Zpomalený notebook po spadnutí

[pesslovany]

Zdravím, párkrát jsem musel natvrdo restartovat notebooku protože jsem měl chybu v matlab/mex kódu, od té doby se zdá notebook dost pomalejší.


Logfile of random's system information tool 1.10 (written by random/random)
Run by Jakub at 2019-02-28 19:51:56
Microsoft Windows 8.1 Pro
System drive C: has 26 GB (21%) free of 122 GB
Total RAM: 4043 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:51:59, on 28. 2. 2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Jakub\AppData\Local\FluxSoftware\Flux\flux.exe
D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
C:\Users\Jakub\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Jakub\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Jakub\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Jakub\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Jakub\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files\trend micro\Jakub.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi Go Pro\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [AvastBrowserAutoLaunch_4099706D4B6D8A735C77756484F8AE9D] "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --onboarding-at-startup
O4 - HKCU\..\Run: [f.lux] "C:\Users\Jakub\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [WallpaperEngine] "D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe" -silent
O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://files.creative.com/Web/softwareu ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://files.creative.com/Web/softwareu ... /CTPID.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.99\elevation_service.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: DisplayFusionService - Binary Fortress Software - C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10727 bytes

======Listing Processes======





wininit.exe

winlogon.exe


C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {0ed9ed3d-6b3d-4131-a8ee1d0af7308897}
"C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe -first
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a372d4e8-42e7-4fbe-9838-c26fee863b10 -SystemEventPortName:HostProcess-24d0b245-0d5f-49c2-8839-4d0c29967a7c -IoCancelEventPortName:HostProcess-789a95ae-a9e9-40aa-8130-78f2a73aa6a0 -NonStateChangingEventPortName:HostProcess-ed53097b-eb23-4b6f-88d6-33150d17b154 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2f2a1f37-f2d0-4849-8dc2-3a43fd076d12 -DeviceGroupId:WudfDefaultDevicePool

C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
taskhostex.exe
C:\Windows\Explorer.EXE
ClassicStartMenu.exe -startup
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe" /m
"C:\Windows\System32\rundll32.exe" sbavmon.dll,SBAVMonitor
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Users\Jakub\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
C:\Windows\system32\wbem\wmiprvse.exe
"D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe" -silent
"C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe" -dataPath="C:\ProgramData\SteelSeries\SteelSeries Engine 3" -dbEnv=production -auto=true
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --disk-cache-dir="d:\ssd\opera" --user-data-dir="d:\ssd\opera" --ran-launcher --started-from-shortcut
"C:\Program Files\Opera\58.0.3135.68\opera_crashreporter.exe" --type=crashpad-handler --user-data-dir=d:\ssd\opera /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=d:\ssd\opera\Crash Reports" --crash-count-file=d:\ssd\opera\crash_count.txt --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=58.0.3135.68 --initial-client-data=0x1f8,0x1fc,0x200,0x1f4,0x204,0x7ffdb6c73fc0,0x7ffdb6c73fd0,0x7ffdb6c73fe0
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --type=gpu-process --field-trial-handle=1308,8537801025093940958,9405016315237927118,131072 --disable-features=SharedArrayBuffer --user-data-dir="d:\ssd\opera" --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --user-data-dir="d:\ssd\opera" --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --service-request-channel-token=7275811072715776798 --mojo-platform-channel-handle=1328 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --type=renderer --field-trial-handle=1308,8537801025093940958,9405016315237927118,131072 --disable-features=SharedArrayBuffer --service-pipe-token=11268673667672190697 --lang=cs --user-data-dir="d:\ssd\opera" --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11268673667672190697 --renderer-client-id=3 --mojo-platform-channel-handle=2424 /prefetch:1
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --type=renderer --field-trial-handle=1308,8537801025093940958,9405016315237927118,131072 --disable-features=SharedArrayBuffer --service-pipe-token=1148042167976952019 --lang=cs --user-data-dir="d:\ssd\opera" --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=1148042167976952019 --renderer-client-id=4 --mojo-platform-channel-handle=2520 /prefetch:1
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --type=renderer --field-trial-handle=1308,8537801025093940958,9405016315237927118,131072 --disable-features=SharedArrayBuffer --service-pipe-token=8150791863630342724 --lang=cs --user-data-dir="d:\ssd\opera" --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=8150791863630342724 --renderer-client-id=5 --mojo-platform-channel-handle=2464 /prefetch:1
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --type=renderer --field-trial-handle=1308,8537801025093940958,9405016315237927118,131072 --disable-features=SharedArrayBuffer --service-pipe-token=5247224480112880332 --lang=cs --user-data-dir="d:\ssd\opera" --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5247224480112880332 --renderer-client-id=7 --mojo-platform-channel-handle=2672 /prefetch:1
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --type=renderer --field-trial-handle=1308,8537801025093940958,9405016315237927118,131072 --disable-features=SharedArrayBuffer --service-pipe-token=13167027220374883470 --lang=cs --user-data-dir="d:\ssd\opera" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13167027220374883470 --renderer-client-id=8 --mojo-platform-channel-handle=4896 /prefetch:1
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --type=renderer --field-trial-handle=1308,8537801025093940958,9405016315237927118,131072 --disable-features=SharedArrayBuffer --service-pipe-token=14978629878650227677 --lang=cs --user-data-dir="d:\ssd\opera" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14978629878650227677 --renderer-client-id=10 --mojo-platform-channel-handle=4964 /prefetch:1
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --type=renderer --field-trial-handle=1308,8537801025093940958,9405016315237927118,131072 --disable-features=SharedArrayBuffer --service-pipe-token=595042781342657199 --lang=cs --user-data-dir="d:\ssd\opera" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=595042781342657199 --renderer-client-id=17 --mojo-platform-channel-handle=5000 /prefetch:1
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --type=renderer --field-trial-handle=1308,8537801025093940958,9405016315237927118,131072 --disable-features=SharedArrayBuffer --service-pipe-token=17738716956870027966 --lang=cs --user-data-dir="d:\ssd\opera" --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17738716956870027966 --renderer-client-id=19 --mojo-platform-channel-handle=5308 /prefetch:1
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --type=renderer --field-trial-handle=1308,8537801025093940958,9405016315237927118,131072 --disable-features=SharedArrayBuffer --service-pipe-token=9121224448619614675 --lang=cs --user-data-dir="d:\ssd\opera" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9121224448619614675 --renderer-client-id=102 --mojo-platform-channel-handle=3024 /prefetch:1
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --type=renderer --field-trial-handle=1308,8537801025093940958,9405016315237927118,131072 --disable-features=SharedArrayBuffer --service-pipe-token=13490663881957601289 --lang=cs --user-data-dir="d:\ssd\opera" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=13490663881957601289 --renderer-client-id=173 --mojo-platform-channel-handle=10792 /prefetch:1
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --type=renderer --field-trial-handle=1308,8537801025093940958,9405016315237927118,131072 --disable-features=SharedArrayBuffer --service-pipe-token=9471724892718303308 --lang=cs --user-data-dir="d:\ssd\opera" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9471724892718303308 --renderer-client-id=216 --mojo-platform-channel-handle=6828 /prefetch:1

"C:\Program Files\SumatraPDF\SumatraPDF.exe" "D:\Dropbox\domaci_prace\4.rocnik\ISF\sem1\sp1 (3).pdf"
"C:\Program Files\MATLAB\R2018a\bin\win64\MATLAB.exe"
"C:\Users\Jakub\AppData\Roaming\Spotify\Spotify.exe"
C:\Users\Jakub\AppData\Roaming\Spotify\Spotify.exe --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Jakub\AppData\Local\Spotify\User Data\Crashpad" "--metrics-dir=C:\Users\Jakub\AppData\Local\Spotify\User Data" --url=https://crashdump.spotify.com:443/ --annotation=platform=win32 --annotation=product=spotify --annotation=version=1.1.0.237 --initial-client-data=0x384,0x388,0x38c,0x37c,0x390,0x6d6bbf70,0x6d6bbf80,0x6d6bbf8c
"C:\Users\Jakub\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --disable-features=ExtendedMouseButtons --disable-d3d11 --log-file="C:\Users\Jakub\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.1.0.237 --lang=cs --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --log-file="C:\Users\Jakub\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.1.0.237 --lang=cs --service-request-channel-token=2101850305430185097 --mojo-platform-channel-handle=1440 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Jakub\AppData\Roaming\Spotify\Spotify.exe" --type=renderer --disable-features=ExtendedMouseButtons --service-pipe-token=16898276398530174592 --lang=cs --log-file="C:\Users\Jakub\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.1.0.237 --disable-spell-checking --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=16898276398530174592 --renderer-client-id=3 --mojo-platform-channel-handle=2440 /prefetch:1
"C:\Users\Jakub\AppData\Roaming\Spotify\Spotify.exe" --type=utility --disable-features=ExtendedMouseButtons --lang=cs --service-sandbox-type=cdm --log-file="C:\Users\Jakub\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.1.0.237 --lang=cs --service-request-channel-token=15262845863565423501 --mojo-platform-channel-handle=4456 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files\Opera\58.0.3135.68\opera.exe" --type=renderer --field-trial-handle=1308,8537801025093940958,9405016315237927118,131072 --disable-features=SharedArrayBuffer --service-pipe-token=14388695796001494124 --lang=cs --user-data-dir="d:\ssd\opera" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --ab_tests="Reference group:Add bookingCom speeddial" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=14388695796001494124 --renderer-client-id=269 --mojo-platform-channel-handle=11428 /prefetch:1
"D:\ssd\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\MATLAB R2014a Startup Accelerator.job - C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-18 571456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-18 234560]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2017-01-06 1855544]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2016-07-30 163800]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2016-12-07 17111056]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2016-12-07 193008]
"SynLenovoGestureMgr"=C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [2013-09-25 665400]
"Creative SB Monitoring Utility"=RunDll32 sbavmon.dll,SBAVMonitor []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-12-22 242392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-11-17 4958912]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2017-07-14 67384]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2017-07-14 110392]
"iCloudPhotos"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [2017-07-14 356664]
"AvastBrowserAutoLaunch_4099706D4B6D8A735C77756484F8AE9D"=C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2019-01-09 1822448]
"f.lux"=C:\Users\Jakub\AppData\Local\FluxSoftware\Flux\flux.exe [2018-10-24 1820168]
"WallpaperEngine"=D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [2019-02-21 1698296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR12]
D:\Program Files (x86)\Abby\Bonus.ScreenshotReader.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dropbox]
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2019-02-20 4190016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Download Assistant]
C:\Windows\System32\LogiLDA.dll [2016-10-14 3942232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"=C:\Program Files (x86)\Creative\Sound Blaster X-Fi Go Pro\Volume Panel\VolPanlu.exe [2010-12-08 241757]
"UpdReg"=C:\Windows\UpdReg.EXE [2000-05-11 90112]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2019-02-20 4190016]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2011-01-15 452016]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SteelSeries Engine 3.lnk - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-02-20 00:19:50 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2019-02-20 00:19:50 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2019-02-20 00:19:50 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2019-02-20 00:19:50 ----A---- C:\Windows\system32\DbxSvc.exe
2019-02-17 20:44:55 ----D---- C:\Program Files\trend micro
2019-02-17 20:44:54 ----D---- C:\rsit
2019-02-13 08:26:21 ----D---- C:\ProgramData\MATLAB

======List of files/folders modified in the last 1 month======

2019-02-28 19:45:01 ----D---- C:\Windows\Temp
2019-02-28 19:11:46 ----D---- C:\Windows\Microsoft.NET
2019-02-28 19:02:00 ----D---- C:\Windows\system32\sru
2019-02-28 18:18:29 ----D---- C:\Users\Jakub\AppData\Roaming\Spotify
2019-02-27 08:21:21 ----D---- C:\Windows\System32
2019-02-27 08:21:21 ----D---- C:\Windows\Inf
2019-02-27 08:21:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-02-27 08:15:13 ----D---- C:\ProgramData\NVIDIA
2019-02-26 18:49:55 ----D---- C:\Program Files (x86)\Steam
2019-02-24 18:58:13 ----D---- C:\Users\Jakub\AppData\Roaming\TeamViewer
2019-02-24 18:30:22 ----SHD---- C:\Windows\Installer
2019-02-24 18:30:22 ----D---- C:\ProgramData\Skype
2019-02-24 18:30:19 ----RD---- C:\Program Files (x86)\Skype
2019-02-24 18:30:19 ----D---- C:\Program Files (x86)\Common Files
2019-02-24 18:29:02 ----D---- C:\Users\Jakub\AppData\Roaming\Skype
2019-02-24 10:28:56 ----D---- C:\Windows\SoftwareDistribution
2019-02-24 10:28:55 ----D---- C:\Windows
2019-02-24 10:17:10 ----D---- C:\Program Files (x86)\GOG Galaxy
2019-02-24 10:14:59 ----D---- C:\ProgramData\Apple
2019-02-24 10:13:18 ----D---- C:\Windows\system32\config
2019-02-24 10:11:08 ----SHD---- C:\System Volume Information
2019-02-23 21:42:22 ----RSD---- C:\Windows\assembly
2019-02-23 21:42:22 ----RD---- C:\Program Files
2019-02-23 21:42:03 ----RSD---- C:\Windows\Fonts
2019-02-23 21:29:54 ----D---- C:\Program Files (x86)\dead cells
2019-02-23 21:29:15 ----RD---- C:\Program Files (x86)
2019-02-23 21:09:39 ----D---- C:\Windows\system32\Tasks
2019-02-23 21:09:39 ----D---- C:\Program Files\Opera
2019-02-21 21:59:17 ----D---- C:\Program Files (x86)\Dropbox
2019-02-21 21:59:11 ----D---- C:\Windows\system32\drivers
2019-02-21 21:40:11 ----D---- C:\Users\Jakub\AppData\Roaming\uTorrent
2019-02-16 13:49:41 ----D---- C:\ProgramData\boost_interprocess
2019-02-13 08:26:21 ----HD---- C:\ProgramData
2019-02-12 22:28:16 ----D---- C:\Program Files (x86)\TeamViewer
2019-02-12 22:28:15 ----SD---- C:\ProgramData\Microsoft
2019-02-12 21:17:11 ----D---- C:\Users\Jakub\AppData\Roaming\inkscape
2019-02-12 21:17:11 ----D---- C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2019-02-12 21:17:09 ----D---- C:\Windows\Logs
2019-02-12 21:17:09 ----D---- C:\Windows\debug
2019-02-11 11:06:25 ----D---- C:\Users\Jakub\AppData\Roaming\TeXstudio
2019-02-08 22:35:37 ----D---- C:\Program Files\CCleaner
2019-02-08 20:55:22 ----D---- C:\Windows\system32\Macromed
2019-02-08 20:55:20 ----D---- C:\Windows\SYSWOW64\Macromed
2019-02-03 20:31:46 ----D---- C:\Users\Jakub\AppData\Roaming\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-12-22 201768]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-12-22 346592]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-12-22 59496]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-12-22 87432]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-12-22 380464]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2016-12-07 39008]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-12-22 201240]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-12-22 230344]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-12-22 239840]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2018-12-22 42288]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-12-22 111800]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-12-22 1028680]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-12-22 469272]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2019-01-18 163416]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-12-22 208472]
R3 ACPIVPC;@oem15.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\Windows\System32\drivers\AcpiVpc.sys [2016-12-07 35600]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 dtlitescsibus;@oem17.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\System32\drivers\dtlitescsibus.sys [2016-12-08 30264]
R3 dtliteusbbus;@oem18.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\Windows\System32\drivers\dtliteusbbus.sys [2016-12-08 47672]
R3 JMCR;JMCR; C:\Windows\System32\drivers\jmcr.sys [2012-06-22 174176]
R3 ksaud;@oem25.inf,%KSAUD.SvcDesc%;Creative USB Audio Driver; C:\Windows\system32\drivers\ksaud.sys [2013-04-03 1587968]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\Windows\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem4.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-17 62784]
R3 NETwNe64;@oem20.inf,___ %NIC_Service_DispName_WIN8_64%;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 8 64 Bit; C:\Windows\system32\DRIVERS\NETwew00.sys [2013-09-04 3345376]
R3 NVHDA;@oem12.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-12-02 212936]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2016-12-12 14073400]
R3 nvvad_WaveExtensible;@oem3.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2017-01-06 47672]
R3 nvvhci;@oem23.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\Windows\System32\drivers\nvvhci.sys [2017-01-06 59448]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-09-25 31032]
R3 ssdevfactory;@oem1.inf,%ssdevfactory.SVCDESC%;SteelSeries Device Factory Service; C:\Windows\System32\drivers\ssdevfactory.sys [2017-06-02 46408]
R3 SynTP;@oem7.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-09-25 464184]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-12-22 46384]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dbx;dbx; C:\Windows\system32\DRIVERS\dbx.sys []
S3 dg_ssudbus;@oem36.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-01-06 29240]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 sshid;@oem5.inf,%sshid.SvcDesc%;SteelSeries HID Service; C:\Windows\System32\drivers\sshid.sys [2017-08-15 45936]
S3 ssudmdm;@oem37.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 tap0901;@oem19.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
S3 USBAAPL64;@oem28.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2017-11-27 54784]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-12-13 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-08-13 83984]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-01-05 83768]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-12-22 324000]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2010-02-12 286720]
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2019-02-20 51024]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 DisplayFusionService;DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [2018-12-27 6601128]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-06 464440]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-12-11 459832]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-01-06 427064]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-09-28 10803440]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-12-22 8188768]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-12 164984]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-08 143144]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-29 153168]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-09-12 164984]
S3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.99\elevation_service.exe [2019-01-09 390552]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2018-04-28 5745672]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-12-08 143144]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-11-17 1473216]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-04-11 775296]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 GalaxyClientService;GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2019-02-24 707144]
S3 GalaxyCommunication;GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [2019-02-24 7172680]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\elevation_service.exe [2019-02-20 1271280]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-29 153168]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-06 464440]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2019-02-18 1693472]
S4 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------

[Conder]

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[pesslovany]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-02-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-01-2019
# Duration: 00:00:01
# OS: Windows 8.1 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1267 octets] - [01/03/2019 08:31:33]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Conder]

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

[pesslovany]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.03.2019
Ran by Jakub (administrator) on MATOUJAK (02-03-2019 12:32:48)
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Binary Fortress Software Ltd. -> Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\Jakub\AppData\Local\FluxSoftware\Flux\flux.exe
(Kristjan Skutta -> ) D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe
(SteelSeries ApS -> SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\livecomm.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.68\opera.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1855544 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2016-12-07] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2016-12-07] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2013-09-25] (Synaptics Incorporated -> Synaptics)
HKLM\...\Run: [Creative SB Monitoring Utility] => C:\Windows\system32\sbavmon.dll [116224 2010-08-03] (Creative Technology -> Creative Technology Ltd.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi Go Pro\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4190016 2019-02-20] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4958912 2016-11-17] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-07-14] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-07-14] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\Run: [AvastBrowserAutoLaunch_4099706D4B6D8A735C77756484F8AE9D] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1822448 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\Run: [f.lux] => C:\Users\Jakub\AppData\Local\FluxSoftware\Flux\flux.exe [1820168 2018-10-24] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\Run: [WallpaperEngine] => D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe [1698296 2019-02-21] (Kristjan Skutta -> )
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\MountPoints2: {ca51eee4-bcd0-11e6-8251-606c6658a0ba} - "F:\setup.exe"
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2012-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2012-08-30] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [102400 2005-06-15] (TechSmith Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.119\Installer\chrmstp.exe [2019-02-26] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.99\Installer\chrmstp.exe [2019-01-16] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-09-27]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS -> SteelSeries ApS)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{185D8973-6B88-490D-91A4-4E1B2A29FCA8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2F7683E2-B8D7-4ACC-80DB-0AEF141E1C7F}: [DhcpNameServer] 192.168.0.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.0.104,1]

Internet Explorer:
==================
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-11] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-11] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-18] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default [2019-02-24]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-02-20]
CHR Extension: (Dropbox for Gmail) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2019-02-08]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-08]
CHR Extension: (ZenMate VPN - Best Cyber Security & Unblock) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2018-10-25]
CHR Extension: (Avast Online Security) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-19]
CHR Extension: (Yоutubе Video Downloader) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\iomfhkacijbbgflnikmmplnjnjjkeiej [2018-01-09]
CHR Extension: (Grammarly for Chrome) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-02-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-15]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-12] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-09-12] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\71.0.1037.99\elevation_service.exe [390552 2019-01-09] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [5745672 2018-04-28] (BattlEye Innovations e.K. -> )
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-08] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-12-08] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2019-02-20] (Dropbox, Inc -> Dropbox, Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1473216 2016-11-17] (Disc Soft Ltd -> Disc Soft Ltd)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [6601128 2018-12-27] (Binary Fortress Software Ltd. -> Binary Fortress Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-11] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [707144 2019-02-24] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2019-02-24] (GOG Sp. z o.o. -> GOG.com)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2018-09-28] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163416 2019-01-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-12-08] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-12-08] (Disc Soft Ltd -> Disc Soft Ltd)
R3 ksaud; C:\Windows\system32\drivers\ksaud.sys [1587968 2013-04-03] (Creative Technology -> Creative Technology Ltd.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [59448 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31032 2013-09-25] (Synaptics Incorporated -> Synaptics Incorporated)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46408 2017-06-02] (SteelSeries ApS -> SteelSeries ApS)
S3 sshid; C:\Windows\System32\drivers\sshid.sys [45936 2017-08-15] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [40664 2013-08-22] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-02 12:32 - 2019-03-02 12:33 - 000024608 _____ C:\Users\Jakub\Desktop\FRST.txt
2019-03-02 12:32 - 2019-03-02 12:31 - 002434048 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2019-03-02 12:31 - 2019-03-02 12:32 - 000000000 ____D C:\FRST
2019-03-01 08:30 - 2019-03-01 08:30 - 007316688 _____ (Malwarebytes) C:\Users\Jakub\Desktop\adwcleaner_7.2.7.0.exe
2019-02-24 18:30 - 2019-02-24 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-02-24 10:39 - 2019-02-24 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gwent [GOG.com]
2019-02-21 21:59 - 2019-02-21 21:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-02-20 00:19 - 2019-02-20 00:19 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2019-02-20 00:19 - 2019-02-20 00:19 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2019-02-20 00:19 - 2019-02-20 00:19 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2019-02-20 00:19 - 2019-02-20 00:19 - 000047800 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2019-02-17 20:44 - 2019-02-28 19:51 - 000000000 ____D C:\Program Files\trend micro
2019-02-17 20:44 - 2019-02-17 20:45 - 000000000 ____D C:\rsit
2019-02-13 08:27 - 2019-02-13 08:27 - 000000000 ____D C:\Users\Jakub\Downloads\MathWorks
2019-02-13 08:26 - 2019-02-13 08:26 - 000000000 ____D C:\ProgramData\MATLAB

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-02 12:11 - 2016-12-07 23:50 - 000000000 ____D C:\Users\Jakub\AppData\Local\ClassicShell
2019-03-02 12:09 - 2016-12-07 23:14 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1493514101-4097105871-2381636478-1001
2019-03-02 12:05 - 2018-09-06 15:20 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-03-02 12:05 - 2018-04-24 21:19 - 000003834 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1524601186
2019-03-02 12:05 - 2017-01-11 18:29 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-03-02 12:05 - 2016-12-12 18:56 - 000000000 ____D C:\Program Files (x86)\Steam
2019-03-01 08:38 - 2018-04-24 21:19 - 000001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-03-01 08:38 - 2018-04-24 21:19 - 000000000 ____D C:\Program Files\Opera
2019-03-01 08:38 - 2013-09-30 05:20 - 001739092 _____ C:\Windows\system32\PerfStringBackup.INI
2019-03-01 08:38 - 2013-09-30 04:57 - 000734510 _____ C:\Windows\system32\perfh005.dat
2019-03-01 08:38 - 2013-09-30 04:57 - 000148820 _____ C:\Windows\system32\perfc005.dat
2019-03-01 08:38 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2019-03-01 08:32 - 2017-02-22 16:22 - 000000000 ____D C:\Users\Jakub\AppData\Local\TSVNCache
2019-03-01 08:32 - 2016-12-07 23:14 - 000000000 ____D C:\ProgramData\NVIDIA
2019-03-01 08:32 - 2016-12-07 23:11 - 000000000 __RDO C:\Users\Jakub\SkyDrive
2019-03-01 08:32 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-03-01 08:32 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-03-01 08:31 - 2017-01-15 12:52 - 000000000 ____D C:\AdwCleaner
2019-02-28 21:38 - 2018-03-11 11:36 - 000000000 ____D C:\Users\Jakub\AppData\Roaming\TeXstudio
2019-02-28 21:19 - 2017-09-28 14:56 - 000000000 ____D C:\Users\Jakub\AppData\Local\Spotify
2019-02-28 21:00 - 2017-09-28 14:55 - 000000000 ____D C:\Users\Jakub\AppData\Roaming\Spotify
2019-02-28 17:15 - 2017-09-20 13:41 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-02-27 08:14 - 2013-08-22 15:44 - 000419128 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-26 21:39 - 2016-12-07 23:08 - 000000000 ____D C:\Users\Jakub
2019-02-26 07:10 - 2017-04-29 09:33 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-02-26 07:10 - 2017-04-29 09:33 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-02-24 18:58 - 2017-03-25 17:37 - 000000000 ____D C:\Users\Jakub\AppData\Roaming\TeamViewer
2019-02-24 18:30 - 2017-09-20 13:45 - 000000000 ___RD C:\Program Files (x86)\Skype
2019-02-24 18:30 - 2017-01-10 14:26 - 000000000 ____D C:\ProgramData\Skype
2019-02-24 18:29 - 2017-01-10 14:26 - 000000000 ____D C:\Users\Jakub\AppData\Roaming\Skype
2019-02-24 10:21 - 2017-01-28 20:58 - 000000000 ____D C:\Users\Jakub\AppData\Local\CrashDumps
2019-02-24 10:17 - 2018-05-21 23:14 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2019-02-24 10:14 - 2017-07-26 22:32 - 000000000 ____D C:\ProgramData\Apple
2019-02-23 21:29 - 2018-09-05 05:54 - 000000000 ____D C:\Program Files (x86)\dead cells
2019-02-21 21:59 - 2016-12-08 00:48 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-02-21 21:40 - 2016-12-12 22:19 - 000000000 ____D C:\Users\Jakub\AppData\Roaming\uTorrent
2019-02-16 13:49 - 2017-08-16 11:40 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-02-15 09:53 - 2016-12-08 00:48 - 000000924 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-02-15 09:53 - 2016-12-08 00:48 - 000000920 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-02-14 08:15 - 2016-12-08 00:48 - 000003898 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2019-02-14 08:15 - 2016-12-08 00:48 - 000003662 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2019-02-13 20:01 - 2017-01-05 14:12 - 000178176 ___SH C:\Users\Jakub\Desktop\Thumbs.db
2019-02-12 22:28 - 2017-03-25 17:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-02-12 21:28 - 2018-09-11 23:31 - 000003218 _____ C:\Windows\System32\Tasks\vypnout
2019-02-12 21:28 - 2018-05-21 19:43 - 000004542 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-12 21:28 - 2017-04-29 09:32 - 000003388 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-02-12 21:28 - 2017-04-29 09:32 - 000003260 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-02-12 21:28 - 2017-01-25 13:26 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-12 21:17 - 2018-02-11 13:36 - 000000000 ____D C:\Users\Jakub\AppData\Roaming\inkscape
2019-02-12 21:17 - 2016-12-08 00:19 - 000000000 ____D C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2019-02-08 22:35 - 2017-01-15 01:24 - 000000000 ____D C:\Program Files\CCleaner
2019-02-08 20:57 - 2016-12-19 13:55 - 000000000 ____D C:\Users\Jakub\AppData\Local\Adobe
2019-02-08 20:55 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-02-08 20:55 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-02-03 20:40 - 2017-08-01 18:55 - 000000000 ____D C:\Users\Jakub\Documents\Knihovna Calibre
2019-02-03 20:31 - 2016-12-23 01:29 - 000000000 ____D C:\Users\Jakub\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2017-03-16 22:27 - 2018-09-13 20:39 - 000005632 _____ () C:\Users\Jakub\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-02-22 15:31 - 2017-05-23 13:02 - 000000600 _____ () C:\Users\Jakub\AppData\Local\PUTTY.RND
2019-01-09 15:19 - 2019-01-09 15:19 - 000001322 _____ () C:\Users\Jakub\AppData\Local\recently-used.xbel
2016-12-11 11:50 - 2016-12-11 11:50 - 000007601 _____ () C:\Users\Jakub\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2019-02-24 18:29 - 2019-02-24 18:29 - 064017976 _____ (Skype Technologies S.A.) C:\Users\Jakub\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-01 19:52

==================== End of FRST.txt ============================

[pesslovany]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.03.2019
Ran by Jakub (02-03-2019 12:34:27)
Running from C:\Users\Jakub\Desktop
Windows 8.1 Pro (Update) (X64) (2016-12-07 22:08:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1493514101-4097105871-2381636478-500 - Administrator - Enabled)
Guest (S-1-5-21-1493514101-4097105871-2381636478-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1493514101-4097105871-2381636478-1003 - Limited - Enabled)
Jakub (S-1-5-21-1493514101-4097105871-2381636478-1001 - Administrator - Enabled) => C:\Users\Jakub

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Aktualizace NVIDIA 23.2.20.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.2.20.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 376.33 - NVIDIA Corporation) Hidden
AnyTrans (HKLM-x32\...\{1C70C6DA-5B2B-4C8F-8804-B37564798C10}) (Version: 6.2.0 - iMobie) Hidden
AnyTrans (HKLM-x32\...\AnyTrans 6.2.0) (Version: 6.2.0 - iMobie)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
AutoHotkey 1.1.29.01 (HKLM\...\AutoHotkey) (Version: 1.1.29.01 - Lexikos)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.99 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Balíček ovladače systému Windows - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Balíček ovladače systému Windows - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
calibre (HKLM-x32\...\{A253C2A7-FD66-43AA-9EA7-D30E5041F391}) (Version: 3.5.0 - Kovid Goyal)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0220 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayFusion 9.4.3 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 9.4.3.0 - Binary Fortress Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 67.4.83 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.14 - Lenovo)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\Flux) (Version: - f.lux Software LLC)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: 1.2.41.110 - GOG.com)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.20) (Version: 9.20 - Artifex Software Inc.)
GSview 5.0 (HKLM\...\GSview 5.0) (Version: 5.0 - Ghostgum Software Pty Ltd)
Gwent (HKLM-x32\...\1971477531_is1) (Version: 1.2.1 - GOG.com)
iCloud (HKLM\...\{C510BB61-AE0B-4420-87AF-9CF646E86364}) (Version: 6.2.3.17 - Apple Inc.)
Inkscape 0.92.2 (HKLM-x32\...\Inkscape) (Version: 0.92.2 - Inkscape Project)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java SE Development Kit 8 Update 121 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180121}) (Version: 8.0.1210.13 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.71.1 - JMicron Technology Corp.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
MATLAB R2018a (HKLM\...\Matlab R2018a) (Version: 9.4 - MathWorks)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Word 2013 (HKLM\...\Office15.WORD) (Version: 15.0.4420.1017 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.2.2.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.2.49 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.2.2.49 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.0.2.1 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.2 - NVIDIA Corporation) Hidden
Opera Stable 58.0.3135.79 (HKLM-x32\...\Opera 58.0.3135.79) (Version: 58.0.3135.79 - Opera Software)
Ovládací panel NVIDIA 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.33 - NVIDIA Corporation) Hidden
Path of Building version 1.3.14 (HKLM-x32\...\{72FA9AB7-189F-4BDE-8856-72DEB90C157B}_is1) (Version: 1.3.14 - Openarl)
Podpora aplikací Apple (64bitová) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Python 3.6.0 (32-bit) (HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\{8ba65a8c-cb48-4716-bc24-47c148808015}) (Version: 3.6.150.0 - Python Software Foundation)
Python 3.6.0 (Anaconda3 4.3.0 64-bit) (HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\Python 3.6.0 (Anaconda3 4.3.0 64-bit)) (Version: 4.3.0 - Continuum Analytics, Inc.)
Python 3.6.0 Add to Path (32-bit) (HKLM-x32\...\{D4C8360E-C73A-46B9-AF8E-672684048BF0}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Core Interpreter (32-bit) (HKLM-x32\...\{FC638B75-E969-4496-A546-9D78EA7D8F35}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Development Libraries (32-bit) (HKLM-x32\...\{F2A430F2-A7AC-4B46-808A-FC6E8419ABDE}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Documentation (32-bit) (HKLM-x32\...\{A66771E3-430A-40A7-B00C-94A239396BEE}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Executables (32-bit) (HKLM-x32\...\{3C182441-3C75-4113-A28D-D3AEAD85B320}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 pip Bootstrap (32-bit) (HKLM-x32\...\{1D427483-31FE-4ED4-AD39-AB78BBF7D22D}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Standard Library (32-bit) (HKLM-x32\...\{4CB36E4F-EC00-479B-AA25-0B9EC5385B0C}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C7D63030-7738-499A-A0D2-8549174D2B70}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Test Suite (32-bit) (HKLM-x32\...\{6EAD5F85-97EC-4AFB-84D2-D52AC41D3C66}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Utility Scripts (32-bit) (HKLM-x32\...\{7C3DAC9E-E229-415C-A600-5974B5D9DE7F}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{A674B2CB-13CA-437B-A215-9DD257959A49}) (Version: 3.6.5835.0 - Python Software Foundation)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
RexLib 2.11 for Matlab 8.0 (HKLM\...\RexLib 2.11 for Matlab 8.0_is1) (Version: 2_11_0_5611 - REX Controls)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.2.2.49 - NVIDIA Corporation) Hidden
Skype verze 8.39 (HKLM-x32\...\Skype_is1) (Version: 8.39 - Skype Technologies S.A.)
Sound Blaster X-Fi Go! Pro (HKLM-x32\...\{587B7A6F-CA1F-4639-9083-16F9BB2363B4}) (Version: 1.0 - Creative Technology Limited)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Spotify (HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\Spotify) (Version: 1.1.0.237.g378f6f25 - Spotify AB)
SSD Tweaker version 3.7.0 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.7.0 - Elpamsoft.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.11.4 (HKLM\...\SteelSeries Engine 3) (Version: 3.11.4 - SteelSeries ApS)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.132598 - TeamViewer)
TeXnicCenter Version 2.02 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.02 Stable - The TeXnicCenter Team)
TeXstudio 2.12.6 (HKLM-x32\...\TeXstudio_is1) (Version: 2.12.6 - Benito van der Zander)
TikzEdt 0.2.3 (HKLM-x32\...\{479B63CD-053E-4801-A650-978A8866654C}) (Version: 0.2.3 - TikzEdt)
TortoiseSVN 1.9.5.27581 (64 bit) (HKLM\...\{1655E9E4-04C9-414E-8581-6D1162DFB802}) (Version: 1.9.27581 - TortoiseSVN)
Transcend SSD Scope version 3.4.0 (HKLM-x32\...\{AD8E7B8B-EAD8-4B9F-882E-7970ABFACE34}_is1) (Version: 3.4.0 - Transcend Information, Inc.)
TWS API (HKLM-x32\...\{F6CB2DC1-8C81-408C-AF51-87EA30610E8C}) (Version: 9.71.06 - IBG LLC)
Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.15 - Vector Magic, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wizard of Legend (HKLM-x32\...\2061814323_is1) (Version: 1.01 - GOG.com)
World of Tanks (HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1493514101-4097105871-2381636478-1001_Classes\CLSID\{00916441-7442-E301-AE7C-62346076681A}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ Tortoise1Normal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise2Modified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise3Conflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise4Locked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise5ReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise6Deleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise7Added] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise8Ignored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ Tortoise9Unversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2015-08-25] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-03-19] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-07-14] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2016-11-26] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2016-11-26] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => -> No File
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2016-11-26] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-02-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-12-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2016-11-26] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-12-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [TortoiseSVN] -> {30351349-7B7D-4FCC-81B4-1E394CA267EB} => C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll [2016-11-26] (Open Source Developer, Stefan KUENG -> hxxp://tortoisesvn.net)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0778A2EF-1DBD-401B-A13A-78F2ADB4816F} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0D1A552E-E6AE-4F7C-A108-DA844108F4B9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D4C741A-B42F-43A4-8AD3-EE84F1A04133} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {2D7C5921-0FA2-4FEC-B007-9F4ECF9C8219} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe () [File not signed]
Task: {32BEA640-7A51-4E03-A30C-9EB44072EB72} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {32E23ABD-1B96-4744-A88E-C04ADFC4C279} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {37A16317-7BE2-40D9-8C3C-C41B6FEF77A9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {499EACAC-16C5-4509-AF06-44F8FDDC8579} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {4A80E916-B1EB-49EE-AD09-1B4A611DF277} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {55B7BA68-1CBB-452B-932E-6B21271A8D57} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6A0711B2-F005-4085-8DA2-446F99644A07} - System32\Tasks\vypnout => C:\Windows\System32\shutdown.exe (Microsoft Windows -> Microsoft Corporation)
Task: {6E3469BE-FB22-4613-9B74-844518B70C27} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6F2E49D4-4A84-41DD-8026-3F3B440373C1} - System32\Tasks\steamwebhelper_killer => TASKKILL [Argument = /F /IM steamwebhelper.exe /T] <==== ATTENTION
Task: {7053E397-980D-412E-9282-76B54BEF666F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {756D5DAC-6485-4BF9-9B54-13D2B1CEE9D4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {879C57E5-7436-479E-8404-CD6152445B4A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {8A5B2B5F-875B-4AD7-B875-F5814B43C6E1} - System32\Tasks\MATLAB R2014a Startup Accelerator => C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe
Task: {971C40AB-B06A-47BC-B447-445D67E5630D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9E6E3FE8-A346-48F0-AEC4-B4A6A42F4565} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9FBA5BA5-99EC-4F0B-B34B-1F1EC8004BCC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {A38D88D4-206D-4D4B-9671-4F2BE028C8E0} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {A5870721-1420-4A56-A67F-221E773DB887} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BC82FE0B-7DE2-4BE5-A25C-9D627DB314AF} - System32\Tasks\LaunchChromeTask111 => C:\Program Files\FileZilla FTP Client\FileZilla.exe
Task: {C94EF7A1-2A92-4296-85D7-09452517621B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D170D3E5-CEE7-4953-AFE0-BCEB30629B6D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {DA333C43-E463-48EC-955D-82D84C0F955A} - System32\Tasks\Opera scheduled Autoupdate 1524601186 => C:\Program Files\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {DF48556F-9E6E-42D1-908B-6E882FB3768F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.)
Task: {E677D87E-5122-4B5A-84ED-875FC0D54201} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ECD285F4-A780-4B3C-B8BE-783466B72EF6} - System32\Tasks\Microsoft\Windows\WS\WSLicenses => C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\WmiPrvSE.exe (Microsoft Corporation) [File not signed]
Task: {FE4331EF-5430-40F0-B000-604C473C6E78} - System32\Tasks\Microsoft\Windows\WS\WSSync => C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2014a Startup Accelerator.job => C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt (2).lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\Jakub\Anaconda3\Scripts\activate.bat C:\Users\Jakub\Anaconda3
ShortcutWithArgument: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\Jakub\Anaconda3\Scripts\activate.bat C:\Users\Jakub\Anaconda3
ShortcutWithArgument: C:\Users\Jakub\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9aa6aa6aec084c1c\Hangouts Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --user-data-dir="D:\ssd\chrome" --profile-directory=Default --app-id=nckgahadagoaajjgafhacjanaoiihapd

==================== Loaded Modules (Whitelisted) ==============

2017-01-15 01:47 - 2016-12-11 19:23 - 000860776 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2017-01-15 02:50 - 2010-02-12 10:23 - 000286720 _____ (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
2017-09-25 13:25 - 2012-06-14 16:18 - 000359936 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2017-01-15 01:47 - 2016-12-11 19:23 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 003661784 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 000883160 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 000289240 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 000163800 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
2018-12-22 13:07 - 2009-12-29 16:52 - 000089088 _____ () [File not signed] C:\Windows\SYSTEM32\CmdRtr64.DLL
2018-12-22 13:07 - 2010-07-22 16:46 - 000237056 _____ () [File not signed] C:\Windows\SYSTEM32\APOMgr64.DLL
2017-09-18 19:46 - 2017-09-18 19:46 - 002284032 _____ (Holtek) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\ISPDLL.dll
2017-09-18 19:46 - 2017-09-18 19:46 - 002146304 _____ (Holtek Semiconductor Inc.) [File not signed] C:\Program Files\SteelSeries\SteelSeries Engine 3\HIDDLL.dll
2017-01-15 01:47 - 2016-12-11 19:23 - 000747648 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Jakub\Desktop\skola – zástupce.lnk:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Public\AppData:CSM [464]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-04 09:46 - 000000822 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\EasyPHP-DevServer-14.1VC9\binaries\php\php_runningversion;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\MATLAB\R2018a\runtime\win64;C:\Program Files\MATLAB\R2018a\bin;C:\Program Files\MATLAB\MATLAB Production Server\R2015a\runtime\win64;C:\Program Files\MATLAB\MATLAB Production Server\R2015a\bin;C:\Program Files\MATLAB\R2014a\runtime\win64;C:\Program Files\MATLAB\R2014a\bin;C:\Program Files\MATLAB\R2014a\polyspace\bin;C:\Program Files\TortoiseSVN\bin;C:\Program Files\Java\jdk1.8.0_121\bin;.;C:\Program Files\MiKTeX 2.9\miktex\bin\x64\;C:\Program Files (x86)\Calibre2\;C:\Program Files\MATLAB\MATLAB Production Server\R2015a\polyspace\bin
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\Control Panel\Desktop\\Wallpaper -> D:\ssd\stazene souboury\365cb2b6b40cec500dcaee502c3325c1.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: BthHFSrv => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\startupreg: Bonus.SSR.FR12 => "D:\Program Files (x86)\Abby\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "JPG Files To Animated GIF Converter Software.exe"
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{406B3478-4B14-4966-AA5D-C1B05D734B8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{75E067A9-8031-47B0-9F11-342E2D46EFE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{49DAC1A5-C340-4BE7-BCDD-0B552B0274FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{286771AF-73B5-42BC-B850-8408C219EDB6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0553D086-D1E0-48B8-98D8-6B3A1BB54484}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F4D78C46-EF2F-4D07-8E30-D81581BE92B5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{3A3A29D4-F8A1-43D0-959B-C9FBE6BCF3AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{9271CDCD-7180-4F95-B3F9-C8A20251A544}C:\users\jakub\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jakub\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{2F4105F3-D815-410A-BF7E-1E96DD52410A}C:\users\jakub\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jakub\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{39CD95B8-D0BA-488D-A341-2FA28ECD7F2D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3DB9322B-4E7D-42E2-BD20-B72B3BAE52F2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{EB8D7C65-44B6-4F12-84AB-B6DA5B0694C8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [UDP Query User{34E8BBF9-C48B-4C2A-9188-5F1C21DF8123}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [TCP Query User{57FBBC0C-4397-4D6E-A72E-7B37EE798292}C:\users\jakub\anaconda3\pythonw.exe] => (Allow) C:\users\jakub\anaconda3\pythonw.exe (Python Software Foundation) [File not signed]
FirewallRules: [UDP Query User{0FCFF559-8A11-4B61-9E63-D0FC93EA6754}C:\users\jakub\anaconda3\pythonw.exe] => (Allow) C:\users\jakub\anaconda3\pythonw.exe (Python Software Foundation) [File not signed]
FirewallRules: [TCP Query User{ECCD18BB-17DB-4CE7-821A-C6DAD352F73D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{16909826-B324-4BFC-844E-822F441ECD88}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{3781F813-1AB9-4749-9F7F-EA082D2A104F}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [TCP Query User{F04DE818-1CA1-4151-AFE8-C332B2A1B6B2}C:\users\jakub\appdata\local\programs\python\python36-32\python.exe] => (Allow) C:\users\jakub\appdata\local\programs\python\python36-32\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [UDP Query User{EABDC395-4FB0-4870-ABCA-42B4160BFC10}C:\users\jakub\appdata\local\programs\python\python36-32\python.exe] => (Allow) C:\users\jakub\appdata\local\programs\python\python36-32\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [{6EA82538-F69F-48B4-A09B-775D3020808B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{FFFEC32E-C4C5-42C1-B7DD-CCAB863B380B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1592CFB1-F7F4-4756-A43B-B644AE39EAD4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2C314435-A049-456E-9EAC-01CAEC137BCB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DBDD460D-28AB-42E2-A88D-659C268266F7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{9E35E6E2-F7B1-4D48-B2F2-C9FFA46E4AAD}C:\users\jakub\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jakub\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{AC4A25D0-89D8-4A1D-B20A-0A540A727002}C:\users\jakub\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jakub\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{8E53DEDE-B323-4959-924A-F51F20A9C202}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{82650A44-FB50-48DD-B2EE-2A27AB8C0C2E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{06A8E5B0-FB89-477A-B7DF-2A810CBC1E66}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DF516C53-1F1D-4622-9F29-BE67340F1FF2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{589FC237-5516-47E5-B17A-AE76C182C7B5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{33D4A80F-AD3F-4C3B-8893-E6C905D1874C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [TCP Query User{3DAEA1EE-0E24-4C7B-8AFF-E47DF19D11AD}C:\program files\matlab\matlab production server\r2015a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\matlab production server\r2015a\bin\win64\matlab.exe No File
FirewallRules: [UDP Query User{9B245D45-C5A0-4663-A501-D7A8B7B6C03D}C:\program files\matlab\matlab production server\r2015a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\matlab production server\r2015a\bin\win64\matlab.exe No File
FirewallRules: [{E507F4A6-204C-4E19-8C46-AAC36CE6D415}] => (Allow) D:\Program Files (x86)\World_of_Tanks\WoTLauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{79A7A183-FFC8-4099-8C00-A9A591F54D93}] => (Allow) D:\Program Files (x86)\World_of_Tanks\WoTLauncher.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{22CCAE9D-765F-43E7-859D-74B13DD5DC5D}] => (Allow) D:\Program Files (x86)\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{52DAB909-50B7-403D-B330-7D4B74CC5893}] => (Allow) D:\Program Files (x86)\World_of_Tanks\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{C058B82E-C51B-4D8C-87AA-3A8C37335416}C:\users\jakub\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jakub\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{5B635353-3EEB-4BF2-BDFD-E5F7E9870559}C:\users\jakub\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jakub\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{1F4B4406-7922-465D-B400-B0AFA1A3093D}D:\ssd\quake 3 arena\quake3.exe] => (Allow) D:\ssd\quake 3 arena\quake3.exe No File
FirewallRules: [UDP Query User{1675F1A4-EB10-4EB5-937F-3B4ADB9418BE}D:\ssd\quake 3 arena\quake3.exe] => (Allow) D:\ssd\quake 3 arena\quake3.exe No File
FirewallRules: [{7AB81004-DB8E-4B0E-ACF9-0750FA80E8E4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{557372B4-D338-4424-BE8F-3D00C730BFA1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E7AB44D3-991A-4313-8930-6166649CE5A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{99F57513-94AD-4629-B284-316FFAC73E07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{0E7F7DF6-F37A-4753-B9E2-04E0EBA2A105}C:\users\jakub\eclipse\java-oxygen\eclipse\eclipse.exe] => (Block) C:\users\jakub\eclipse\java-oxygen\eclipse\eclipse.exe () [File not signed]
FirewallRules: [UDP Query User{1E2F5039-60F3-401E-831F-D07573E64414}C:\users\jakub\eclipse\java-oxygen\eclipse\eclipse.exe] => (Block) C:\users\jakub\eclipse\java-oxygen\eclipse\eclipse.exe () [File not signed]
FirewallRules: [TCP Query User{90C35498-C259-4637-A386-24FDE907BAA2}C:\users\jakub\eclipse\java-oxygen\eclipse\eclipse.exe] => (Allow) C:\users\jakub\eclipse\java-oxygen\eclipse\eclipse.exe () [File not signed]
FirewallRules: [UDP Query User{D1DD1B6E-3D46-4E6A-8825-8CDB3DE6A5F6}C:\users\jakub\eclipse\java-oxygen\eclipse\eclipse.exe] => (Allow) C:\users\jakub\eclipse\java-oxygen\eclipse\eclipse.exe () [File not signed]
FirewallRules: [{56499719-732D-4775-8FD0-CB0DBE6CCA93}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{93C9DD28-83A1-45DD-8EC9-0729D4F86FC9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F28BF9A2-3C7E-4B96-8701-D88A6B0E8028}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{1D2E024A-A2CE-4556-B680-D02EF0B52E68}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FA675817-9D88-4150-AF02-7F05B9040814}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{E5F39A28-E430-45C5-8F52-5883FD3724BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9B1DFEFC-731E-42B2-9848-092051CF1795}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{530E7E1F-4208-4956-A3AA-48817389F5C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{E1B4F335-369E-4A9C-AEE3-F9B35121ECAC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{772FCFC4-B614-4541-8E2C-D71681730101}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{5F0AB3B5-144F-4AB9-81A9-6E8FAFDAD162}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{D38AC875-CA45-4E7C-A13A-4127B6640DFD}C:\program files\matlab\r2018a\bin\win64\matlab.exe] => (Block) C:\program files\matlab\r2018a\bin\win64\matlab.exe (The MathWorks, Inc. -> The MathWorks Inc.)
FirewallRules: [UDP Query User{9E4B4AC5-B982-4F8E-9FBE-DD1AC67D81AE}C:\program files\matlab\r2018a\bin\win64\matlab.exe] => (Block) C:\program files\matlab\r2018a\bin\win64\matlab.exe (The MathWorks, Inc. -> The MathWorks Inc.)
FirewallRules: [{A5E1A888-A0FB-4C36-8A21-0E8093EB9B47}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{69480AA7-731B-49AA-A9AA-F068B363701C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\launcher.exe (Kristjan Skutta -> )
FirewallRules: [{443309F0-CF64-467A-AF51-8C29346D6BFE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{7E63F8F8-63E0-4333-A06C-27F0DFDBDF1C}] => (Allow) C:\Program Files\Opera\58.0.3135.68\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{8AFB6FD1-F66C-4F83-B13D-67EE4F0B38D2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B0C60400-83C9-4E43-8544-30981C7B2483}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{44919BAC-D0A4-4FAE-AA3B-068576D2C5D9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{EB33CE45-9B40-4554-814A-E49209C7C84D}] => (Allow) C:\Program Files\Opera\58.0.3135.79\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/02/2019 11:58:13 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/01/2019 07:16:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 35997422

Error: (03/01/2019 07:16:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 35997422

Error: (03/01/2019 07:16:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/01/2019 07:16:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 35992594

Error: (03/01/2019 07:16:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 35992594

Error: (03/01/2019 07:16:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/01/2019 08:43:33 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (03/02/2019 12:11:23 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\Windows\AppCompat\Programs\Amcache.hve

Error: (03/01/2019 08:32:19 AM) (Source: BTHUSB) (EventID: 30) (User: )
Description: Místní adaptér nepodporuje důležitý stav řadiče úspory energie. Minimální požadovaná podporovaná maska stavu je 0x1f7fffff, aktuální hodnota je 0x1f3fffff. Funkce úspory energie bude vypnuta.

Error: (03/01/2019 08:31:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/01/2019 08:31:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/01/2019 08:31:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba DisplayFusionService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/01/2019 08:31:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba DbxSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/01/2019 08:31:46 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bonjour Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/01/2019 08:31:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Apple Mobile Device Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2017-08-30 11:09:29.438
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Střední
Kategorie: Nástroj
Cesta: containerfile:_D:\ssd\eshop\Office 2010 Toolkit.exe;file:_D:\ssd\eshop\Office 2010 Toolkit.exe->[MSILRES:Office_2010_Toolkit.Properties.Resources.resources]#1;webfile:_D:\ssd\eshop\Office 2010 Toolkit.exe|http://vip.5.dl.webshare.cz/2018/tu4p2n ... chrome.exe
Původ zjišťování: Internet
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.251.256.0, AS: 1.251.256.0, NIS: 117.8.0.0
Verze modulu: AM: 1.1.14104.0, NIS: 2.1.13804.0

Date: 2017-08-30 10:34:29.957
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Střední
Kategorie: Nástroj
Cesta: containerfile:_D:\ssd\eshop\Office 2010 Toolkit.exe;file:_D:\ssd\eshop\Office 2010 Toolkit.exe->[MSILRES:Office_2010_Toolkit.Properties.Resources.resources]#1;webfile:_D:\ssd\eshop\Office 2010 Toolkit.exe|http://vip.5.dl.webshare.cz/2018/tu4p2n ... chrome.exe
Původ zjišťování: Internet
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.251.192.0, AS: 1.251.192.0, NIS: 117.8.0.0
Verze modulu: AM: 1.1.14104.0, NIS: 2.1.13804.0

Date: 2017-08-29 13:00:28.168
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {ADBF0F51-5E4A-462A-91CC-2CE1CADE2344}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2017-08-29 12:59:15.916
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0F65796A-7C7F-4140-883F-C1CCD2922C6E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2017-08-29 12:58:23.268
Description:
Prohledávání Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Název: HackTool:Win32/Keygen
ID: 2147593794
Závažnost: Střední
Kategorie: Nástroj
Cesta: containerfile:_D:\ssd\eshop\Office 2010 Toolkit.exe;file:_D:\ssd\eshop\Office 2010 Toolkit.exe->[MSILRES:Office_2010_Toolkit.Properties.Resources.resources]#1;webfile:_D:\ssd\eshop\Office 2010 Toolkit.exe|http://vip.5.dl.webshare.cz/2018/tu4p2n ... chrome.exe
Původ zjišťování: Internet
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\rundll32.exe
Verze podpisu: AV: 1.251.192.0, AS: 1.251.192.0, NIS: 117.8.0.0
Verze modulu: AM: 1.1.14104.0, NIS: 2.1.13804.0

Date: 2017-06-19 15:47:33.561
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.245.1013.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.13804.0
Kód chyby: 0x80070005
Popis chyby řístup byl odepřen.

Date: 2017-06-19 15:47:33.561
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.245.1013.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.13804.0
Kód chyby: 0x80070005
Popis chyby řístup byl odepřen.

Date: 2017-05-24 12:58:02.086
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x8007041d
Popis chyby: Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2017-05-22 08:07:27.359
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x8007041d
Popis chyby: Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

Date: 2017-05-14 09:17:43.410
Description:
Funkce Ochrana v reálném čase u prohledávání Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x8007041d
Popis chyby: Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte počítač.

CodeIntegrity:
===================================

Date: 2017-09-01 02:57:36.523
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-29 12:58:23.100
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-28 10:37:06.175
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-27 04:45:15.276
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-26 18:07:24.310
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-26 18:07:24.088
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-21 14:41:31.585
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-08-20 23:15:36.064
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 67%
Total physical RAM: 4043.28 MB
Available physical RAM: 1329.44 MB
Total Virtual: 10827.28 MB
Available Virtual: 7181.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.12 GB) (Free:25.09 GB) NTFS
Drive d: (Windows8_OS) (Fixed) (Total:883.74 GB) (Free:476.02 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (LENOVO) (Fixed) (Total:25 GB) (Free:22.25 GB) NTFS

\\?\Volume{dbbe4b1e-3f0e-4fb9-b296-f49d716ae061}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{98d2914f-d64a-4b2a-8153-d52c0888605d}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{0d851cf0-99ff-457e-b1e6-9ada35b652d5}\ (PBR_DRV) (Fixed) (Total:20 GB) (Free:7.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: DB1F873C)

Partition: GPT.

==================== End of Addition.txt ============================

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\WmiPrvSE.exe
  File: C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe
  
  HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\MountPoints2: {ca51eee4-bcd0-11e6-8251-606c6658a0ba} - "F:\setup.exe" 
  HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
  S3 dbx; system32\DRIVERS\dbx.sys [X]
  2019-02-17 20:44 - 2019-02-28 19:51 - 000000000 ____D C:\Program Files\trend micro
  2019-02-17 20:44 - 2019-02-17 20:45 - 000000000 ____D C:\rsit
  ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} =>  -> No File
  Task: {2D7C5921-0FA2-4FEC-B007-9F4ECF9C8219} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe () [File not signed]
  C:\Windows\AutoKMS
  Task: {6F2E49D4-4A84-41DD-8026-3F3B440373C1} - System32\Tasks\steamwebhelper_killer => TASKKILL [Argument = /F /IM steamwebhelper.exe /T] <==== ATTENTION
  Task: {FE4331EF-5430-40F0-B000-604C473C6E78} - System32\Tasks\Microsoft\Windows\WS\WSSync => C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe <==== ATTENTION
  AlternateDataStreams: C:\Users\Jakub\Desktop\skola – zástupce.lnk:com.dropbox.attributes [168]
  AlternateDataStreams: C:\Users\Public\AppData:CSM [464]
  HKLM\...\StartupApproved\Run32: => "JPG Files To Animated GIF Converter Software.exe"
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[pesslovany]

Fix result of Farbar Recovery Scan Tool (x64) Version: 03.03.2019 01
Ran by Jakub (03-03-2019 18:59:26) Run:1
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\WmiPrvSE.exe
File: C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe

HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\...\MountPoints2: {ca51eee4-bcd0-11e6-8251-606c6658a0ba} - "F:\setup.exe"
HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
S3 dbx; system32\DRIVERS\dbx.sys [X]
2019-02-17 20:44 - 2019-02-28 19:51 - 000000000 ____D C:\Program Files\trend micro
2019-02-17 20:44 - 2019-02-17 20:45 - 000000000 ____D C:\rsit
ContextMenuHandlers3: [STKContextMenu] -> {90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => -> No File
Task: {2D7C5921-0FA2-4FEC-B007-9F4ECF9C8219} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe () [File not signed]
C:\Windows\AutoKMS
Task: {6F2E49D4-4A84-41DD-8026-3F3B440373C1} - System32\Tasks\steamwebhelper_killer => TASKKILL [Argument = /F /IM steamwebhelper.exe /T] <==== ATTENTION
Task: {FE4331EF-5430-40F0-B000-604C473C6E78} - System32\Tasks\Microsoft\Windows\WS\WSSync => C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe <==== ATTENTION
AlternateDataStreams: C:\Users\Jakub\Desktop\skola � z�stupce.lnk:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Public\AppData:CSM [464]
HKLM\...\StartupApproved\Run32: => "JPG Files To Animated GIF Converter Software.exe"

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 123
Average :
Sum : 15402937
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\WmiPrvSE.exe ========================

C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\WmiPrvSE.exe
File not signed
MD5: DD058C29D73670839DDF8F8E0DF09B84
Creation and modification date: 2017-08-15 05:10 - 2017-08-15 05:10
Size: 000952832
Attributes: -RASH
Company Name: Microsoft Corporation
Internal Name: Wmiprvse.exe
Original Name: Wmiprvse.exe
Product: Microsoft® Windows® Operating System
Description: WMI Provider Host
File Version: 6.3.9600.16384 (winblue_rtm.130821-1623)
Product Version: 6.3.9600.16384
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/f99677a ... 550710230/

====== End of File: ======


========================= File: C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe ========================

"C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe" => not found
====== End of File: ======

HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ca51eee4-bcd0-11e6-8251-606c6658a0ba} => removed successfully
HKLM\Software\Classes\CLSID\{ca51eee4-bcd0-11e6-8251-606c6658a0ba} => not found
"HKU\S-1-5-21-1493514101-4097105871-2381636478-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
HKLM\System\CurrentControlSet\Services\dbx => removed successfully
dbx => service removed successfully
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\STKContextMenu => removed successfully
HKLM\Software\Classes\CLSID\{90DD7445-E924-4c6e-92AC-01F8C3A7E0C7} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2D7C5921-0FA2-4FEC-B007-9F4ECF9C8219}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D7C5921-0FA2-4FEC-B007-9F4ECF9C8219}" => removed successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
C:\Windows\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F2E49D4-4A84-41DD-8026-3F3B440373C1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F2E49D4-4A84-41DD-8026-3F3B440373C1}" => removed successfully
C:\Windows\System32\Tasks\steamwebhelper_killer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\steamwebhelper_killer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{FE4331EF-5430-40F0-B000-604C473C6E78}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE4331EF-5430-40F0-B000-604C473C6E78}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\WS\WSSync => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WS\WSSync" => removed successfully
"C:\Users\Jakub\Desktop\skola � z�stupce.lnk" => ":com.dropbox.attributes" ADS not found.
C:\Users\Public\AppData => ":CSM" ADS removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\JPG Files To Animated GIF Converter Software.exe" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\JPG Files To Animated GIF Converter Software.exe" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11741115 B
Java, Flash, Steam htmlcache => 426017690 B
Windows/system/drivers => 2744706 B
Edge => 0 B
Chrome => 1544868 B
Firefox => 0 B
Opera => 73240454 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 147492 B
systemprofile32 => 0 B
LocalService => 1642 B
NetworkService => 0 B
Jakub => 116958729 B

RecycleBin => 0 B
EmptyTemp: => 611.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:59:56 ====

[Conder]

Spusti kontrolu integrity systemovych suborov:

• Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
• Skopiruj a spusti prikaz:

  Kód: Vybrat vše

  DISM.exe /Online /Cleanup-image /Restorehealth

• Po dokonceni skopiruj a spusti druhy prikaz:

  Kód: Vybrat vše

  sfc /scannow

• Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

  Kód: Vybrat vše

  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt

• Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
• Restartuj PC a napis ako sa chova PC

[pesslovany]

Zdá se že je to mnohem lepší, dekuji.

[Conder]

Odporucam este doinstalovat vsetky dolezite aktualizacie cez Windows Update.

Su este nejake problemy s PC?

[pesslovany]

Vše je v pohodě, díky.

[Conder]

Tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"