 bcbtums;@oem84.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2015-03-27 173312]
R3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2018-04-12 7585280]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-08 106496]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-12 86528]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-12 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 CnxtHdAudService;@oem119.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDRT64.sys [2015-08-05 1561728]
R3 huawei_enumerator;huawei_enumerator; C:\WINDOWS\System32\drivers\ew_jubusenum.sys [2013-11-30 91648]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-10-20 7963632]
R3 L1C;@oem77.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-07-18 130248]
R3 MEIx64;@oem97.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-08-08 99288]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-12 193536]
R3 rtsuvc;@oem5.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2013-07-19 8247640]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2018-04-12 127384]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2018-04-12 162712]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2018-04-12 143768]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2019-01-07 46584]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2018-12-08 92688]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2018-12-08 1097728]
S3 btwampfl;@oem84.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2015-03-27 188160]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [2013-01-25 109568]
S3 ew_usbccgpfilter;@oem68.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [2018-04-20 18944]
S3 ew_usbenumfilter;@oem80.inf,%busupper.SVCDESC%;huawei_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [2012-12-22 14976]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-01-01 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 hwusb_cdcacm;hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [2014-07-25 125952]
S3 hwusb_wwanecm;hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [2014-09-30 380672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-05-26 42288]
S3 IntcDAud;@oem106.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nmwcd;@oem120.inf,%MFG% %SVC%;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;@oem125.inf,%MFG% %SVC%;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2018-06-15 945568]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 RTSUER;@oem16.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-07-03 410880]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-10-13 560544]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-01-07 357816]
R2 BcmBtRSupport;@oem84.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2015-03-27 2251992]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CDPUserSvc_4dae5;Uživatelská služba platformy připojených zařízení_4dae5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 CxAudMsg;@C:\WINDOWS\system32\CxAudMsg64.exe,-100; C:\WINDOWS\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2018-04-20 190784]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-31 15720]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-10-20 365040]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-08-08 169432]
R2 MbnExt;Mobile Broadband Extension Service; C:\WINDOWS\syswow64\svchost.exe [2018-04-12 44520]
R2 McAfee WebAdvisor;McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [2018-12-15 905336]
R2 OneSyncSvc_4dae5;Hostitel synchronizace_4dae5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-01-11 325432]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-01-07 7834368]
R3 BcastDVRUserService_4dae5;Uživatelská služba pro GameDVR a vysílání her_4dae5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 PimIndexMaintenanceSvc_4dae5;Data kontaktů_4dae5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S2 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 MessagingService_4dae5;Služba zasílání zpráv_4dae5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S2 SAService;Conexant SmartAudio service; C:\WINDOWS\system32\SAsrv.exe []
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-01-07 57504]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 BluetoothUserService_4dae5;Služba pro podporu uživatelů Bluetooth_4dae5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 CaptureService_4dae5;CaptureService_4dae5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-10-20 494056]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicePickerUserSvc_4dae5;DevicePicker_4dae5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevicesFlowUserSvc_4dae5;Tok zařízení_4dae5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-05-14 779392]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PrintWorkflowUserSvc_4dae5;PrintWorkflow_4dae5; C:\WINDOWS\system32\svchost.exe [2018-04-12 51288]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-04-12 51288]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-07-15 4737448]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2018-05-31 826776]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Zablokovaný řístup Google

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
kuba7710
Návštěvník
Návštěvník
Příspěvky: 102
Registrován: 13 dub 2007 18:08

Re: Zablokovaný řístup Google

#3 Příspěvek od kuba7710 »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-25.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-30-2019
# Duration: 00:00:16
# OS: Windows 10 Pro
# Cleaned: 30
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Stehlici\AppData\Local\FileViewPro
Deleted C:\Users\Stehlici\AppData\Roaming\OpenCandy
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\Stehlici\AppData\Local\Seznam.cz
Deleted C:\Users\Stehlici\AppData\Roaming\Seznam.cz
Deleted C:\Users\Stehlici\AppData\Roaming\Solvusoft

***** [ Files ] *****

Deleted C:\Windows\System32\roboot64.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Deleted HKLM\Software\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Deleted HKLM\Software\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.solvusoft.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\solvusoft.com
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm

***** [ Chromium (and derivatives) ] *****

Deleted Search Extension by Ask
Deleted EasyPDFCombine
Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

Deleted izito.cz
Deleted Softonic DE

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3731 octets] - [30/01/2019 10:28:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Zablokovaný řístup Google

#4 Příspěvek od Diallix »

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
kuba7710
Návštěvník
Návštěvník
Příspěvky: 102
Registrován: 13 dub 2007 18:08

Re: Zablokovaný řístup Google

#5 Příspěvek od kuba7710 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2019
Ran by Stehlici (administrator) on STEHLIKOVIC (30-01-2019 12:36:58)
Running from C:\Users\Stehlici\Desktop
Loaded Profiles: Stehlici (Available Profiles: Stehlici)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: Angličtina (Spojené státy)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-01-06] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-01-06] (Lenovo(beijing) Limited)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-07] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-07] (AVAST Software)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [GoogleChromeAutoLaunch_8DFA5785C00E69819465D8C23CB31041] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1587680 2018-12-12] (Google Inc.)
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2171520 2017-12-05] (Gemfor s.r.o.)
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2536824 2019-01-30] (Wargaming.net)
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3133216 2019-01-05] (Valve Corporation)
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [ETP] => C:\Users\Stehlici\AppData\Roaming\System\etp.exe [2458334 2018-08-30] (System)
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [Plays] => C:\Users\Stehlici\AppData\Local\Plays\update.exe [1945736 2018-10-12] ()
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [] => [X]
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\MountPoints2: {0a401b6c-8ac6-11e8-82ca-201a06f88970} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\MountPoints2: {0a401bb3-8ac6-11e8-82ca-201a06f88970} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\MountPoints2: {0d48a8ee-cc67-11e7-82b4-201a06f88970} - "F:\Autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2013-09-05] (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68acc8e7-8d61-46d1-ab52-49719b377051}: [DhcpNameServer] 172.16.1.1
Tcpip\..\Interfaces\{a8542a64-4861-4e36-a6eb-0f159bb7a347}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b8640522-2a5e-43df-90fc-7a3b4f3ee44e}: [NameServer] 93.153.117.33 93.153.117.1
Tcpip\..\Interfaces\{ba557da0-e471-47c0-a5f0-55d7e1b037d6}: [NameServer] 93.153.117.33 93.153.117.17

Internet Explorer:
==================
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2018-12-15] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-18] (Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2018-12-15] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-18] (Oracle Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-01-30]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-18] (Oracle Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default [2019-01-30]
CHR Extension: (Prezentace) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-12-04]
CHR Extension: (YouTube) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Jungle Gems) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakadkkcemnilpmfdmhlmkfkfahjbnem [2018-03-10]
CHR Extension: (Avast Passwords) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-01-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-20]
CHR Extension: (Tabulky) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-01-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (EasyPDFCombine) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh [2018-08-23]
CHR Extension: (Search Extension by Ask) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp [2019-01-25]
CHR Extension: (hxxps://www.tipsport.cz/live?matchId=2267901&) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\maienmfacdionmdimilbmnfmbclihaom [2016-10-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-12-04]
CHR Extension: (Gmail) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-14]
CHR Extension: (Unura) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\pknhddkbagfjncdopglmjooigpceekdb [2016-09-12]
CHR Profile: C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-10-31]
CHR Profile: C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-12]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-628443383-1597414530-3784377036-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-628443383-1597414530-3784377036-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-07] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-07] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-01-07] (AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-05-14] (EasyAntiCheat Ltd)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [422608 2017-04-13] (Gemfor s.r.o.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [905336 2018-12-15] (McAfee, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [106416 2017-10-13] (Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-07] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-07] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [223056 2019-01-14] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-07] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-07] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-07] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-07] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-07] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166792 2019-01-18] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-07] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-07] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-07] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-07] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-07] (AVAST Software)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-04-20] (Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380672 2014-09-30] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Huawei Technologies Co., Ltd.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2015-01-06] (Basil Projects)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-30 12:36 - 2019-01-30 12:38 - 000024025 _____ C:\Users\Stehlici\Desktop\FRST.txt
2019-01-30 12:36 - 2019-01-30 12:36 - 000000000 ____D C:\FRST
2019-01-30 12:35 - 2019-01-30 12:35 - 002428416 _____ (Farbar) C:\Users\Stehlici\Desktop\FRST64.exe
2019-01-30 10:28 - 2019-01-30 10:29 - 000000000 ____D C:\AdwCleaner
2019-01-30 10:27 - 2019-01-30 10:27 - 007320272 _____ (Malwarebytes) C:\Users\Stehlici\Desktop\adwcleaner_7.2.6.0.exe
2019-01-30 08:13 - 2019-01-30 08:13 - 000000000 ____D C:\rsit
2019-01-30 08:13 - 2019-01-30 08:13 - 000000000 ____D C:\Program Files\trend micro
2019-01-28 20:34 - 2019-01-28 20:34 - 000681193 _____ C:\Users\Stehlici\Documents\IMG_20190128_0002.pdf
2019-01-28 20:34 - 2019-01-28 20:34 - 000604821 _____ C:\Users\Stehlici\Documents\IMG_20190128_0001.pdf
2019-01-27 07:47 - 2019-01-27 07:47 - 000000440 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2019-01-22 21:32 - 2019-01-22 21:32 - 000053070 _____ C:\Users\Stehlici\Downloads\Zapis (1).PDF
2019-01-22 21:31 - 2019-01-22 21:31 - 000053070 _____ C:\Users\Stehlici\Downloads\Zapis.PDF
2019-01-16 08:41 - 2019-01-26 15:06 - 000000000 ____D C:\Users\Stehlici\Documents\DOKLADY O NEHODĚ
2019-01-14 14:53 - 2019-01-14 14:53 - 000223056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-01-13 13:09 - 2019-01-13 13:09 - 000115369 _____ C:\Users\Stehlici\Downloads\serizeni_vazani (1).pdf
2019-01-09 12:07 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 12:07 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 12:07 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 12:07 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 12:07 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 12:07 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 12:07 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 12:07 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 12:07 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 12:07 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 12:07 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 12:07 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 12:07 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 12:07 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 12:07 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 12:07 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 12:07 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 12:07 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 12:07 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 12:07 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 12:07 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 12:07 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 12:07 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 12:07 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 12:07 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 12:07 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 12:07 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 12:07 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 12:07 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 12:07 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 12:07 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 12:07 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 12:07 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 12:07 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 12:07 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 12:07 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 12:07 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 12:07 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 12:07 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 12:07 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 12:07 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 12:07 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 12:07 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 12:07 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 12:07 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 12:07 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 12:07 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 12:07 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 12:07 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 12:06 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 12:06 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 12:06 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 12:06 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 12:06 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 12:06 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 12:06 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 12:06 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 12:06 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 12:06 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 12:06 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 12:06 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 12:06 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 12:06 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 12:06 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 12:06 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 12:06 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 12:06 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 12:06 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 12:06 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 12:06 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 12:06 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 12:06 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 12:06 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 12:06 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 12:06 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 12:06 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 12:06 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 12:06 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 12:06 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 12:06 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 12:06 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 12:06 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 12:06 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 12:06 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 12:06 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 12:06 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 12:06 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 10:04 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-07 12:26 - 2019-01-07 12:25 - 000361352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-01-07 12:26 - 2019-01-07 12:25 - 000320888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-01-07 12:26 - 2019-01-07 12:25 - 000196264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-01-07 12:26 - 2019-01-07 12:25 - 000058160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-01-07 12:26 - 2019-01-07 12:25 - 000037304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-01-05 15:04 - 2019-01-05 15:06 - 028927624 _____ C:\Users\Stehlici\Downloads\Minecraft z mody (1).rar
2019-01-04 22:15 - 2019-01-04 22:27 - 963346380 _____ C:\Users\Stehlici\Downloads\Kurýr - Restart (2015) CZ Dabing.avi

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-30 12:32 - 2018-05-30 15:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-30 12:32 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 10:53 - 2018-07-14 16:12 - 000000000 ____D C:\ProgramData\Packages
2019-01-30 10:53 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-30 10:53 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-30 10:35 - 2018-05-31 01:27 - 000682896 _____ C:\WINDOWS\system32\perfh005.dat
2019-01-30 10:35 - 2018-05-31 01:27 - 000137290 _____ C:\WINDOWS\system32\perfc005.dat
2019-01-30 10:35 - 2018-05-30 16:04 - 001604938 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-30 10:35 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-30 10:34 - 2018-10-05 06:25 - 000000000 ____D C:\Users\Stehlici\AppData\Roaming\System
2019-01-30 10:34 - 2018-09-11 13:54 - 000000000 ____D C:\Program Files (x86)\Steam
2019-01-30 10:31 - 2018-05-31 14:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-30 10:31 - 2017-09-18 21:33 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-30 10:31 - 2015-09-27 10:24 - 000000000 __SHD C:\Users\Stehlici\IntelGraphicsProfiles
2019-01-30 10:30 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-01-30 10:30 - 2016-10-27 10:34 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-01-30 10:28 - 2018-12-08 20:26 - 000002970 _____ C:\WINDOWS\System32\Tasks\WpsExternal_Stehlici_20181208202643
2019-01-30 10:28 - 2018-12-03 18:51 - 000003604 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1543859476
2019-01-30 10:28 - 2018-08-24 10:05 - 000000000 ____D C:\Users\Stehlici\AppData\Local\CrashDumps
2019-01-30 10:28 - 2018-07-18 20:38 - 000002698 _____ C:\WINDOWS\System32\Tasks\WpsUpdateTask_Stehlici
2019-01-30 10:28 - 2018-05-31 14:16 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-30 10:28 - 2018-05-31 14:16 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-30 10:28 - 2018-05-31 14:16 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-628443383-1597414530-3784377036-1001
2019-01-30 10:28 - 2018-05-31 14:16 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-01-30 08:06 - 2018-05-31 14:16 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-01-27 16:54 - 2018-05-30 15:52 - 000002396 _____ C:\Users\Stehlici\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-27 16:54 - 2016-06-30 21:09 - 000000000 ___RD C:\Users\Stehlici\OneDrive
2019-01-27 15:34 - 2015-01-06 14:39 - 000000000 ____D C:\Users\Stehlici\AppData\Roaming\Raptr
2019-01-22 13:25 - 2018-06-04 17:10 - 000000000 ____D C:\Users\Stehlici\AppData\Local\PlaceholderTileLogoFolder
2019-01-22 13:24 - 2018-01-28 21:36 - 000000000 ____D C:\Users\Stehlici\AppData\Local\Packages
2019-01-18 17:24 - 2018-01-12 19:07 - 000000000 ____D C:\Program Files\rempl
2019-01-18 17:15 - 2018-03-11 16:56 - 000166792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-01-09 19:13 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 19:13 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 17:13 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-09 17:13 - 2015-09-25 09:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 14:54 - 2015-09-25 09:50 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-07 12:26 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-01-07 12:25 - 2018-10-28 18:38 - 000042488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-01-07 12:25 - 2018-06-23 21:25 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 001034056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000474648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000380144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000239808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000218056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000203488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000111992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000088144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000046584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2019-01-05 21:53 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-05 15:09 - 2018-02-18 11:40 - 000000000 ____D C:\Users\Stehlici\AppData\Roaming\.minecraft
2019-01-02 20:41 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

Some files in TEMP:
====================
2019-01-30 10:33 - 2019-01-30 10:33 - 000001536 _____ () C:\Users\Stehlici\AppData\Local\Temp\NOSEventMessages.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-30 15:45

==================== End of FRST.txt ============================
Nahoru
kuba7710
Návštěvník
Návštěvník
Příspěvky: 102
Registrován: 13 dub 2007 18:08

Re: Zablokovaný řístup Google

#6 Příspěvek od kuba7710 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2019
Ran by Stehlici (30-01-2019 12:38:51)
Running from C:\Users\Stehlici\Desktop
Windows 10 Pro Version 1803 17134.523 (X64) (2018-05-31 13:18:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-628443383-1597414530-3784377036-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-628443383-1597414530-3784377036-503 - Limited - Disabled)
Guest (S-1-5-21-628443383-1597414530-3784377036-501 - Limited - Disabled)
Stehlici (S-1-5-21-628443383-1597414530-3784377036-1001 - Administrator - Enabled) => C:\Users\Stehlici
WDAGUtilityAccount (S-1-5-21-628443383-1597414530-3784377036-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Balíček ovladače systému Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.02 - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.224.0 - Conexant Systems)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - Huawei Technologies Co.,Ltd)
Huawei Drivers (HKLM-x32\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 5.05.02.00 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7850 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.17 - McAfee, Inc.)
Microsoft OneDrive (HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MPC-HC 1.7.6 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\{0C808377-8C23-44ED-9016-05F42E6D4900}) (Version: 3.8.30.0 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.30.0 - Nokia)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Název společnosti:) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Prohlížeč Seznam.cz (HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Seznam Browser) (Version: 4.3.0 - Seznam.cz a.s.)
PX Profile Update (HKLM-x32\...\{688E032B-2432-CB57-7716-B734EF6995AE}) (Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
T-Mobile Internet Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2017-12-05@2017-04-13 - Gemfor s.r.o.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Wargaming.net Game Center (HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Wargaming.net Game Center) (Version: 18.9.1.3085 - Wargaming.net)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WPS Office (10.2.0.7587) (HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Kingsoft Office) (Version: 10.2.0.7587 - Kingsoft Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-628443383-1597414530-3784377036-1001_Classes\CLSID\{70239788-4DAE-49B8-9270-5D8614384B49}\InprocServer32 -> C:\Users\Stehlici\AppData\Local\Kingsoft\WPS Office\10.2.0.7587\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll (Zhuhai Kingsoft Office Software Co.,Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-628443383-1597414530-3784377036-1001: [kpdf2wordshellext] -> {70239788-4DAE-49B8-9270-5D8614384B49} => C:\Users\Stehlici\AppData\Local\Kingsoft\WPS Office\10.2.0.7587\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll [2018-12-08] (Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B6B53A8-02ED-40A9-A754-86A9C2587568} - System32\Tasks\WpsUpdateTask_Stehlici => C:\Users\Stehlici\AppData\Local\Kingsoft\WPS Office\10.2.0.7587\wtoolex\wpsupdate.exe [2018-12-08] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {226C52BC-0F62-4E67-A70D-74C22932AC02} - \Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload -> No File <==== ATTENTION
Task: {244BCA81-C097-45DF-9329-CD38244FCD03} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {268C80EE-DB90-4C05-B005-21C7BBA983A5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {28F8236B-7AF8-4CDF-A0E0-A0DFB738247E} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03] (Synaptics Incorporated)
Task: {3451C4C7-0189-44C0-B51C-B8937566D8C8} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {38B15A84-F7C2-45FB-9F12-497D08EBC5E2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {44999B17-16C1-48B8-A8E7-CF9024FA3A6D} - System32\Tasks\Opera scheduled Autoupdate 1543859476 => C:\Users\Stehlici\AppData\Local\Programs\Opera\launcher.exe
Task: {4D9F2737-B1D7-4FC3-878A-7B75B6359A07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {56384312-D078-42C3-9630-C034965440B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {780A2D9E-2D10-4770-AB1D-F37676D76964} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7AEB32BD-CC1F-4D6C-BBA0-508B6C4D41D0} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {7B97C0D1-9FCA-4489-B29F-BD2CDB2A552C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7FBF27F6-EE85-4AE5-AFC1-435C534A978F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {835A8AC7-9E5F-4480-B032-774F1915241D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {85D8D0E7-62D4-4E3D-8A04-F946A1E3D90C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-07] (AVAST Software)
Task: {9090B488-DDFD-4650-85DB-F65FF5F8AE7F} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {95301ABB-6B78-4DEE-8319-BD138F73F8D3} - \Microsoft\Windows\Feedback\Siuf\DmClient -> No File <==== ATTENTION
Task: {97E83309-7887-4812-97AB-2A17B574B32D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9E67B4D9-E2F2-4188-B83D-AFC70CFC3B94} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A324FAE1-D709-4CCC-8C27-E861A76816C3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-18] (AVAST Software)
Task: {B275F8A0-1A12-4E6B-B9C1-6F264EEAEA8A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B5C52585-EC74-4223-AD74-3CBCDE8B7194} - System32\Tasks\WpsExternal_Stehlici_20181208202643 => C:\Users\Stehlici\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe [2018-12-08] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {B9BC7E79-667A-496D-B8CD-A1130FA9534F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-09-22] (Advanced Micro Devices, Inc.)
Task: {C006CAD9-604B-4BD5-B2C2-35AE2C002D2F} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Task: {D1A34AAC-4A4A-4E84-B1ED-08ABC70EC7CD} - \AutoPico Daily Restart -> No File <==== ATTENTION
Task: {EC922AB6-29C6-4751-A152-646C311390FF} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {ECCF046C-DF40-4CB0-93C8-3991145BCE64} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F159BFDF-08ED-43C8-9CA1-490F3D0F651A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {FD16189B-FB22-41E4-B972-CE01C960839C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_blpcfgokakmgnkcojhhkbfbldkacnbeo\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=blpcfgokakmgnkcojhhkbfbldkacnbeo
ShortcutWithArgument: C:\Users\Stehlici\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=YMZvOmLAGENqz2lLa7JvP37CaRlglGxDZJBmTGrFPVdgxWpCfsbipJgAAAFL2Xnsie&click_id=2d5fa7b399bff05625201a0811923bfc21754453 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Stehlici\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Stehlici\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=YMZvOmLAGENqz2lLa7JvP37CaRlglGxDZJBmTGrFPVdgxWpCfsbipJgAAAFL2Xnsie&click_id=2d5fa7b399bff05625201a0811923bfc21754453 --app-window-size=1366,768

==================== Loaded Modules (Whitelisted) ==============

2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-20 07:28 - 2018-04-20 07:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2017-10-20 16:42 - 2017-10-20 16:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-13 09:06 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-09 12:07 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-14 10:23 - 2018-07-14 10:23 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2019-01-24 09:37 - 2019-01-24 09:38 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-24 09:37 - 2019-01-24 09:37 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-01 07:04 - 2017-12-01 07:04 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 18:29 - 2018-11-28 18:30 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-24 09:37 - 2019-01-24 09:37 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-24 09:37 - 2019-01-24 09:37 - 009388544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-01-07 12:25 - 2019-01-07 12:25 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-07 12:25 - 2019-01-07 12:25 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-09-11 13:58 - 2018-10-30 19:06 - 001057056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2018-09-11 13:57 - 2018-09-23 01:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-09-11 13:57 - 2018-09-23 01:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-09-11 13:57 - 2018-09-23 01:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2019-01-15 13:30 - 2019-01-15 13:31 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-15 13:30 - 2019-01-15 13:31 - 065903104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2019-01-15 13:30 - 2019-01-15 13:31 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2017-10-05 19:21 - 2017-10-05 19:22 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-17 11:05 - 2018-11-17 11:06 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-17 11:05 - 2018-11-17 11:07 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-21 13:35 - 2018-08-21 13:36 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-21 13:35 - 2018-08-21 13:36 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-04-05 13:45 - 2018-04-05 13:46 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2019-01-15 13:30 - 2019-01-15 13:31 - 014186496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-17 11:05 - 2018-11-17 11:06 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2019-01-15 13:30 - 2019-01-15 13:30 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-13 10:16 - 2018-09-13 10:18 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-27 13:26 - 2018-07-27 13:26 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-15 13:30 - 2019-01-15 13:31 - 000145920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\SKU.dll
2019-01-18 18:46 - 2019-01-18 18:46 - 025375744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Music.UI.exe
2019-01-18 18:46 - 2019-01-18 18:46 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-01 07:04 - 2017-12-01 07:04 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 18:29 - 2018-11-28 18:30 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-18 18:46 - 2019-01-18 18:46 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18112.10711.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-10-04 17:39 - 2018-10-04 17:39 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-30 10:50 - 2019-01-30 10:50 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-30 10:50 - 2019-01-30 10:51 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-01-30 10:50 - 2019-01-30 10:50 - 011029504 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2019-01-30 10:50 - 2019-01-30 10:51 - 002923520 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\skypert.dll
2019-01-30 10:50 - 2019-01-30 10:50 - 000688128 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2019-01-30 10:50 - 2019-01-30 10:51 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-08-23 09:59 - 2018-12-02 15:37 - 000092536 _____ () \\?\C:\ProgramData\Wargaming.net\GameCenter\dlls\libEGL.dll
2018-08-23 09:59 - 2018-12-02 15:37 - 049006456 _____ () \\?\C:\ProgramData\Wargaming.net\GameCenter\dlls\libcef.dll
2018-08-23 09:59 - 2018-12-02 15:37 - 001663352 _____ () \\?\C:\ProgramData\Wargaming.net\GameCenter\dlls\libGLESv2.dll
2018-09-11 13:56 - 2018-10-30 19:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-09-11 13:56 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-09-11 13:56 - 2019-01-05 00:33 - 002650400 _____ () C:\Program Files (x86)\Steam\video.dll
2018-09-11 13:56 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-09-11 13:56 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-09-11 13:56 - 2017-12-20 02:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-09-11 13:56 - 2017-12-20 02:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-09-11 13:56 - 2017-12-20 02:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-09-11 13:56 - 2017-12-20 02:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-09-11 13:56 - 2017-12-20 02:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-09-11 13:56 - 2019-01-05 00:33 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-09-11 13:56 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 008507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 002354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 001014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 002480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 001346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 002653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2013-04-19 01:45 - 2013-04-19 01:45 - 000033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2013-04-19 01:45 - 2013-04-19 01:45 - 000035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2013-04-19 01:45 - 2013-04-19 01:45 - 000207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 011166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 000391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 000059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2013-04-19 01:45 - 2013-04-19 01:45 - 000438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2013-04-19 01:44 - 2013-04-19 01:44 - 000606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2015-05-08 02:37 - 2015-05-08 02:37 - 000087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 005812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 20:01 - 2017-05-04 20:01 - 000067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 001662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-08 02:38 - 2015-05-08 02:38 - 000110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-08 02:37 - 2015-05-08 02:37 - 000010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-08 02:49 - 2015-05-08 02:49 - 000417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-08 02:39 - 2015-05-08 02:39 - 000167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 22:59 - 2015-11-13 22:59 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 22:59 - 2015-11-13 22:59 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-08 02:37 - 2015-05-08 02:37 - 000583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 18:33 - 2017-05-04 18:33 - 002717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-08 02:49 - 2015-05-08 02:49 - 001213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-08 02:55 - 2015-05-08 02:55 - 000055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-30 08:13 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts


2019-01-27 07:47 - 2019-01-27 07:47 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\PC Connectivity Solution\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Lenovo\Bluetooth Software\;C:\Program Files\Lenovo\Bluetooth Software\syswow64;;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme2\img12.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BE342473-B62D-49F5-83F1-0B7C08299146}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{1740EEA9-8D67-4AB6-9625-689485A15F46}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{C5A3A020-7A15-48FA-B02C-F897B9955D20}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc)
FirewallRules: [{17F94E45-B677-4792-986C-29F94A107851}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc)
FirewallRules: [{17892BCE-57E7-459E-84AE-8F532BC08EA5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc)
FirewallRules: [{F5614900-22AA-406E-B0B8-F030DFF43C29}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc)
FirewallRules: [UDP Query User{10EBB04F-861B-4814-8955-B487C5537C9A}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe (Oracle Corporation)
FirewallRules: [TCP Query User{E358F061-2417-49E1-B94F-744524F437E1}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe (Oracle Corporation)
FirewallRules: [UDP Query User{6E64C330-0DDC-4C0E-AA7F-F35B2F245649}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe (Oracle Corporation)
FirewallRules: [TCP Query User{7FE55546-10F6-45D6-8A74-87C41234A33E}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe (Oracle Corporation)
FirewallRules: [{0D55A6A8-DD37-42D1-A04C-BB09024EB91C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc)
FirewallRules: [{E39C06B8-A3F9-4DE3-9FE7-CE0720D57B4C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc)
FirewallRules: [{B42807DB-A73B-487B-A3B0-1F907293D518}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc)
FirewallRules: [{B6D6DD9C-081B-4815-BFE5-8D9FE2F2AAE2}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc)
FirewallRules: [{62CB1188-D874-44D8-BDD9-A7BE33A98BF9}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File
FirewallRules: [{B44FEE2C-9CA1-4128-9EE9-7BD494CC2663}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File
FirewallRules: [{54C9BE00-21E3-47E8-8178-BE9BF3870F99}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File
FirewallRules: [{D11E9BDD-4F6F-4421-BEAD-9539257FC25F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File
FirewallRules: [{8A794F8D-3D4F-4049-8FFC-4A716204176C}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{80552532-2988-49C5-B1A3-58D95595AD2E}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{B1F8B622-A4A0-482F-AC80-75FE5BE0C465}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File
FirewallRules: [{75D23B29-A15D-4479-A758-43E8F0D1972A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File
FirewallRules: [{250EE563-5171-4ADF-99B6-AE73E2D89F18}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File
FirewallRules: [{9B305B25-6601-4564-9EF9-A6E13905ADBC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File
FirewallRules: [{9D0CD474-86D3-4EDF-87B3-BC293952C15D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File
FirewallRules: [{FC42E5B1-D94A-4E54-B600-5646231BAFB3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File
FirewallRules: [{D1BBA148-BBBC-485D-8E0F-AF7926FA970B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{901FB279-BBDB-4D43-A7D7-7636EA369A40}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{8D5C2378-8B81-458C-90E0-114EB83C0DE7}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File
FirewallRules: [{1AC74D90-6BC7-4102-8C03-D6C672749FDF}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File
FirewallRules: [{9AD48CAB-AE98-4297-A8D3-20CFF67336E5}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe No File
FirewallRules: [{858EB82A-D7D7-4AC2-8EA6-2F188938E68E}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe No File
FirewallRules: [{EDBE2B95-CEFC-4BE1-990B-D446FDD725E3}] => (Allow) LPort=1688
FirewallRules: [{7F6B871B-7A55-477A-8294-123DC8C2D46B}] => (Allow) C:\Users\Stehlici\AppData\Local\Kingsoft\WPS Office\10.2.0.5965\office6\wpscloudsvr.exe No File
FirewallRules: [{F3B9179E-7047-40EB-AE69-55FFED147F1A}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{84B21D67-7DEA-4A2A-9784-133AB3259511}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{91C96850-0E22-4C90-871A-9F1109487E44}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{1DD0A8BE-901A-4454-BA55-51B963678173}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [TCP Query User{9828728B-C93A-4F14-BC3E-BE0CD12E023B}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net)
FirewallRules: [UDP Query User{F2529913-A98B-417F-8709-A72121186750}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net)
FirewallRules: [{84922A32-B4C6-4544-9657-077DB8C639A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{51E9CB2B-490F-4AE5-B760-7A0BFAB4C604}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{6BF996D5-3B75-4BFC-861D-D0C47687A8CC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{4D98ED3B-7734-41E7-BF86-F0AE765306A0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{3AB1D69B-22B5-49D0-AA10-D722945E5F6E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{903A7B91-9571-42A4-B665-66BBF59D12CB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{6E3C2F88-CBC4-4EE3-B29A-E30DDB2DAB84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ()
FirewallRules: [{81E29A0F-AC9C-4372-A571-F113C2822385}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ()
FirewallRules: [TCP Query User{5F15FBAB-D5BF-4AF1-A538-69F52AEC4E82}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [UDP Query User{82C9BA65-F672-4752-A7E2-291FE5B1A99A}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [TCP Query User{38DE1740-2F76-4BF9-87E6-A07C8A8DF797}C:\users\stehlici\appdata\local\crossout\launcher.exe] => (Allow) C:\users\stehlici\appdata\local\crossout\launcher.exe No File
FirewallRules: [UDP Query User{4524AFCE-B063-4755-B5A7-5C9FD329DC50}C:\users\stehlici\appdata\local\crossout\launcher.exe] => (Allow) C:\users\stehlici\appdata\local\crossout\launcher.exe No File
FirewallRules: [{54ADC282-EE16-43A5-A11E-902471C5642E}] => (Allow) C:\Users\Stehlici\AppData\Local\Programs\Opera\57.0.3098.76\opera.exe No File
FirewallRules: [{0BF10780-1876-42B8-8BEB-18F9C2813FCE}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe (Nokia)
FirewallRules: [{3EB9017B-BA33-4FCB-AB90-EAD455002A39}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe No File
FirewallRules: [{CE039690-53B6-46E8-B658-707DE28C4B1F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{2A2801C3-7599-4397-BD98-83CB391313E5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{B551FB71-28E9-497D-B675-201B138930E5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{B836A880-919A-485F-902C-41FCCAD2BD2D}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)
FirewallRules: [{BC1F90B8-955B-4384-B282-780AC13C9F45}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{462BE602-A1BC-4D21-BDB6-8F8B877E4F88}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net)
FirewallRules: [UDP Query User{B894D0F2-E556-4E84-B024-3597BCFBDFA5}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/30/2019 10:35:01 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Stehlikovic)
Description: httphttp-2147467263

Error: (01/30/2019 10:33:47 AM) (Source: MsiInstaller) (EventID: 10005) (User: Stehlikovic)
Description: Product: ETP -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 12007. The arguments are: http://www.typhox.eu/build/XM001.zip, ,

Error: (01/30/2019 10:29:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.17134.165, časové razítko: 0x4031a9f8
Název chybujícího modulu: ltc_help64-119906.dll_unloaded, verze: 1.0.0.1, časové razítko: 0x58892ac3
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004c15
ID chybujícího procesu: 0x17dc
Čas spuštění chybující aplikace: 0x01d4b64d07e2affa
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: ltc_help64-119906.dll
ID zprávy: 9db489ce-25e2-45a9-bba2-12b9d75b1ee0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/30/2019 10:28:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007c686
ID chybujícího procesu: 0x4cc
Čas spuštění chybující aplikace: 0x01d4b87b1ae8dc50
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: 7c33922a-4909-4952-a7a6-a0379fdbb02a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/30/2019 09:55:19 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Stehlikovic)
Description: httphttp-2147467263

Error: (01/30/2019 09:55:05 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Stehlikovic)
Description: httphttp-2147467263

Error: (01/28/2019 08:35:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Users\Stehlici\Documents\esetsmartinstaller_csy.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.523_none_fb409dd930672a56.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.523_none_42edd4b044e3535c.manifest.

Error: (01/28/2019 05:16:53 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error


System errors:
=============
Error: (01/30/2019 10:53:29 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): 9WZDNCRFHVJL-MICROSOFT.OFFICE.ONENOTE.

Error: (01/30/2019 10:34:37 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/30/2019 10:34:37 AM) (Source: DCOM) (EventID: 10016) (User: Stehlikovic)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Stehlikovic\Stehlici (SID: S-1-5-21-628443383-1597414530-3784377036-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/30/2019 10:31:38 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/30/2019 10:31:38 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/30/2019 10:31:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/30/2019 10:29:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/30/2019 10:29:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2019-01-30 12:37:23.289
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-30 12:37:23.285
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-30 12:37:23.280
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-30 12:36:53.282
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-30 12:36:53.280
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-30 12:36:53.279
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-30 12:36:53.273
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-30 12:36:53.272
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210M CPU @ 2.60GHz
Percentage of memory in use: 62%
Total physical RAM: 4012.36 MB
Available physical RAM: 1517.38 MB
Total Virtual: 9132.36 MB
Available Virtual: 5544.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:69.26 GB) (Free:13.3 GB) NTFS
Drive d: (Data) (Fixed) (Total:395.51 GB) (Free:319.25 GB) NTFS

\\?\Volume{8980a647-95e5-11e4-824b-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{d9fa2484-0000-0000-0000-b05611000000}\ () (Fixed) (Total:0.9 GB) (Free:0.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=69.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=920 MB) - (Type=27)
Partition 4: (Not Active) - (Size=395.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Zablokovaný řístup Google

#7 Příspěvek od Diallix »

Otestujte na virustotal.com tieto subory a vysledky zo skenu dajte sem:
C:\Users\Stehlici\AppData\Roaming\System\etp.exe
C:\Users\Stehlici\AppData\Local\Plays\update.exe


Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
PowerShell: enable-computerrestore -drive "C:\"

(McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
C:\Program Files\McAfee
C:\Program Files\KMSpico
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [] => [X]
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\MountPoints2: {0a401b6c-8ac6-11e8-82ca-201a06f88970} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\MountPoints2: {0a401bb3-8ac6-11e8-82ca-201a06f88970} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\MountPoints2: {0d48a8ee-cc67-11e7-82b4-201a06f88970} - "F:\Autorun.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2018-12-15] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-18] (Oracle Corporation)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-01-30]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcaf ... 91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Jungle Gems) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakadkkcemnilpmfdmhlmkfkfahjbnem [2018-03-10]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-01-17]
CHR Extension: (Unura) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\pknhddkbagfjncdopglmjooigpceekdb [2016-09-12]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [905336 2018-12-15] (McAfee, Inc.)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2015-01-06] (Basil Projects)
2019-01-30 10:31 - 2017-09-18 21:33 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-30 10:28 - 2018-05-31 14:16 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-30 10:28 - 2018-05-31 14:16 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ask: {226C52BC-0F62-4E67-A70D-74C22932AC02} - \Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload -> No File <==== ATTENTION
Task: {244BCA81-C097-45DF-9329-CD38244FCD03} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {268C80EE-DB90-4C05-B005-21C7BBA983A5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {38B15A84-F7C2-45FB-9F12-497D08EBC5E2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4D9F2737-B1D7-4FC3-878A-7B75B6359A07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {780A2D9E-2D10-4770-AB1D-F37676D76964} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7AEB32BD-CC1F-4D6C-BBA0-508B6C4D41D0} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {7B97C0D1-9FCA-4489-B29F-BD2CDB2A552C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7FBF27F6-EE85-4AE5-AFC1-435C534A978F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9090B488-DDFD-4650-85DB-F65FF5F8AE7F} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {95301ABB-6B78-4DEE-8319-BD138F73F8D3} - \Microsoft\Windows\Feedback\Siuf\DmClient -> No File <==== ATTENTION
Task: {97E83309-7887-4812-97AB-2A17B574B32D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9E67B4D9-E2F2-4188-B83D-AFC70CFC3B94} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B275F8A0-1A12-4E6B-B9C1-6F264EEAEA8A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D1A34AAC-4A4A-4E84-B1ED-08ABC70EC7CD} - \AutoPico Daily Restart -> No File <==== ATTENTION
Task: {EC922AB6-29C6-4751-A152-646C311390FF} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {ECCF046C-DF40-4CB0-93C8-3991145BCE64} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F159BFDF-08ED-43C8-9CA1-490F3D0F651A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {FD16189B-FB22-41E4-B972-CE01C960839C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
FirewallRules: [{62CB1188-D874-44D8-BDD9-A7BE33A98BF9}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File
FirewallRules: [{B44FEE2C-9CA1-4128-9EE9-7BD494CC2663}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File
FirewallRules: [{54C9BE00-21E3-47E8-8178-BE9BF3870F99}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File
FirewallRules: [{D11E9BDD-4F6F-4421-BEAD-9539257FC25F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File
FirewallRules: [{8A794F8D-3D4F-4049-8FFC-4A716204176C}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{80552532-2988-49C5-B1A3-58D95595AD2E}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{B1F8B622-A4A0-482F-AC80-75FE5BE0C465}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File
FirewallRules: [{75D23B29-A15D-4479-A758-43E8F0D1972A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File
FirewallRules: [{250EE563-5171-4ADF-99B6-AE73E2D89F18}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File
FirewallRules: [{9B305B25-6601-4564-9EF9-A6E13905ADBC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File
FirewallRules: [{9D0CD474-86D3-4EDF-87B3-BC293952C15D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File
FirewallRules: [{FC42E5B1-D94A-4E54-B600-5646231BAFB3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File
FirewallRules: [{D1BBA148-BBBC-485D-8E0F-AF7926FA970B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{901FB279-BBDB-4D43-A7D7-7636EA369A40}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{8D5C2378-8B81-458C-90E0-114EB83C0DE7}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File
FirewallRules: [{1AC74D90-6BC7-4102-8C03-D6C672749FDF}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File
FirewallRules: [{9AD48CAB-AE98-4297-A8D3-20CFF67336E5}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe No File
FirewallRules: [{858EB82A-D7D7-4AC2-8EA6-2F188938E68E}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe No File
FirewallRules: [{F3B9179E-7047-40EB-AE69-55FFED147F1A}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{84B21D67-7DEA-4A2A-9784-133AB3259511}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{91C96850-0E22-4C90-871A-9F1109487E44}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{1DD0A8BE-901A-4454-BA55-51B963678173}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{6BF996D5-3B75-4BFC-861D-D0C47687A8CC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{4D98ED3B-7734-41E7-BF86-F0AE765306A0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{5F15FBAB-D5BF-4AF1-A538-69F52AEC4E82}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [UDP Query User{82C9BA65-F672-4752-A7E2-291FE5B1A99A}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [TCP Query User{38DE1740-2F76-4BF9-87E6-A07C8A8DF797}C:\users\stehlici\appdata\local\crossout\launcher.exe] => (Allow) C:\users\stehlici\appdata\local\crossout\launcher.exe No File
FirewallRules: [UDP Query User{4524AFCE-B063-4755-B5A7-5C9FD329DC50}C:\users\stehlici\appdata\local\crossout\launcher.exe] => (Allow) C:\users\stehlici\appdata\local\crossout\launcher.exe No File
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
kuba7710
Návštěvník
Návštěvník
Příspěvky: 102
Registrován: 13 dub 2007 18:08

Re: Zablokovaný řístup Google

#8 Příspěvek od kuba7710 »

Nejsem si úplně jistý jak vám sem vložit výsledky. pokusím se tak:
https://www.virustotal.com/#/file/f6698 ... /detection
https://www.virustotal.com/#/file/072d1 ... /detection
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Zablokovaný řístup Google

#9 Příspěvek od Diallix »

Dobre, urobte horeuvedeny script.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
kuba7710
Návštěvník
Návštěvník
Příspěvky: 102
Registrován: 13 dub 2007 18:08

Re: Zablokovaný řístup Google

#10 Příspěvek od kuba7710 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Stehlici (30-01-2019 17:40:14) Run:1
Running from C:\Users\Stehlici\Desktop
Loaded Profiles: Stehlici (Available Profiles: Stehlici)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
PowerShell: enable-computerrestore -drive "C:\"

(McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
C:\Program Files\McAfee
C:\Program Files\KMSpico
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [] => [X]
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\MountPoints2: {0a401b6c-8ac6-11e8-82ca-201a06f88970} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\MountPoints2: {0a401bb3-8ac6-11e8-82ca-201a06f88970} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\MountPoints2: {0d48a8ee-cc67-11e7-82b4-201a06f88970} - "F:\Autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2018-12-15] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-18] (Oracle Corporation)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee� WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-01-30]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcaf ... 91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Extension: (Jungle Gems) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakadkkcemnilpmfdmhlmkfkfahjbnem [2018-03-10]
CHR Extension: (McAfee� WebAdvisor) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-01-17]
CHR Extension: (Unura) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\pknhddkbagfjncdopglmjooigpceekdb [2016-09-12]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [905336 2018-12-15] (McAfee, Inc.)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2015-01-06] (Basil Projects)
2019-01-30 10:31 - 2017-09-18 21:33 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-30 10:28 - 2018-05-31 14:16 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-30 10:28 - 2018-05-31 14:16 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
ask: {226C52BC-0F62-4E67-A70D-74C22932AC02} - \Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload -> No File <==== ATTENTION
Task: {244BCA81-C097-45DF-9329-CD38244FCD03} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {268C80EE-DB90-4C05-B005-21C7BBA983A5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {38B15A84-F7C2-45FB-9F12-497D08EBC5E2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4D9F2737-B1D7-4FC3-878A-7B75B6359A07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {780A2D9E-2D10-4770-AB1D-F37676D76964} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7AEB32BD-CC1F-4D6C-BBA0-508B6C4D41D0} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {7B97C0D1-9FCA-4489-B29F-BD2CDB2A552C} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7FBF27F6-EE85-4AE5-AFC1-435C534A978F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {9090B488-DDFD-4650-85DB-F65FF5F8AE7F} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {95301ABB-6B78-4DEE-8319-BD138F73F8D3} - \Microsoft\Windows\Feedback\Siuf\DmClient -> No File <==== ATTENTION
Task: {97E83309-7887-4812-97AB-2A17B574B32D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9E67B4D9-E2F2-4188-B83D-AFC70CFC3B94} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {B275F8A0-1A12-4E6B-B9C1-6F264EEAEA8A} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {D1A34AAC-4A4A-4E84-B1ED-08ABC70EC7CD} - \AutoPico Daily Restart -> No File <==== ATTENTION
Task: {EC922AB6-29C6-4751-A152-646C311390FF} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {ECCF046C-DF40-4CB0-93C8-3991145BCE64} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F159BFDF-08ED-43C8-9CA1-490F3D0F651A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {FD16189B-FB22-41E4-B972-CE01C960839C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
FirewallRules: [{62CB1188-D874-44D8-BDD9-A7BE33A98BF9}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File
FirewallRules: [{B44FEE2C-9CA1-4128-9EE9-7BD494CC2663}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File
FirewallRules: [{54C9BE00-21E3-47E8-8178-BE9BF3870F99}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File
FirewallRules: [{D11E9BDD-4F6F-4421-BEAD-9539257FC25F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File
FirewallRules: [{8A794F8D-3D4F-4049-8FFC-4A716204176C}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{80552532-2988-49C5-B1A3-58D95595AD2E}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{B1F8B622-A4A0-482F-AC80-75FE5BE0C465}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File
FirewallRules: [{75D23B29-A15D-4479-A758-43E8F0D1972A}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File
FirewallRules: [{250EE563-5171-4ADF-99B6-AE73E2D89F18}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File
FirewallRules: [{9B305B25-6601-4564-9EF9-A6E13905ADBC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe No File
FirewallRules: [{9D0CD474-86D3-4EDF-87B3-BC293952C15D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File
FirewallRules: [{FC42E5B1-D94A-4E54-B600-5646231BAFB3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe No File
FirewallRules: [{D1BBA148-BBBC-485D-8E0F-AF7926FA970B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{901FB279-BBDB-4D43-A7D7-7636EA369A40}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe No File
FirewallRules: [{8D5C2378-8B81-458C-90E0-114EB83C0DE7}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File
FirewallRules: [{1AC74D90-6BC7-4102-8C03-D6C672749FDF}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe No File
FirewallRules: [{9AD48CAB-AE98-4297-A8D3-20CFF67336E5}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe No File
FirewallRules: [{858EB82A-D7D7-4AC2-8EA6-2F188938E68E}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe No File
FirewallRules: [{F3B9179E-7047-40EB-AE69-55FFED147F1A}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{84B21D67-7DEA-4A2A-9784-133AB3259511}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{91C96850-0E22-4C90-871A-9F1109487E44}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{1DD0A8BE-901A-4454-BA55-51B963678173}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{6BF996D5-3B75-4BFC-861D-D0C47687A8CC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{4D98ED3B-7734-41E7-BF86-F0AE765306A0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [TCP Query User{5F15FBAB-D5BF-4AF1-A538-69F52AEC4E82}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [UDP Query User{82C9BA65-F672-4752-A7E2-291FE5B1A99A}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe No File
FirewallRules: [TCP Query User{38DE1740-2F76-4BF9-87E6-A07C8A8DF797}C:\users\stehlici\appdata\local\crossout\launcher.exe] => (Allow) C:\users\stehlici\appdata\local\crossout\launcher.exe No File
FirewallRules: [UDP Query User{4524AFCE-B063-4755-B5A7-5C9FD329DC50}C:\users\stehlici\appdata\local\crossout\launcher.exe] => (Allow) C:\users\stehlici\appdata\local\crossout\launcher.exe No File
*****************

Processes closed successfully.

========= enable-computerrestore -drive "C:\" =========


========= End of Powershell: =========

[7268] C:\Program Files\McAfee\WebAdvisor\servicehost.exe => process closed successfully.
[4672] C:\Program Files\McAfee\WebAdvisor\uihost.exe => process closed successfully.
C:\Program Files\McAfee => moved successfully
C:\Program Files\KMSpico => moved successfully
"HKU\S-1-5-21-628443383-1597414530-3784377036-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a401b6c-8ac6-11e8-82ca-201a06f88970} => removed successfully
HKLM\Software\Classes\CLSID\{0a401b6c-8ac6-11e8-82ca-201a06f88970} => not found
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0a401bb3-8ac6-11e8-82ca-201a06f88970} => removed successfully
HKLM\Software\Classes\CLSID\{0a401bb3-8ac6-11e8-82ca-201a06f88970} => not found
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d48a8ee-cc67-11e7-82b4-201a06f88970} => removed successfully
HKLM\Software\Classes\CLSID\{0d48a8ee-cc67-11e7-82b4-201a06f88970} => not found
HKLM\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
HKLM\Software\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}" => removed successfully
"C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi" => not found
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
CHR Extension: (Jungle Gems) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakadkkcemnilpmfdmhlmkfkfahjbnem [2018-03-10] => Error: No automatic fix found for this entry.
CHR Extension: (McAfee� WebAdvisor) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-01-17] => Error: No automatic fix found for this entry.
CHR Extension: (Unura) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\pknhddkbagfjncdopglmjooigpceekdb [2016-09-12] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\McAfee WebAdvisor => removed successfully
McAfee WebAdvisor => service removed successfully
HKLM\System\CurrentControlSet\Services\WinDivert1.1 => removed successfully
WinDivert1.1 => service removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
ask: {226C52BC-0F62-4E67-A70D-74C22932AC02} - \Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload -> No File <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{244BCA81-C097-45DF-9329-CD38244FCD03}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{244BCA81-C097-45DF-9329-CD38244FCD03}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{268C80EE-DB90-4C05-B005-21C7BBA983A5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{268C80EE-DB90-4C05-B005-21C7BBA983A5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{38B15A84-F7C2-45FB-9F12-497D08EBC5E2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38B15A84-F7C2-45FB-9F12-497D08EBC5E2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D9F2737-B1D7-4FC3-878A-7B75B6359A07}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D9F2737-B1D7-4FC3-878A-7B75B6359A07}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{780A2D9E-2D10-4770-AB1D-F37676D76964}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{780A2D9E-2D10-4770-AB1D-F37676D76964}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AEB32BD-CC1F-4D6C-BBA0-508B6C4D41D0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AEB32BD-CC1F-4D6C-BBA0-508B6C4D41D0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7B97C0D1-9FCA-4489-B29F-BD2CDB2A552C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B97C0D1-9FCA-4489-B29F-BD2CDB2A552C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FBF27F6-EE85-4AE5-AFC1-435C534A978F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FBF27F6-EE85-4AE5-AFC1-435C534A978F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9090B488-DDFD-4650-85DB-F65FF5F8AE7F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9090B488-DDFD-4650-85DB-F65FF5F8AE7F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95301ABB-6B78-4DEE-8319-BD138F73F8D3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95301ABB-6B78-4DEE-8319-BD138F73F8D3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Feedback\Siuf\DmClient" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{97E83309-7887-4812-97AB-2A17B574B32D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{97E83309-7887-4812-97AB-2A17B574B32D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E67B4D9-E2F2-4188-B83D-AFC70CFC3B94}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E67B4D9-E2F2-4188-B83D-AFC70CFC3B94}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B275F8A0-1A12-4E6B-B9C1-6F264EEAEA8A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B275F8A0-1A12-4E6B-B9C1-6F264EEAEA8A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D1A34AAC-4A4A-4E84-B1ED-08ABC70EC7CD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D1A34AAC-4A4A-4E84-B1ED-08ABC70EC7CD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC922AB6-29C6-4751-A152-646C311390FF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC922AB6-29C6-4751-A152-646C311390FF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ECCF046C-DF40-4CB0-93C8-3991145BCE64}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECCF046C-DF40-4CB0-93C8-3991145BCE64}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F159BFDF-08ED-43C8-9CA1-490F3D0F651A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F159BFDF-08ED-43C8-9CA1-490F3D0F651A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD16189B-FB22-41E4-B972-CE01C960839C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD16189B-FB22-41E4-B972-CE01C960839C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{62CB1188-D874-44D8-BDD9-A7BE33A98BF9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B44FEE2C-9CA1-4128-9EE9-7BD494CC2663}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{54C9BE00-21E3-47E8-8178-BE9BF3870F99}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D11E9BDD-4F6F-4421-BEAD-9539257FC25F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A794F8D-3D4F-4049-8FFC-4A716204176C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{80552532-2988-49C5-B1A3-58D95595AD2E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B1F8B622-A4A0-482F-AC80-75FE5BE0C465}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75D23B29-A15D-4479-A758-43E8F0D1972A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{250EE563-5171-4ADF-99B6-AE73E2D89F18}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9B305B25-6601-4564-9EF9-A6E13905ADBC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9D0CD474-86D3-4EDF-87B3-BC293952C15D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FC42E5B1-D94A-4E54-B600-5646231BAFB3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D1BBA148-BBBC-485D-8E0F-AF7926FA970B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{901FB279-BBDB-4D43-A7D7-7636EA369A40}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8D5C2378-8B81-458C-90E0-114EB83C0DE7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1AC74D90-6BC7-4102-8C03-D6C672749FDF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9AD48CAB-AE98-4297-A8D3-20CFF67336E5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{858EB82A-D7D7-4AC2-8EA6-2F188938E68E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F3B9179E-7047-40EB-AE69-55FFED147F1A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{84B21D67-7DEA-4A2A-9784-133AB3259511}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{91C96850-0E22-4C90-871A-9F1109487E44}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1DD0A8BE-901A-4454-BA55-51B963678173}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6BF996D5-3B75-4BFC-861D-D0C47687A8CC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4D98ED3B-7734-41E7-BF86-F0AE765306A0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5F15FBAB-D5BF-4AF1-A538-69F52AEC4E82}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{82C9BA65-F672-4752-A7E2-291FE5B1A99A}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{38DE1740-2F76-4BF9-87E6-A07C8A8DF797}C:\users\stehlici\appdata\local\crossout\launcher.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4524AFCE-B063-4755-B5A7-5C9FD329DC50}C:\users\stehlici\appdata\local\crossout\launcher.exe" => removed successfully


The system needed a reboot.

==== End of Fixlog 17:40:30 ====
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Zablokovaný řístup Google

#11 Příspěvek od Diallix »

Urobte nove logy FRST + ADDITION a dajte ich sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
kuba7710
Návštěvník
Návštěvník
Příspěvky: 102
Registrován: 13 dub 2007 18:08

Re: Zablokovaný řístup Google

#12 Příspěvek od kuba7710 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Stehlici (30-01-2019 18:05:50)
Running from C:\Users\Stehlici\Desktop
Windows 10 Pro Version 1803 17134.523 (X64) (2018-05-31 13:18:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-628443383-1597414530-3784377036-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-628443383-1597414530-3784377036-503 - Limited - Disabled)
Guest (S-1-5-21-628443383-1597414530-3784377036-501 - Limited - Disabled)
Stehlici (S-1-5-21-628443383-1597414530-3784377036-1001 - Administrator - Enabled) => C:\Users\Stehlici
WDAGUtilityAccount (S-1-5-21-628443383-1597414530-3784377036-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Balíček ovladače systému Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.02 - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{51F85784-6799-5CA3-97B2-2E5904FC3E58}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{55A4D3AB-C8DF-26B2-89A8-7E16E1E40700}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{84C3F2C5-F7B2-2F08-CDF4-79EF7CC55D74}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{C3EE628C-7394-FE2C-0C90-C05284EB528D}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0E8A3B17-D603-B1B6-C205-1685EBDD23E9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2F544F46-5F6E-97BB-3550-A0242A3C5754}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{1E7D3072-1D28-E33A-99DF-85D9F7ECD06E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{FC4086D6-E345-5F43-08BB-280FB57DAF49}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA26B70C-3D8C-2D14-4122-211FB3E6F691}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{F8EBE530-A4D5-BF51-F623-3787E6B8A878}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{42FBD43F-DE53-6D4D-5134-E3C93B45CBEF}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{5FEACE78-C338-9AED-FF05-7DE7E273C774}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A3795528-F572-6314-C4E3-EE9DAF0FBF02}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{AC85CF50-9A55-0103-ADBF-365C37603AA4}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{4853A56D-7931-A08B-5BA7-8E2D61043DF9}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B349892D-B015-033C-4CA8-3635E6B655D7}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B28CF677-E2C8-12CA-52BB-19B6F066D36A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BE8D6AB1-3049-2F0C-67FA-00C0A5D321A3}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{365AEAB2-4CF3-7CBB-0DAC-E9E14B688E65}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{8E6F5592-ED7E-9C50-74AC-BF417B1FE291}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7ABC6D83-816E-6D48-E65D-B0CEDD294E4E}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{AD28960A-6190-C991-C964-308B86EAA2E2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{26567561-DFB2-2B63-9BA8-6A490ED37016}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{43F6D22B-E0E9-EE90-9B62-1C5FC5D15A55}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{0809FEC1-EF86-51E9-8210-DC1B1BDB6745}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D4490E0F-8E7B-1097-B56A-7643C75F1C28}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{5FD706FF-6AD8-E372-A35A-879409982655}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{DAB44116-0266-C65B-B643-AC11217C3041}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3AF70346-52C7-0334-606F-118D1C1CB7A2}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{A4E7CA0C-84EB-5E29-2F04-06C4E4790C2F}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{53AE8AC7-5213-67AF-0DC0-CED696B77643}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{59D2664C-949B-7FA7-9880-ECB993B6616A}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{970A40CA-46AB-986C-1798-976ED0EA00FA}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{DC9DFCBF-87DA-892C-6151-99CC9EF46E3E}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4707CBFC-8ED4-463E-0FF9-DE86F4A743E9}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{C1EFF2A2-DF4A-F6D1-B99C-1ED194AE9E78}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{46EB68BE-8AAC-8C2B-7284-8DEDE6B5CD2A}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{C14A3A5B-8A86-C239-37D7-158211778C54}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7A6E431B-CF43-EC3E-FD7E-0A0AAB1B25FC}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A50C89BC-8D8E-8828-824A-7171F6D583D5}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{0B5633F0-C415-2F08-671E-4C9E2FAACD45}) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{89A1F076-19B8-A2B1-D5A3-E8247EFAF157}) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.224.0 - Conexant Systems)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.31 - Lenovo)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - Huawei Technologies Co.,Ltd)
Huawei Drivers (HKLM-x32\...\{C82D8932-EB28-4da6-9582-33D515D46F04}) (Version: 5.05.02.00 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7850 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10240 - Realtek Semiconductor Corp.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.17 - McAfee, Inc.)
Microsoft OneDrive (HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MPC-HC 1.7.6 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team)
MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\{0C808377-8C23-44ED-9016-05F42E6D4900}) (Version: 3.8.30.0 - Nokia) Hidden
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.30.0 - Nokia)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Název společnosti:) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Prohlížeč Seznam.cz (HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Seznam Browser) (Version: 4.3.0 - Seznam.cz a.s.)
PX Profile Update (HKLM-x32\...\{688E032B-2432-CB57-7716-B734EF6995AE}) (Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
T-Mobile Internet Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2017-12-05@2017-04-13 - Gemfor s.r.o.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
Wargaming.net Game Center (HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Wargaming.net Game Center) (Version: 18.9.1.3085 - Wargaming.net)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WPS Office (10.2.0.7587) (HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Kingsoft Office) (Version: 10.2.0.7587 - Kingsoft Corp.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-628443383-1597414530-3784377036-1001_Classes\CLSID\{70239788-4DAE-49B8-9270-5D8614384B49}\InprocServer32 -> C:\Users\Stehlici\AppData\Local\Kingsoft\WPS Office\10.2.0.7587\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll (Zhuhai Kingsoft Office Software Co.,Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-07] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-628443383-1597414530-3784377036-1001: [kpdf2wordshellext] -> {70239788-4DAE-49B8-9270-5D8614384B49} => C:\Users\Stehlici\AppData\Local\Kingsoft\WPS Office\10.2.0.7587\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll [2018-12-08] (Zhuhai Kingsoft Office Software Co.,Ltd)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B6B53A8-02ED-40A9-A754-86A9C2587568} - System32\Tasks\WpsUpdateTask_Stehlici => C:\Users\Stehlici\AppData\Local\Kingsoft\WPS Office\10.2.0.7587\wtoolex\wpsupdate.exe [2018-12-08] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {226C52BC-0F62-4E67-A70D-74C22932AC02} - \Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload -> No File <==== ATTENTION
Task: {28F8236B-7AF8-4CDF-A0E0-A0DFB738247E} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-03] (Synaptics Incorporated)
Task: {3451C4C7-0189-44C0-B51C-B8937566D8C8} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {44999B17-16C1-48B8-A8E7-CF9024FA3A6D} - System32\Tasks\Opera scheduled Autoupdate 1543859476 => C:\Users\Stehlici\AppData\Local\Programs\Opera\launcher.exe
Task: {56384312-D078-42C3-9630-C034965440B8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {835A8AC7-9E5F-4480-B032-774F1915241D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {85D8D0E7-62D4-4E3D-8A04-F946A1E3D90C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-07] (AVAST Software)
Task: {A324FAE1-D709-4CCC-8C27-E861A76816C3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-01-18] (AVAST Software)
Task: {B5C52585-EC74-4223-AD74-3CBCDE8B7194} - System32\Tasks\WpsExternal_Stehlici_20181208202643 => C:\Users\Stehlici\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe [2018-12-08] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {B9BC7E79-667A-496D-B8CD-A1130FA9534F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-09-22] (Advanced Micro Devices, Inc.)
Task: {C006CAD9-604B-4BD5-B2C2-35AE2C002D2F} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Task: {DB68CE2C-7647-45BA-8096-B4774070C1FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {DB68CE2C-7647-45BA-8096-B4774070C1FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {DB68CE2C-7647-45BA-8096-B4774070C1FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-628443383-1597414530-3784377036-1001" /ENABLE
Task: {DB68CE2C-7647-45BA-8096-B4774070C1FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\Opera scheduled Autoupdate 1543859476" /ENABLE
Task: {DB68CE2C-7647-45BA-8096-B4774070C1FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\WpsExternal_Stehlici_20181208202643" /ENABLE
Task: {DB68CE2C-7647-45BA-8096-B4774070C1FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\WpsUpdateTask_Stehlici" /ENABLE
Task: {DB68CE2C-7647-45BA-8096-B4774070C1FB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_blpcfgokakmgnkcojhhkbfbldkacnbeo\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=blpcfgokakmgnkcojhhkbfbldkacnbeo
ShortcutWithArgument: C:\Users\Stehlici\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=YMZvOmLAGENqz2lLa7JvP37CaRlglGxDZJBmTGrFPVdgxWpCfsbipJgAAAFL2Xnsie&click_id=2d5fa7b399bff05625201a0811923bfc21754453 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Stehlici\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Stehlici\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://go.playmmogames.com/aff_c?offer_id=698&aff_id=1034&source=1&aff_sub2=YMZvOmLAGENqz2lLa7JvP37CaRlglGxDZJBmTGrFPVdgxWpCfsbipJgAAAFL2Xnsie&click_id=2d5fa7b399bff05625201a0811923bfc21754453 --app-window-size=1366,768

==================== Loaded Modules (Whitelisted) ==============

2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-20 07:28 - 2018-04-20 07:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2017-10-20 16:42 - 2017-10-20 16:42 - 000393200 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-13 09:06 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-09 12:07 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 17:39 - 2018-10-04 17:39 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-30 10:50 - 2019-01-30 10:50 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-30 10:50 - 2019-01-30 10:51 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-07-14 10:23 - 2018-07-14 10:23 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2019-01-24 09:37 - 2019-01-24 09:38 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-24 09:37 - 2019-01-24 09:37 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-01 07:04 - 2017-12-01 07:04 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 18:29 - 2018-11-28 18:30 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-24 09:37 - 2019-01-24 09:37 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-24 09:37 - 2019-01-24 09:37 - 009388544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-01-07 12:25 - 2019-01-07 12:25 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-07 12:25 - 2019-01-07 12:25 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-10-28 18:33 - 2019-01-30 17:44 - 000336715 _____ () C:\Users\Stehlici\AppData\Roaming\System\update-client.exe
2018-10-28 18:33 - 2019-01-30 17:44 - 000000600 _____ () C:\Users\Stehlici\AppData\Roaming\System\V2\SKEL\a867cd535fba4297de2ef750de02e57ef49bb633.Tls
2018-09-11 13:58 - 2018-10-30 19:06 - 001057056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2018-09-11 13:57 - 2018-09-23 01:00 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2018-09-11 13:57 - 2018-09-23 01:00 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2018-09-11 13:57 - 2018-09-23 01:00 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2019-01-15 13:30 - 2019-01-15 13:31 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-01-15 13:30 - 2019-01-15 13:31 - 065903104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 19:21 - 2017-10-05 19:22 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-01-15 13:30 - 2019-01-15 13:31 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-11-17 11:05 - 2018-11-17 11:06 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-17 11:05 - 2018-11-17 11:07 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-21 13:35 - 2018-08-21 13:36 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-21 13:35 - 2018-08-21 13:36 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-04-05 13:45 - 2018-04-05 13:46 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2019-01-15 13:30 - 2019-01-15 13:31 - 014186496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-17 11:05 - 2018-11-17 11:06 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2019-01-15 13:30 - 2019-01-15 13:30 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-13 10:16 - 2018-09-13 10:18 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-27 13:26 - 2018-07-27 13:26 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-15 13:30 - 2019-01-15 13:31 - 000145920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\SKU.dll
2018-08-23 09:59 - 2018-12-02 15:37 - 001663352 _____ () \\?\C:\ProgramData\Wargaming.net\GameCenter\dlls\libGLESv2.dll
2018-08-23 09:59 - 2018-12-02 15:37 - 049006456 _____ () \\?\C:\ProgramData\Wargaming.net\GameCenter\dlls\libcef.dll
2018-08-23 09:59 - 2018-12-02 15:37 - 000092536 _____ () \\?\C:\ProgramData\Wargaming.net\GameCenter\dlls\libEGL.dll
2018-09-11 13:56 - 2018-10-30 19:06 - 000879904 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-09-11 13:56 - 2019-01-05 00:33 - 002650400 _____ () C:\Program Files (x86)\Steam\video.dll
2018-09-11 13:56 - 2017-12-20 02:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-09-11 13:56 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-09-11 13:56 - 2017-12-20 02:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-09-11 13:56 - 2017-12-20 02:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-09-11 13:56 - 2017-12-20 02:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-09-11 13:56 - 2017-12-20 02:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-09-11 13:56 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-09-11 13:56 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-09-11 13:56 - 2019-01-05 00:33 - 001028384 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-09-11 13:56 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 001014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 002354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 008507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 002480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 001346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 002653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2013-04-19 01:45 - 2013-04-19 01:45 - 000033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2013-04-19 01:45 - 2013-04-19 01:45 - 000035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2013-04-19 01:45 - 2013-04-19 01:45 - 000207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 011166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 000391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2013-04-15 13:26 - 2013-04-15 13:26 - 000059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2013-04-19 01:45 - 2013-04-19 01:45 - 000438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2013-04-19 01:44 - 2013-04-19 01:44 - 000606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2013-04-19 01:46 - 2013-04-19 01:46 - 000093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2015-05-08 02:37 - 2015-05-08 02:37 - 000087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 005812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2017-05-04 20:01 - 2017-05-04 20:01 - 000067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 001662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2015-05-08 02:38 - 2015-05-08 02:38 - 000110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2015-05-08 02:37 - 2015-05-08 02:37 - 000010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2015-05-08 02:49 - 2015-05-08 02:49 - 000417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2015-05-08 02:39 - 2015-05-08 02:39 - 000167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2015-05-08 02:37 - 2015-05-08 02:37 - 000009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-11-13 22:59 - 2015-11-13 22:59 - 000113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-11-13 22:59 - 2015-11-13 22:59 - 002396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2015-05-08 02:37 - 2015-05-08 02:37 - 000583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2015-05-08 02:39 - 2015-05-08 02:39 - 000141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2017-05-04 18:33 - 2017-05-04 18:33 - 002717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2015-05-08 02:49 - 2015-05-08 02:49 - 001213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2015-05-08 02:55 - 2015-05-08 02:55 - 000055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 001053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2015-05-08 02:49 - 2015-05-08 02:49 - 000474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-30 08:13 - 000000830 _____ C:\WINDOWS\system32\drivers\etc\hosts


2019-01-27 07:47 - 2019-01-27 07:47 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\PC Connectivity Solution\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Lenovo\Bluetooth Software\;C:\Program Files\Lenovo\Bluetooth Software\syswow64;;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme2\img12.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BE342473-B62D-49F5-83F1-0B7C08299146}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{1740EEA9-8D67-4AB6-9625-689485A15F46}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe (Copyright (c) 2018 Plays.tv, LLC)
FirewallRules: [{C5A3A020-7A15-48FA-B02C-F897B9955D20}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc)
FirewallRules: [{17F94E45-B677-4792-986C-29F94A107851}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc)
FirewallRules: [{17892BCE-57E7-459E-84AE-8F532BC08EA5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc)
FirewallRules: [{F5614900-22AA-406E-B0B8-F030DFF43C29}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc)
FirewallRules: [UDP Query User{10EBB04F-861B-4814-8955-B487C5537C9A}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe (Oracle Corporation)
FirewallRules: [TCP Query User{E358F061-2417-49E1-B94F-744524F437E1}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe (Oracle Corporation)
FirewallRules: [UDP Query User{6E64C330-0DDC-4C0E-AA7F-F35B2F245649}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe (Oracle Corporation)
FirewallRules: [TCP Query User{7FE55546-10F6-45D6-8A74-87C41234A33E}C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_161\bin\javaw.exe (Oracle Corporation)
FirewallRules: [{0D55A6A8-DD37-42D1-A04C-BB09024EB91C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc)
FirewallRules: [{E39C06B8-A3F9-4DE3-9FE7-CE0720D57B4C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Raptr, Inc)
FirewallRules: [{B42807DB-A73B-487B-A3B0-1F907293D518}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc)
FirewallRules: [{B6D6DD9C-081B-4815-BFE5-8D9FE2F2AAE2}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc)
FirewallRules: [{EDBE2B95-CEFC-4BE1-990B-D446FDD725E3}] => (Allow) LPort=1688
FirewallRules: [{7F6B871B-7A55-477A-8294-123DC8C2D46B}] => (Allow) C:\Users\Stehlici\AppData\Local\Kingsoft\WPS Office\10.2.0.5965\office6\wpscloudsvr.exe No File
FirewallRules: [TCP Query User{9828728B-C93A-4F14-BC3E-BE0CD12E023B}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net)
FirewallRules: [UDP Query User{F2529913-A98B-417F-8709-A72121186750}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net)
FirewallRules: [{84922A32-B4C6-4544-9657-077DB8C639A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{51E9CB2B-490F-4AE5-B760-7A0BFAB4C604}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{3AB1D69B-22B5-49D0-AA10-D722945E5F6E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{903A7B91-9571-42A4-B665-66BBF59D12CB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{6E3C2F88-CBC4-4EE3-B29A-E30DDB2DAB84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ()
FirewallRules: [{81E29A0F-AC9C-4372-A571-F113C2822385}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe ()
FirewallRules: [{54ADC282-EE16-43A5-A11E-902471C5642E}] => (Allow) C:\Users\Stehlici\AppData\Local\Programs\Opera\57.0.3098.76\opera.exe No File
FirewallRules: [{0BF10780-1876-42B8-8BEB-18F9C2813FCE}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe (Nokia)
FirewallRules: [{3EB9017B-BA33-4FCB-AB90-EAD455002A39}] => (Allow) C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe No File
FirewallRules: [{CE039690-53B6-46E8-B658-707DE28C4B1F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{2A2801C3-7599-4397-BD98-83CB391313E5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{B551FB71-28E9-497D-B675-201B138930E5}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{B836A880-919A-485F-902C-41FCCAD2BD2D}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)
FirewallRules: [{BC1F90B8-955B-4384-B282-780AC13C9F45}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{462BE602-A1BC-4D21-BDB6-8F8B877E4F88}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net)
FirewallRules: [UDP Query User{B894D0F2-E556-4E84-B024-3597BCFBDFA5}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Block) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/30/2019 05:48:05 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Stehlikovic)
Description: httphttp-2147467263

Error: (01/30/2019 05:44:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: update-client.exe, verze: 0.0.0.0, časové razítko: 0x5bbbf659
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000003b94c2
ID chybujícího procesu: 0x2668
Čas spuštění chybující aplikace: 0x01d4b8bb0df36d8b
Cesta k chybující aplikaci: C:\Users\Stehlici\AppData\Roaming\System\update-client.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: bcfccab8-84eb-4c8d-a52a-22f506d26481
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/30/2019 05:33:01 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Stehlikovic)
Description: httphttp-2147467263

Error: (01/30/2019 05:28:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Users\Stehlici\Documents\esetsmartinstaller_csy.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.523_none_fb409dd930672a56.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.523_none_42edd4b044e3535c.manifest.

Error: (01/30/2019 05:26:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Users\Stehlici\Documents\esetsmartinstaller_csy.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.523_none_fb409dd930672a56.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.523_none_42edd4b044e3535c.manifest.

Error: (01/30/2019 05:13:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Users\Stehlici\Documents\esetsmartinstaller_csy.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.523_none_fb409dd930672a56.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.523_none_42edd4b044e3535c.manifest.

Error: (01/30/2019 12:49:06 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Stehlikovic)
Description: httphttp-2147467263

Error: (01/30/2019 10:35:01 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: Stehlikovic)
Description: httphttp-2147467263


System errors:
=============
Error: (01/30/2019 05:44:57 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/30/2019 05:44:38 PM) (Source: DCOM) (EventID: 10016) (User: Stehlikovic)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Stehlikovic\Stehlici (SID: S-1-5-21-628443383-1597414530-3784377036-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/30/2019 05:42:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/30/2019 05:42:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/30/2019 05:41:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/30/2019 05:40:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (01/30/2019 05:40:45 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (01/30/2019 05:40:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AvastWscReporter neuspěla při spuštění v důsledku následující chyby:
Přesměrování bylo ukončeno.


CodeIntegrity:
===================================

Date: 2019-01-30 18:05:59.463
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-30 18:05:59.459
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-30 18:05:59.456
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-30 18:05:56.858
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-30 18:05:56.856
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-30 18:05:56.854
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

Date: 2019-01-30 18:05:40.178
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Store signing level requirements.

Date: 2019-01-30 18:05:31.032
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-119906.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210M CPU @ 2.60GHz
Percentage of memory in use: 77%
Total physical RAM: 4012.36 MB
Available physical RAM: 910.52 MB
Total Virtual: 9132.36 MB
Available Virtual: 5062.74 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:69.26 GB) (Free:13.25 GB) NTFS
Drive d: (Data) (Fixed) (Total:395.51 GB) (Free:319.25 GB) NTFS

\\?\Volume{8980a647-95e5-11e4-824b-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{d9fa2484-0000-0000-0000-b05611000000}\ () (Fixed) (Total:0.9 GB) (Free:0.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=69.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=920 MB) - (Type=27)
Partition 4: (Not Active) - (Size=395.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Nahoru
kuba7710
Návštěvník
Návštěvník
Příspěvky: 102
Registrován: 13 dub 2007 18:08

Re: Zablokovaný řístup Google

#13 Příspěvek od kuba7710 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30.01.2019
Ran by Stehlici (administrator) on STEHLIKOVIC (30-01-2019 18:04:13)
Running from C:\Users\Stehlici\Desktop
Loaded Profiles: Stehlici (Available Profiles: Stehlici)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: Angličtina (Spojené státy)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
(Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
() C:\Users\Stehlici\AppData\Roaming\System\update-client.exe
() C:\Users\Stehlici\AppData\Roaming\System\update-client.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2015-01-06] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2015-01-06] (Lenovo(beijing) Limited)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-07] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2017-05-30] (Raptr, Inc)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-07] (AVAST Software)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [GoogleChromeAutoLaunch_8DFA5785C00E69819465D8C23CB31041] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1587680 2018-12-12] (Google Inc.)
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [T-Mobile CManager] => C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2171520 2017-12-05] (Gemfor s.r.o.)
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2536824 2019-01-30] (Wargaming.net)
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3133216 2019-01-05] (Valve Corporation)
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [ETP] => C:\Users\Stehlici\AppData\Roaming\System\etp.exe [2458334 2018-08-30] (System)
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [Plays] => C:\Users\Stehlici\AppData\Local\Plays\update.exe [1945736 2018-10-12] ()
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\\BtwCP.dll [2013-09-05] (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68acc8e7-8d61-46d1-ab52-49719b377051}: [DhcpNameServer] 172.16.1.1
Tcpip\..\Interfaces\{a8542a64-4861-4e36-a6eb-0f159bb7a347}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b8640522-2a5e-43df-90fc-7a3b4f3ee44e}: [NameServer] 93.153.117.33 93.153.117.1
Tcpip\..\Interfaces\{ba557da0-e471-47c0-a5f0-55d7e1b037d6}: [NameServer] 93.153.117.33 93.153.117.17

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-18] (Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll => No File

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-18] (Oracle Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR Profile: C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default [2019-01-30]
CHR Extension: (Prezentace) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-12-04]
CHR Extension: (YouTube) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Jungle Gems) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakadkkcemnilpmfdmhlmkfkfahjbnem [2018-03-10]
CHR Extension: (Avast Passwords) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-01-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-20]
CHR Extension: (Tabulky) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-01-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
CHR Extension: (EasyPDFCombine) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpocjpoifmommoiiiamepombpeoaehfh [2018-08-23]
CHR Extension: (Search Extension by Ask) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgfehfbnofiffladdncogfobimealokp [2019-01-25]
CHR Extension: (hxxps://www.tipsport.cz/live?matchId=2267901&) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\maienmfacdionmdimilbmnfmbclihaom [2016-10-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-12-04]
CHR Extension: (Gmail) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-14]
CHR Extension: (Unura) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\pknhddkbagfjncdopglmjooigpceekdb [2016-09-12]
CHR Profile: C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-10-31]
CHR Profile: C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-12]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-628443383-1597414530-3784377036-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-628443383-1597414530-3784377036-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-07] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-07] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-01-07] (AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [779392 2018-05-14] (EasyAntiCheat Ltd)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [422608 2017-04-13] (Gemfor s.r.o.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [106416 2017-10-13] (Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37304 2019-01-07] (AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [203488 2019-01-07] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [223056 2019-01-14] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196264 2019-01-07] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320888 2019-01-07] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [58160 2019-01-07] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239808 2019-01-07] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46584 2019-01-07] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42488 2019-01-07] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166792 2019-01-18] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111992 2019-01-07] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88144 2019-01-07] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034056 2019-01-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474648 2019-01-07] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [218056 2019-01-07] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380144 2019-01-07] (AVAST Software)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-04-20] (Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380672 2014-09-30] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Huawei Technologies Co., Ltd.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-30 18:05 - 2019-01-30 18:05 - 000003460 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-30 18:05 - 2019-01-30 18:05 - 000003236 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-30 17:41 - 2019-01-30 17:41 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-01-30 17:40 - 2019-01-30 17:40 - 000025385 _____ C:\Users\Stehlici\Desktop\Fixlog.txt
2019-01-30 17:38 - 2019-01-30 17:38 - 000000000 ____D C:\Users\Stehlici\Desktop\FRST-OlderVersion
2019-01-30 12:38 - 2019-01-30 12:39 - 000072800 _____ C:\Users\Stehlici\Desktop\Addition.txt
2019-01-30 12:36 - 2019-01-30 18:04 - 000022169 _____ C:\Users\Stehlici\Desktop\FRST.txt
2019-01-30 12:36 - 2019-01-30 18:04 - 000000000 ____D C:\FRST
2019-01-30 12:35 - 2019-01-30 17:38 - 002428928 _____ (Farbar) C:\Users\Stehlici\Desktop\FRST64.exe
2019-01-30 10:28 - 2019-01-30 10:29 - 000000000 ____D C:\AdwCleaner
2019-01-30 10:27 - 2019-01-30 10:27 - 007320272 _____ (Malwarebytes) C:\Users\Stehlici\Desktop\adwcleaner_7.2.6.0.exe
2019-01-30 08:13 - 2019-01-30 08:13 - 000000000 ____D C:\rsit
2019-01-30 08:13 - 2019-01-30 08:13 - 000000000 ____D C:\Program Files\trend micro
2019-01-28 20:34 - 2019-01-28 20:34 - 000681193 _____ C:\Users\Stehlici\Documents\IMG_20190128_0002.pdf
2019-01-28 20:34 - 2019-01-28 20:34 - 000604821 _____ C:\Users\Stehlici\Documents\IMG_20190128_0001.pdf
2019-01-27 07:47 - 2019-01-27 07:47 - 000000440 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2019-01-22 21:32 - 2019-01-22 21:32 - 000053070 _____ C:\Users\Stehlici\Downloads\Zapis (1).PDF
2019-01-22 21:31 - 2019-01-22 21:31 - 000053070 _____ C:\Users\Stehlici\Downloads\Zapis.PDF
2019-01-16 08:41 - 2019-01-26 15:06 - 000000000 ____D C:\Users\Stehlici\Documents\DOKLADY O NEHODĚ
2019-01-14 14:53 - 2019-01-14 14:53 - 000223056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-01-13 13:09 - 2019-01-13 13:09 - 000115369 _____ C:\Users\Stehlici\Downloads\serizeni_vazani (1).pdf
2019-01-09 12:07 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 12:07 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 12:07 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-09 12:07 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-09 12:07 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-01-09 12:07 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 12:07 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-01-09 12:07 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-01-09 12:07 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 12:07 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-09 12:07 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-09 12:07 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-09 12:07 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 12:07 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-09 12:07 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-01-09 12:07 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-09 12:07 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-09 12:07 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-01-09 12:07 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-09 12:07 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-01-09 12:07 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-09 12:07 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-01-09 12:07 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-01-09 12:07 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-01-09 12:07 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 12:07 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-09 12:07 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-01-09 12:07 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-01-09 12:07 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 12:07 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 12:07 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 12:07 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-01-09 12:07 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-09 12:07 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 12:07 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-09 12:07 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 12:07 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-01-09 12:07 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-09 12:07 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-09 12:07 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-09 12:07 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-01-09 12:07 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-01-09 12:07 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-09 12:07 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-01-09 12:07 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-01-09 12:07 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-01-09 12:07 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-09 12:07 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-01-09 12:07 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-01-09 12:06 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-01-09 12:06 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2019-01-09 12:06 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2019-01-09 12:06 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2019-01-09 12:06 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-09 12:06 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll
2019-01-09 12:06 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2019-01-09 12:06 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2019-01-09 12:06 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-01-09 12:06 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-01-09 12:06 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-01-09 12:06 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 12:06 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-01-09 12:06 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 12:06 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-09 12:06 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-01-09 12:06 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 12:06 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll
2019-01-09 12:06 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-01-09 12:06 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-01-09 12:06 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 12:06 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2019-01-09 12:06 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 12:06 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2019-01-09 12:06 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-01-09 12:06 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2019-01-09 12:06 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2019-01-09 12:06 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 12:06 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-01-09 12:06 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2019-01-09 12:06 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 12:06 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 12:06 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-01-09 12:06 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2019-01-09 12:06 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 12:06 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2019-01-09 12:06 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-01-09 12:06 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 10:04 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-01-07 12:26 - 2019-01-07 12:25 - 000361352 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-01-07 12:26 - 2019-01-07 12:25 - 000320888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-01-07 12:26 - 2019-01-07 12:25 - 000196264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-01-07 12:26 - 2019-01-07 12:25 - 000058160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-01-07 12:26 - 2019-01-07 12:25 - 000037304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-01-05 15:04 - 2019-01-05 15:06 - 028927624 _____ C:\Users\Stehlici\Downloads\Minecraft z mody (1).rar
2019-01-04 22:15 - 2019-01-04 22:27 - 963346380 _____ C:\Users\Stehlici\Downloads\Kurýr - Restart (2015) CZ Dabing.avi

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-30 18:05 - 2018-12-08 20:26 - 000003030 _____ C:\WINDOWS\System32\Tasks\WpsExternal_Stehlici_20181208202643
2019-01-30 18:05 - 2018-12-03 18:51 - 000003664 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1543859476
2019-01-30 18:05 - 2018-07-18 20:38 - 000002758 _____ C:\WINDOWS\System32\Tasks\WpsUpdateTask_Stehlici
2019-01-30 18:05 - 2018-05-31 14:16 - 000002916 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-628443383-1597414530-3784377036-1001
2019-01-30 18:05 - 2018-05-31 14:16 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-01-30 17:52 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-30 17:45 - 2018-10-05 06:25 - 000000000 ____D C:\Users\Stehlici\AppData\Roaming\System
2019-01-30 17:45 - 2018-09-11 13:54 - 000000000 ____D C:\Program Files (x86)\Steam
2019-01-30 17:45 - 2018-05-31 01:27 - 000682896 _____ C:\WINDOWS\system32\perfh005.dat
2019-01-30 17:45 - 2018-05-31 01:27 - 000137290 _____ C:\WINDOWS\system32\perfc005.dat
2019-01-30 17:45 - 2018-05-30 16:04 - 001604938 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-01-30 17:45 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-01-30 17:44 - 2018-08-24 10:05 - 000000000 ____D C:\Users\Stehlici\AppData\Local\CrashDumps
2019-01-30 17:43 - 2015-01-06 14:39 - 000000000 ____D C:\Users\Stehlici\AppData\Roaming\Raptr
2019-01-30 17:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-30 17:42 - 2015-09-27 10:24 - 000000000 __SHD C:\Users\Stehlici\IntelGraphicsProfiles
2019-01-30 17:41 - 2018-05-31 14:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-01-30 17:40 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-01-30 17:40 - 2016-10-27 10:34 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-01-30 17:10 - 2018-05-30 15:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-01-30 10:53 - 2018-07-14 16:12 - 000000000 ____D C:\ProgramData\Packages
2019-01-30 10:53 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-30 08:06 - 2018-05-31 14:16 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-01-27 16:54 - 2018-05-30 15:52 - 000002396 _____ C:\Users\Stehlici\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-27 16:54 - 2016-06-30 21:09 - 000000000 ___RD C:\Users\Stehlici\OneDrive
2019-01-22 13:25 - 2018-06-04 17:10 - 000000000 ____D C:\Users\Stehlici\AppData\Local\PlaceholderTileLogoFolder
2019-01-22 13:24 - 2018-01-28 21:36 - 000000000 ____D C:\Users\Stehlici\AppData\Local\Packages
2019-01-18 17:24 - 2018-01-12 19:07 - 000000000 ____D C:\Program Files\rempl
2019-01-18 17:15 - 2018-03-11 16:56 - 000166792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-01-09 19:13 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-01-09 19:13 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-09 17:13 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-09 17:13 - 2015-09-25 09:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 14:54 - 2015-09-25 09:50 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-07 12:26 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-01-07 12:25 - 2018-10-28 18:38 - 000042488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-01-07 12:25 - 2018-06-23 21:25 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 001034056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000474648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000380144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000239808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000218056 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000203488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000111992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000088144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-01-07 12:25 - 2018-03-11 16:56 - 000046584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2019-01-05 21:53 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-01-05 15:09 - 2018-02-18 11:40 - 000000000 ____D C:\Users\Stehlici\AppData\Roaming\.minecraft
2019-01-02 20:41 - 2018-04-12 00:41 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:41 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

Some files in TEMP:
====================
2019-01-30 10:33 - 2019-01-30 10:33 - 000001536 _____ () C:\Users\Stehlici\AppData\Local\Temp\NOSEventMessages.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-30 15:45

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Zablokovaný řístup Google

#14 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:

C:\Users\Stehlici\AppData\Roaming\System\etp.exe
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [ETP] => C:\Users\Stehlici\AppData\Roaming\System\etp.exe [2458334 2018-08-30] (System)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll => No File
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-01-17]
CHR Extension: (Unura) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\pknhddkbagfjncdopglmjooigpceekdb [2016-09-12]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {226C52BC-0F62-4E67-A70D-74C22932AC02} - \Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload -> No File <==== ATTENTION

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8 (skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit).
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
kuba7710
Návštěvník
Návštěvník
Příspěvky: 102
Registrován: 13 dub 2007 18:08

Re: Zablokovaný řístup Google

#15 Příspěvek od kuba7710 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Stehlici (30-01-2019 19:20:58) Run:2
Running from C:\Users\Stehlici\Desktop
Loaded Profiles: Stehlici (Available Profiles: Stehlici)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:

C:\Users\Stehlici\AppData\Roaming\System\etp.exe
HKU\S-1-5-21-628443383-1597414530-3784377036-1001\...\Run: [ETP] => C:\Users\Stehlici\AppData\Roaming\System\etp.exe [2458334 2018-08-30] (System)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll => No File
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-01-17]
CHR Extension: (Unura) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\pknhddkbagfjncdopglmjooigpceekdb [2016-09-12]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {226C52BC-0F62-4E67-A70D-74C22932AC02} - \Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload -> No File <==== ATTENTION

EmptyTemp:
*****************

Processes closed successfully.
C:\Users\Stehlici\AppData\Roaming\System\etp.exe => moved successfully
"HKU\S-1-5-21-628443383-1597414530-3784377036-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ETP" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => removed successfully
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-01-17] => Error: No automatic fix found for this entry.
CHR Extension: (Unura) - C:\Users\Stehlici\AppData\Local\Google\Chrome\User Data\Default\Extensions\pknhddkbagfjncdopglmjooigpceekdb [2016-09-12] => Error: No automatic fix found for this entry.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{226C52BC-0F62-4E67-A70D-74C22932AC02}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{226C52BC-0F62-4E67-A70D-74C22932AC02}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Feedback\Siuf\DmClientOnScenarioDownload" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 247969809 B
Java, Flash, Steam htmlcache => 235345639 B
Windows/system/drivers => 16750 B
Edge => 124681554 B
Chrome => 371125556 B
Firefox => 0 B
Opera => 27477825 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 34912 B
LocalService => 0 B
NetworkService => 9320 B
NetworkService => 0 B
Stehlici => 38544565 B

RecycleBin => 0 B
EmptyTemp: => 1007.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:21:44 ====
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“