Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu - využití CPU 100%

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
flustr
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 10 led 2007 12:21

Kontrola logu - využití CPU 100%

#1 Příspěvek od flustr »

Dobrý den,
prosím o kontrolu logu, PC je zasekaný a využití CPU je 100%.
Děkuji
M.

LOG z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-11-2019 01
Ran by M (administrator) on M-PC (Acer, inc. Aspire 7730G) (09-11-2019 23:39:13)
Running from C:\Users\M\Desktop
Loaded Profiles: M (Available Profiles: M)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\ACER\Mobility Center\MobilityService.exe
() [File not signed] C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
() [File not signed] C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
() [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() [File not signed] C:\Windows\PLFSetI.exe
(Acer Corp.) [File not signed] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
(Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
(acer) [File not signed] C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
(Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\wsc_proxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(CyberLink -> ) [File not signed] C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(CyberLink -> ) C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(CyberLink Corp.) [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(CyberLink) [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE
(DT Soft Ltd -> DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(EGIS TECHNOLOGY INC. -> Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(EGIS TECHNOLOGY INC. -> Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(McAfee, Inc. -> ) C:\Program Files\SiteAdvisor\6172\SAService.exe
(McAfee, Inc. -> ) C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcagent.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\MPF\MpfSrv.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\MSC\mcmscsvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\MSC\mcuimgr.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\MSK\msksrver.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\VirusScan\Mcshield.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcsysmon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(NewTech Infosystems, Inc -> ) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
(NewTech Infosystems, Inc -> NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
(NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Users\M\AppData\Local\Temp\RtkBtMnt.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-18] (Synaptics Incorporated -> Synaptics, Inc.)
HKLM\...\Run: [mcagent_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [582992 2007-08-03] (McAfee, Inc. -> McAfee, Inc.)
HKLM\...\Run: [SiteAdvisor] => C:\Program Files\SiteAdvisor\6172\SiteAdv.exe [36640 2007-08-24] (McAfee, Inc. -> )
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated)
HKLM\...\Run: [eAudio] => C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [544768 2008-03-07] (Acer Incorporated) [File not signed]
HKLM\...\Run: [ePower_DMC] => C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [397312 2008-04-23] (Acer Inc.) [File not signed]
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-03-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BkupTray] => C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [34040 2008-04-06] (NewTech Infosystems, Inc -> )
HKLM\...\Run: [WarReg_PopUp] => C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [303104 2008-01-29] (Acer Incorporated) [File not signed]
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2019-01-20] (Google) [File not signed]
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13543968 2008-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] => C:\Windows\system32\NvMcTray.dll [92704 2008-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [821768 2008-07-02] (Dritek System Inc. -> Dritek System Inc.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2007-10-23] () [File not signed]
HKLM\...\Run: [eRecoveryService] => [X]
HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3607040 2019-01-20] (Arachnoid Biometrics Identification Group Corp.) [File not signed]
HKLM\...\Run: [ArcadeDeluxeAgent] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [147456 2008-05-12] (CyberLink Corp.) [File not signed]
HKLM\...\Run: [CLMLServer] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [167936 2008-05-12] (CyberLink) [File not signed]
HKLM\...\Run: [PlayMovie] => C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [167936 2008-05-12] (Acer Corp.) [File not signed]
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2019-01-20] (Google Inc -> Google Inc.)
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\MountPoints2: {717ef116-809d-11e9-a10d-001e68e29a2d} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\MountPoints2: {8a35db69-1ce9-11e9-a6d3-001e68e29a2d} - G:\Setup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-01-21] (Google Inc -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{5ECD2B32-EE53-4D02-8C18-089742CE5065}] -> C:\Program Files\Acer\Acer Bio Protection\CompPtc.dll [2019-01-20] (Arachnoid Biometrics Identification Group Corp.) [File not signed]
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [113664 2019-01-20] (Google) [File not signed]
Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2019-01-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B34765D-F2D6-44DC-ABFC-55406D69F849} - System32\Tasks\{F97BB80E-C520-4090-B3D5-7A7044C7FA95} => C:\Windows\system32\pcalua.exe -a C:\Users\M\Downloads\NESetup2_1_50.exe -d C:\Users\M\Downloads
Task: {32960FBD-0293-4AD0-B7A1-373745F2AA6A} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [2762968 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {488B3D63-D490-4CA5-B32D-316793B38CB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-01-20] (Google Inc -> Google Inc.)
Task: {A4EA5DEC-D1A3-4CEA-8F18-8F7C1529B29D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-01-20] (Google Inc -> Google Inc.)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => %windir%\system32\rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries <==== ATTENTION
Task: {AC08AC55-AD00-4EA0-A702-8829E84D0F56} - System32\Tasks\{10062B7A-352E-4B8F-8589-4AF9CDD2208B} => C:\Windows\system32\pcalua.exe -a C:\Users\M\Desktop\Posudky\program\NESetup2_1_50.exe -d C:\Users\M\Desktop\Posudky\program
Task: {CE8F76AC-4696-4EDB-8A03-B8B5A71B59BD} - System32\Tasks\McDefragTask => c:\Program Files\McAfee\MQC\QcConsol.exe [222496 2007-07-25] (McAfee, Inc. -> McAfee, Inc.)
Task: {D84EE40D-36D4-47B2-BC93-78477300B96D} - System32\Tasks\McQcTask => c:\Program Files\McAfee\MQC\QcConsol.exe [222496 2007-07-25] (McAfee, Inc. -> McAfee, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\McDefragTask.job => c:\PROGRA~1\mcafee\mqc\QcConsol.exe C:\Windows\system32\defrag.exe
Task: C:\Windows\Tasks\McQcTask.job => c:\PROGRA~1\mcafee\mqc\QcConsol.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Microsoft Windows -> Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 217.144.16.197 217.144.16.199 192.168.1.254
Tcpip\..\Interfaces\{43BD8E87-7A28-43E2-AEE4-22D9B5859752}: [DhcpNameServer] 217.144.16.197 217.144.16.199 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0119&m=aspire_7730g
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://cs.intl.acer.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-709419016-1147377520-125327568-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0119&m=aspire_7730g
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-709419016-1147377520-125327568-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... SK832SK833
SearchScopes: HKU\S-1-5-21-709419016-1147377520-125327568-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... SK832SK833
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: No Name -> {089FD14D-132B-48FC-8861-0048AE113215} -> C:\Program Files\SiteAdvisor\6172\SiteAdv.dll [2007-08-24] (McAfee, Inc. -> )
BHO: McAfee Phishing Filter -> {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} -> c:\Program Files\McAfee\MSK\mcapbho.dll [2007-09-19] (McAfee, Inc. -> )
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-10-24] (McAfee, Inc. -> McAfee, Inc.)
BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-21] (Google Inc -> Google Inc.)
Toolbar: HKLM - McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll [2007-08-24] (McAfee, Inc. -> )
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-21] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-709419016-1147377520-125327568-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-21] (Google Inc -> Google Inc.)
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6172\SiteAdv.dll [2007-08-24] (McAfee, Inc. -> )

FireFox:
========
FF ProfilePath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\89bh58pq.default [2019-01-21]
FF NetworkProxy: Mozilla\Firefox\Profiles\89bh58pq.default -> type", 0
FF HKU\.DEFAULT\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6172\FF
FF Extension: (McAfee SiteAdvisor) - C:\Program Files\SiteAdvisor\6172\FF [2008-04-14] [Legacy] [not signed]
FF HKU\S-1-5-19\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6172\FF
FF HKU\S-1-5-20\...\Firefox\Extensions: [{1650a312-02bc-40ee-977e-83f158701739}] - C:\Program Files\SiteAdvisor\6172\FF
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN -> VideoLAN) [File not signed]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-branding.js [2010-09-14]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-l10n.js [2010-09-14]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox.js [2010-09-14]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\reporter.js [2010-09-14]

Chrome:
=======
CHR Notifications: Default -> hxxps://a.robotcaptcha2.info; hxxps://cz1n.kingdoms.com; hxxps://cz1n.kingdoms.com; hxxps://www.artofzoo.com
CHR Profile: C:\Users\M\AppData\Local\Google\Chrome\User Data\Default [2019-11-09]
CHR Extension: (Prezentace) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-21]
CHR Extension: (Dokumenty) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-21]
CHR Extension: (Disk Google) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-21]
CHR Extension: (YouTube) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-21]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-10-20]
CHR Extension: (Tabulky) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-22]
CHR Extension: (Avast Online Security) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-10-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-20]
CHR Extension: (Gmail) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Windows\system32\agrsmsvc.exe [13312 2008-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Agere Systems)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [6799632 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [324000 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [File not signed]
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] (CyberLink -> ) [File not signed]
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-03-21] () [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel(R) Corporation) [File not signed]
S3 GoogleDesktopManager-080708-050100; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2019-01-20] (Google) [File not signed]
R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3471360 2019-01-20] () [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 mcmscsvc; C:\Program Files\McAfee\MSC\mcmscsvc.exe [749904 2007-08-04] (McAfee, Inc. -> McAfee, Inc.)
R2 McNASvc; c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe [2376992 2008-03-20] (McAfee, Inc. -> McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [378184 2007-07-25] (McAfee, Inc. -> McAfee, Inc.)
R2 McProxy; c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe [359248 2007-08-15] (McAfee, Inc. -> McAfee, Inc.)
R2 McShield; C:\Program Files\McAfee\VirusScan\Mcshield.exe [144704 2007-07-24] (McAfee, Inc. -> McAfee, Inc.)
R3 McSysmon; C:\Program Files\McAfee\VirusScan\mcsysmon.exe [695624 2007-07-25] (McAfee, Inc. -> McAfee, Inc.)
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [File not signed]
R2 MpfService; C:\Program Files\McAfee\MPF\MPFSrv.exe [856864 2007-07-18] (McAfee, Inc. -> McAfee, Inc.)
R2 MSK80Service; C:\Program Files\McAfee\MSK\MskSrver.exe [23880 2007-08-24] (McAfee, Inc. -> McAfee, Inc.)
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-04] () [File not signed]
R2 nvsvc; C:\Windows\system32\nvvsvc.exe [196608 2008-08-07] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel(R) Corporation) [File not signed]
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] (CyberLink -> )
R2 SiteAdvisor Service; C:\Program Files\SiteAdvisor\6172\SAService.exe [341280 2008-04-14] (McAfee, Inc. -> )
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AgereSoftModem; C:\Windows\System32\DRIVERS\AGRSM.sys [1202560 2008-02-29] (Microsoft Windows Hardware Compatibility Publisher -> Agere Systems)
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2019-01-20] (Dejan Maksimovic -> Alfa Corporation)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784552 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397984 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146688 2008-04-25] (AuthenTec, Inc. -> AuthenTec, Inc.)
R3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [210432 2008-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
S3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [80424 2008-02-14] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwavdt; C:\Windows\System32\drivers\btwavdt.sys [80936 2007-07-16] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [16168 2007-07-16] (Broadcom Corporation -> Broadcom Corporation.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2019-01-20] (DT Soft Ltd -> DT Soft Ltd)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Microsoft Windows -> Společnost Microsoft)
R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed]
S4 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S4 iteraid; C:\Windows\system32\drivers\iteraid.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
R3 JMCR; C:\Windows\System32\DRIVERS\jmcr.sys [81296 2008-04-21] (Contoso.com(Test) -> JMicron Technology Corp.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [79304 2007-07-24] (McAfee, Inc. -> McAfee, Inc.)
R3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [35240 2007-07-21] (McAfee, Inc. -> McAfee, Inc.)
R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [201288 2007-07-21] (McAfee, Inc. -> McAfee, Inc.)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [33800 2007-07-24] (McAfee, Inc. -> McAfee, Inc.)
R3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40488 2007-07-21] (McAfee, Inc. -> McAfee, Inc.)
R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [125728 2007-07-13] (McAfee, Inc. -> McAfee, Inc.)
S4 Mraid35x; C:\Windows\system32\drivers\mraid35x.sys [33384 2006-11-02] (Microsoft Windows -> LSI Logic Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1083880 2009-04-11] (Microsoft Windows -> Společnost Microsoft)
R2 NTIPPKernel; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [122368 2008-01-16] (Cyberlink Corp.) [File not signed]
S4 ntrigdigi; C:\Windows\system32\drivers\ntrigdigi.sys [20608 2006-11-02] (Microsoft Windows -> N-trig Innovative Technologies)
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [7545824 2008-08-07] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S4 uliahci; C:\Windows\system32\drivers\uliahci.sys [238648 2008-01-21] (Microsoft Windows -> ULi Electronics Inc.)
S4 UlSata; C:\Windows\system32\drivers\ulsata.sys [98408 2006-11-02] (Microsoft Windows -> Promise Technology, Inc.)
S4 ulsata2; C:\Windows\system32\drivers\ulsata2.sys [115816 2008-01-21] (Microsoft Windows -> Promise Technology, Inc.)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Winbond Electronics Corporation)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-05-09] (CyberLink -> Cyberlink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-09 23:39 - 2019-11-09 23:43 - 000030278 _____ C:\Users\M\Desktop\FRST.txt
2019-11-09 23:38 - 2019-11-09 23:40 - 000000000 ____D C:\FRST
2019-11-09 23:37 - 2019-11-09 23:36 - 001988096 _____ (Farbar) C:\Users\M\Desktop\FRST.exe
2019-11-09 23:36 - 2019-11-09 23:36 - 001988096 _____ (Farbar) C:\Users\M\Downloads\FRST.exe
2019-11-09 22:01 - 2019-11-09 22:01 - 000001767 _____ C:\Users\M\Desktop\Counter Strike 1.6 Non Steam.lnk
2019-11-09 21:48 - 2019-11-09 21:50 - 000003680 _____ C:\Users\M\Desktop\SERVERY.txt
2019-11-09 21:15 - 2019-11-09 21:15 - 000001457 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2019-11-09 21:15 - 2019-11-09 21:15 - 000001457 _____ C:\ProgramData\Desktop\Counter-Strike 1.6.lnk
2019-11-09 19:23 - 2019-11-09 22:01 - 000001783 _____ C:\Users\M\Desktop\Dedicated Server.lnk
2019-11-09 19:14 - 2019-11-09 22:01 - 000000000 ____D C:\Program Files\Valve
2019-11-09 18:47 - 2019-11-09 18:47 - 000000000 ____D C:\Program Files\Common Files\Steam
2019-11-07 21:40 - 2019-11-07 21:40 - 000000000 ____D C:\Users\M\AppData\Roaming\CyberLink
2019-10-26 18:19 - 2019-10-26 21:15 - 000000000 ____D C:\Users\M\Desktop\videa
2019-10-23 10:03 - 2019-10-23 10:03 - 000046080 _____ C:\Users\M\Downloads\TMT DAILY PLANNING.xls
2019-10-23 09:50 - 2019-10-23 09:50 - 000044544 _____ C:\Users\M\Downloads\1191167100.xls
2019-10-23 09:50 - 2019-10-23 09:50 - 000014033 _____ C:\Users\M\Downloads\Tabulka 3P204.xlsx
2019-10-23 09:50 - 2019-10-23 09:50 - 000014033 _____ C:\Users\M\Downloads\Tabulka 3P204 (1).xlsx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-09 23:38 - 2019-01-22 21:53 - 000054377 _____ C:\ProgramData\nvModes.dat
2019-11-09 23:38 - 2019-01-22 21:53 - 000054377 _____ C:\ProgramData\nvModes.001
2019-11-09 23:35 - 2006-11-02 13:47 - 000003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-11-09 23:35 - 2006-11-02 13:47 - 000003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-11-09 23:08 - 2008-01-21 07:47 - 001418230 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-09 23:08 - 2008-01-21 07:46 - 000607464 _____ C:\Windows\system32\perfh005.dat
2019-11-09 23:08 - 2008-01-21 07:46 - 000118096 _____ C:\Windows\system32\perfc005.dat
2019-11-09 23:08 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2019-11-09 23:03 - 2008-04-14 15:07 - 000017195 _____ C:\Windows\system32\Config.MPF
2019-11-09 23:01 - 2019-01-20 19:54 - 000000000 _____ C:\Windows\system32\LogConfigTemp.xml
2019-11-09 23:00 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-09 22:58 - 2019-01-20 23:04 - 000000012 _____ C:\Windows\bthservsdp.dat
2019-11-09 22:58 - 2006-11-02 14:01 - 000027304 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-11-09 21:02 - 2019-01-22 22:50 - 000000000 _____ C:\Windows\system32\last.dump
2019-11-09 19:14 - 2008-04-14 14:54 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2019-11-08 19:38 - 2019-01-20 20:01 - 000000000 ____D C:\Users\M\AppData\Local\PowerCinema
2019-11-05 19:50 - 2019-01-20 19:35 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-05 19:50 - 2019-01-20 19:35 - 000003248 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-05 19:49 - 2019-01-20 19:26 - 000000000 ____D C:\Program Files\Google
2019-11-05 18:52 - 2019-01-22 22:03 - 000004170 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-11-03 19:49 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\LiveKernelReports
2019-10-26 21:43 - 2019-01-20 20:59 - 000000000 ____D C:\Users\M\AppData\Roaming\vlc

==================== Files in the root of some directories ========

2019-01-20 19:25 - 2019-01-20 20:02 - 000000680 _____ () C:\Users\M\AppData\Local\d3d9caps.dat
2019-01-20 21:05 - 2019-04-18 15:04 - 000006144 _____ () C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-11-09 23:07
==================== End of FRST.txt ========================

Addition:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-11-2019 01
Ran by M (09-11-2019 23:45:59)
Running from C:\Users\M\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2019-01-20 17:20:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-709419016-1147377520-125327568-500 - Administrator - Disabled)
Guest (S-1-5-21-709419016-1147377520-125327568-501 - Limited - Disabled)
M (S-1-5-21-709419016-1147377520-125327568-1000 - Administrator - Enabled) => C:\Users\M

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3C3813E1-C370-4F32-9639-8B43C7C780CD}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{F67648A4-713E-4298-BBAD-A83D8283B0F3}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{2659571A-3405-4486-B7D8-2F125BC0E3B2}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
Acer Arcade Deluxe (HKLM\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 2.0.5315 - CyberLink Corp.) Hidden
Acer Arcade Deluxe (HKLM\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 2.0.5315 - CyberLink Corp.)
Acer Bio Protection

AAA 6.0.00.13 (HKLM\...\Acer Acer Bio Protection 6.0.00.13) (Version: - )
Acer Crystal Eye Webcam 2.0.8 (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 2.0.8 - SuYin)
Acer eAudio Management (HKLM\...\{57265292-228A-41FA-9AEC-4620CBCC2739}) (Version: 3.0.3007 - CyberLink Corp.)
Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 3.0.3060 - Egis Inc.)
Acer Empowering Technology (HKLM\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.0.3006 - Acer Incorporated)
Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 3.0.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.0.3013 - Acer Incorporated)
Acer eSettings Management (HKLM\...\{13D85C14-2B85-419F-AC41-C7F21E68B25D}) (Version: 3.0.3007 - Acer Incorporated)
Acer GameZone Console 2.0.1.1 (HKLM\...\Acer GameZone Console_is1) (Version: - Oberon Media, Inc.)
Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - )
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 3.0.3000 - Acer Inc.)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 1.12.0506 - Acer Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Agatha Christie Death on the Nile (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}) (Version: - Oberon Media)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
AuthenTec Fingerprint Sensor Minimum Install (HKLM\...\{31A5ED9F-E07B-4F6E-8179-27325BAAC502}) (Version: 7.10.0.1129 - AuthenTec)
AutoCAD 2009 - český (HKLM\...\{5783F2D7-7001-0405-0002-0060B0CE6BBA}) (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2009 - český (HKLM\...\AutoCAD 2009 - český) (Version: 17.2.56.0 - Autodesk)
Autodesk Design Review 2009 (HKLM\...\{450063AA-643B-417C-8CF5-405BA3F4EF40}) (Version: 9.0.96 - Autodesk, Inc.) Hidden
Autodesk Design Review 2009 (HKLM\...\Autodesk Design Review 2009) (Version: 9.0.96 - Autodesk, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
AVerMedia A310 (MiniCard, DVB-T) 1.1.0.27 (HKLM\...\AVerMedia A310 (MiniCard, DVB-T)) (Version: 1.1.0.27 - AVerMedia TECHNOLOGIES, Inc.)
Azada (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}) (Version: - Oberon Media)
Backspin Billiards (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}) (Version: - Oberon Media)
Big Kahuna Reef (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}) (Version: - Oberon Media)
Bookworm Deluxe (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}) (Version: - Oberon Media)
Bricks of Egypt (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}) (Version: - Oberon Media)
Broadcom Gigabit Integrated Controller (HKLM\...\{A64A5576-D862-44F8-89DC-2B17FCC9B86E}) (Version: 11.11.03 - Broadcom Corporation)
Cake Mania (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Diner Dash Flo on the Go (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}) (Version: - Oberon Media)
eSobi v2 (HKLM\...\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.3.000189 - esobi Inc.) Hidden
eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.3.000189 - esobi Inc.)
Flip Words 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}) (Version: - Oberon Media)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.7.0808.07150 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.2.183.23 - Google Inc.) Hidden
Chicken Invaders 3 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}) (Version: - Oberon Media)
Chuzzle (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}) (Version: - Oberon Media)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Jewel Quest Solitaire (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}) (Version: - Oberon Media)
JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.10.04 - JMicron Technology Corp.)
Kick N Rush (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}) (Version: - Oberon Media)
Launch Manager (HKLM\...\LManager) (Version: - )
LightScribe 1.4.142.1 (HKLM\...\{CE386A4E-D0DA-4208-8235-BCE43275C694}) (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Mahjong Escape Ancient China (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media)
Mahjongg Artifacts (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}) (Version: - Oberon Media)
McAfee SecurityCenter (HKLM\...\MSC) (Version: - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Works (HKLM\...\{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox (3.6.10) (HKLM\...\Mozilla Firefox (3.6.10)) (Version: 3.6.10 (cs) - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Case Files - Huntsville (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}) (Version: - Oberon Media)
Mystery Solitaire - Secret Island (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}) (Version: - Oberon Media)
NemExpress (HKLM\...\NemExpress) (Version: NemExpress version 1.11 - PLUTO-OLT spol. s r. o.)
NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.503 - NewTech Infosystems)
NTI Backup Now Standard (HKLM\...\{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.503 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM\...\{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6322 - Název společnosti:) Hidden
NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6322 - Název společnosti:)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
Orion (HKLM\...\{5B63A470-9334-44D1-AF61-6CE2DB565AE9}) (Version: 2.0.1 - Convesoft)
PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.4619 - CyberLink Corp.)
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2713 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2713 - CyberLink Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5612 - Realtek Semiconductor Corp.)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{35C0A1E4-D02A-412C-841F-266DBB116ABB}) (Version: 12.02.0000 - Intel(R) Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.2.4.0 - Synaptics)
Turbo Pizza (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}) (Version: - Oberon Media)
Update for Office 2007 (KB946691) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A420F522-7395-4872-9882-C591B4B92278}) (Version: - Microsoft)
VBA (2627.01) (HKLM\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.6300 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6300 - Broadcom Corporation)
Winbond CIR Device Drivers (HKLM\...\{10F498FF-5392-4DF3-8F73-FE172A9F3800}) (Version: 7.60.1012 - Winbond Electronics Corporation)
Zuma Deluxe (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}) (Version: - Oberon Media)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2009\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2008-02-10] (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2008-02-10] (Autodesk, Inc -> Autodesk) [File not signed]
ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2008-01-21] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSshellExt.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated.)
ContextMenuHandlers1: [McCtxMenu] -> {01576F39-90DE-4D6E-A068-5B20C22BAAEE} => c:\Program Files\McAfee\VirusScan\mcctxmnu.dll [2007-07-25] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSshellExt.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {A70C977A-BF00-412C-90B7-034C51DA2439} => C:\Windows\system32\nvcpl.dll [2008-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [McCtxMenu] -> {01576F39-90DE-4D6E-A068-5B20C22BAAEE} => c:\Program Files\McAfee\VirusScan\mcctxmnu.dll [2007-07-25] (McAfee, Inc. -> McAfee, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2008-04-14 15:47 - 2007-11-27 14:08 - 000032768 _____ () [File not signed] C:\Acer\Mobility Center\MobilityInterface.dll
2008-05-12 22:11 - 2008-05-12 22:11 - 000753664 ____N () [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
2008-05-12 22:11 - 2008-05-12 22:11 - 000007680 ____N () [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
2019-01-20 19:57 - 2019-01-20 19:57 - 000080896 _____ () [File not signed] C:\Program Files\Acer\Acer Bio Protection\PwdFilter.dll
2008-04-14 15:14 - 2008-03-07 02:35 - 000016384 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eAudio\eAudioSrvPlugin.dll
2008-04-14 15:11 - 2008-05-26 14:37 - 000016384 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll
2008-04-14 15:11 - 2008-05-26 14:39 - 000143360 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll
2008-04-14 15:11 - 2008-05-26 14:40 - 000016384 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll
2008-04-14 15:11 - 2008-05-26 14:37 - 000036864 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll
2008-10-16 16:57 - 2008-10-16 16:57 - 000200704 _____ () [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2008-04-04 01:54 - 2008-04-04 01:54 - 000003072 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 001024000 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000098304 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000061440 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll
2008-02-12 13:12 - 2008-02-12 13:12 - 000126976 _____ () [File not signed] C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2019-01-21 22:04 - 2016-09-06 11:00 - 000147456 _____ () [File not signed] C:\Users\M\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
2019-01-21 22:04 - 2016-09-06 11:00 - 005197312 _____ () [File not signed] C:\Users\M\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000028672 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3006.0__672b450de5a7e94a\Framework.Host.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000061440 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000032768 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3006.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000020480 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000016384 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3006.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000036864 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll
2008-04-14 15:14 - 2008-04-23 14:58 - 000204800 _____ () [File not signed] C:\Windows\System32\SysHook.dll
2019-01-20 19:56 - 2019-01-20 19:56 - 000208896 _____ (ABIG) [File not signed] C:\Windows\system32\ATSC70PBA.dll
2008-04-14 15:14 - 2008-04-23 14:58 - 000016384 _____ (Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\ePowerSrvPlugin.dll
2008-04-14 15:14 - 2008-04-23 14:57 - 000032768 _____ (Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\WMIInterface.dll
2008-04-14 15:14 - 2008-04-23 14:57 - 000091648 _____ (Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\WMIServiceDLL.dll
2019-01-20 19:54 - 2008-06-04 13:01 - 000057344 _____ (Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.RemoteServer.dll
2019-01-20 19:54 - 2008-04-29 09:37 - 000028672 _____ (Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.ServicePlugin.dll
2019-01-20 19:53 - 2008-04-29 09:37 - 000016384 _____ (Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\Service\eRecovery.RemoteServerInterface.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000569344 _____ (Acer PVL) [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.UIComponent\3.0.3006.0__739b31b1908c49e5\Framework.UIComponent.dll
2008-04-14 15:10 - 2008-03-21 12:22 - 000005120 _____ (acer) [File not signed] C:\Program Files\Acer\Empowering Technology\NotificationCenter\cs\Framework.NotificationCenter.resources.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000020480 _____ (acer) [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Service.Utility\3.0.3006.0__40d56bd2d2a1d6f8\Framework.Service.Utility.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000032768 _____ (acer) [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Utility.CommonFunctions\3.0.3006.0__770d2a375f176870\Framework.Utility.CommonFunctions.dll
2019-01-20 19:57 - 2008-05-19 03:58 - 000666624 _____ (Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\CustomRes.dll
2019-01-20 19:57 - 2019-01-20 19:57 - 000126976 _____ (Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\FPLaunchCache.dll
2008-04-22 15:49 - 2008-04-22 15:49 - 001207296 _____ (AuthenTec, Inc.) [File not signed] C:\Windows\system32\ATSC70.DLL
2008-02-10 08:31 - 2008-02-10 08:31 - 000128664 _____ (Autodesk, Inc -> Autodesk) [File not signed] C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll
2008-02-10 08:28 - 2008-02-10 08:28 - 000307352 _____ (Autodesk, Inc -> Autodesk, Inc.) [File not signed] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll
2008-02-10 08:08 - 2008-02-10 08:08 - 000043160 _____ (Autodesk, Inc -> Autodesk, Inc.) [File not signed] C:\Windows\system32\AcSignIcon.dll
2019-11-09 21:54 - 2019-11-09 21:54 - 006743880 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19110902\algo.dll
2019-11-09 21:54 - 2019-11-09 21:54 - 000340960 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19110902\arPot.dll
2019-11-09 21:54 - 2019-11-09 21:54 - 000388464 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19110902\aswArray.dll
2019-11-09 21:54 - 2019-11-09 21:54 - 000539336 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19110902\aswCleanerDLL.dll
2019-11-09 21:54 - 2019-11-09 21:54 - 000510848 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19110902\aswCmnBS.dll
2019-11-09 21:54 - 2019-11-09 21:54 - 000436984 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19110902\aswCmnIS.dll
2019-11-09 21:54 - 2019-11-09 21:54 - 000159664 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19110902\aswCmnOS.dll
2019-11-09 21:54 - 2019-11-09 21:54 - 001622360 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19110902\aswEngin.dll
2019-11-09 21:54 - 2019-11-09 21:54 - 000617296 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19110902\aswFiDb.dll
2019-11-09 21:54 - 2019-11-09 21:54 - 000423600 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19110902\aswRep.dll
2019-11-09 21:54 - 2019-11-09 21:54 - 002059288 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19110902\swhealthex2.dll
2019-01-22 22:05 - 2019-01-22 22:05 - 002387776 _____ (AVAST Software s.r.o. -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Alwil Software\Avast5\libcrypto-1_1.dll
2019-01-22 22:05 - 2019-01-22 22:05 - 000512832 _____ (AVAST Software s.r.o. -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Alwil Software\Avast5\libssl-1_1.dll
2008-02-12 12:46 - 2008-02-12 05:46 - 000102400 _____ (Broadcom Corporation.) [File not signed] C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll
2008-02-12 13:19 - 2008-02-12 13:19 - 000208896 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btmmhook.dll
2008-02-12 12:36 - 2008-02-12 12:36 - 000184320 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btncopy.dll
2008-02-12 12:46 - 2008-02-12 12:46 - 000233472 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btosif.dll
2008-02-12 12:26 - 2008-02-12 12:26 - 005271552 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btrez.dll
2008-02-12 12:31 - 2008-02-12 12:31 - 000602112 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btwapi.dll
2008-02-12 12:58 - 2008-02-12 12:58 - 000393216 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btwhidcs.DLL
2008-05-12 22:11 - 2008-05-12 22:11 - 000047616 ____N (CyberLink Corp.) [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\Common\CLRCEngine3.dll
2008-04-14 15:14 - 2008-03-04 12:18 - 000008192 _____ (CyberLink) [File not signed] C:\Program Files\Acer\Empowering Technology\eAudio\Language\CSY\LangCSY.dll
2007-01-17 10:20 - 2007-01-17 10:20 - 000032768 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSLog.dll
2007-01-17 10:20 - 2007-01-17 10:20 - 000081920 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
2008-04-14 15:06 - 2006-03-03 10:07 - 000143360 _____ (Inner Media, Inc.) [File not signed] C:\Windows\system32\Dunzip32.dll
2019-01-20 19:41 - 2008-07-20 17:43 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\CSY\IAAMon_CSY.dll
2019-01-20 19:41 - 2008-07-20 17:42 - 000118784 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\CSY\PlugInRAID_CSY.dll
2019-01-20 19:41 - 2008-07-20 17:32 - 000204800 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
2008-10-16 16:54 - 2008-10-16 16:54 - 000655360 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2008-10-16 16:56 - 2008-10-16 16:56 - 000581632 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2008-10-16 16:56 - 2008-10-16 16:56 - 000499712 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2008-10-16 17:07 - 2008-10-16 17:07 - 000864256 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2008-10-16 16:59 - 2008-10-16 16:59 - 001519616 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2008-10-16 16:58 - 2008-10-16 16:58 - 000135168 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2008-10-16 17:05 - 2008-10-16 17:05 - 000987136 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2008-04-14 15:05 - 2007-11-08 11:11 - 002724006 ____R (McAfee, Inc.) [File not signed] C:\Program Files\McAfee\VirusScan\Engine\5200.2160\mcscan32.dll
2019-01-20 20:01 - 2008-05-09 11:55 - 001060864 ____N (Microsoft Corporation) [File not signed] C:\Program Files\Acer Arcade Deluxe\PlayMovie\MFC71.DLL
2019-01-20 20:01 - 2008-05-09 11:55 - 000499712 ____N (Microsoft Corporation) [File not signed] C:\Program Files\Acer Arcade Deluxe\PlayMovie\MSVCP71.dll
2019-01-20 20:01 - 2008-05-09 11:55 - 000348160 ____N (Microsoft Corporation) [File not signed] C:\Program Files\Acer Arcade Deluxe\PlayMovie\MSVCR71.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\MSVCP71.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\MSVCR71.dll
2008-02-28 21:43 - 2008-02-28 21:43 - 001047552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MFC71U.DLL
2008-02-28 21:43 - 2008-02-28 21:43 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MSVCP71.dll
2008-02-28 21:43 - 2008-02-28 21:43 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MSVCR71.dll
2008-05-12 22:10 - 2008-05-12 22:10 - 001060864 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MFC71.DLL
2008-05-12 22:10 - 2008-05-12 22:10 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSVCP71.dll
2008-05-12 22:10 - 2008-05-12 22:10 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSVCR71.dll
2008-04-14 14:45 - 2008-04-14 14:45 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL
2008-04-14 14:45 - 2008-04-14 14:45 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL
2008-04-06 21:23 - 2008-04-06 21:23 - 000376832 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKaux.dll
2008-04-04 01:54 - 2008-04-04 01:54 - 000036864 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKauxLOC.dll
2008-04-08 05:46 - 2008-04-08 05:46 - 000319488 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKImage.dll
2008-04-04 01:54 - 2008-04-04 01:54 - 000036864 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKImageLOC.dll
2008-04-04 01:52 - 2008-04-04 01:52 - 000135168 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\CdrMmc32.dll
2008-04-04 02:14 - 2008-04-04 02:14 - 000241664 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Cdrw32.dll
2008-04-04 02:15 - 2008-04-04 02:15 - 000069632 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\CdrwEx32.dll
2008-03-03 12:11 - 2008-03-03 12:11 - 000086016 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\listor.dll
2008-03-03 12:11 - 2008-03-03 12:11 - 000011776 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\locator.dll
2008-04-06 21:22 - 2008-04-06 21:22 - 000159744 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Data32.dll
2008-04-04 01:52 - 2008-04-04 01:52 - 000069632 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Hddrw32.dll
2008-04-04 01:52 - 2008-04-04 01:52 - 000014336 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\ImagFile.dll
2008-04-07 03:52 - 2008-04-07 03:52 - 000065536 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Scd32.dll
2008-04-04 02:03 - 2008-04-04 02:03 - 000009728 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvcLOC.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
2007-09-06 09:28 - 2007-09-06 09:28 - 001089536 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-709419016-1147377520-125327568-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2019-11-09 23:01 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-709419016-1147377520-125327568-1000\Control Panel\Desktop\\Wallpaper -> c:\Windows\Web\wallpaper\Acer01.jpg
DNS Servers: 217.144.16.197 - 217.144.16.199
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7F0D6FA9-281E-4261-8ED2-7A7097924CEA}] => (Allow) C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{25EDAE7F-F1EB-4B8F-BC4F-6A7325166AE3}] => (Allow) C:\Program Files\Cyberlink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.) [File not signed]
FirewallRules: [{83FF83CE-F875-4D7D-A9B5-EE60C20AF335}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () [File not signed]
FirewallRules: [{E7D0F75B-7A5D-4B64-B9EA-76A99A62111B}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () [File not signed]
FirewallRules: [{119C3235-7ED9-40B7-97AE-2A871ACA9723}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.) [File not signed]
FirewallRules: [{C06A3F7E-5592-411D-B1D9-A6779F6C9F32}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.) [File not signed]
FirewallRules: [{5C5BF230-09FE-4104-8509-46E87C2BB03F}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech Infosystems, Inc -> NewTech InfoSystems, Inc.)
FirewallRules: [{951A5035-3C8B-4C1A-B988-47DB52A6E2B7}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech Infosystems, Inc -> NewTech InfoSystems, Inc.)
FirewallRules: [{06617333-A7C8-46AE-A905-FC71BC2906B9}] => (Allow) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe (CyberLink -> Acer Incorporated) [File not signed]
FirewallRules: [{9E4B23B2-C371-4B67-B5CF-0106F370AB48}] => (Allow) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe (Acer Corp.) [File not signed]
FirewallRules: [{C3E80BD6-698B-4C71-97C0-E5AF6C09730E}] => (Allow) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) [File not signed]
FirewallRules: [{F23C0933-600A-47B6-9224-3783F4DC79E5}] => (Allow) C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe (Acer Incorporated) [File not signed]
FirewallRules: [{8DE3D4DB-ADA8-466D-9C24-010343ED9DD6}] => (Allow) LPort=80
FirewallRules: [{C1AC7C97-CE84-4EF6-B061-3F662BA54B7D}] => (Allow) LPort=80
FirewallRules: [{8FB702FF-1FFF-4134-B97C-C1095AFD9A51}] => (Allow) LPort=80
FirewallRules: [{137E2C99-F66D-4BA4-949F-89C3691E3425}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{A76A5251-7F8A-4DF2-906B-C5D7AF924735}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe No File
FirewallRules: [{FAF1B447-F42D-4699-B948-31E9C5006B30}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe No File
FirewallRules: [{ED36DCE8-C7F5-492D-93FA-A84113BDA029}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{9C94E4AC-8BC4-4E27-9308-0E596F90BC71}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{2EFF4FDC-0A51-4993-83A7-642F62C92788}] => (Allow) C:\Program Files\Steam\Steam.exe No File
FirewallRules: [{71E80469-F3E6-40F7-AEC5-30B6C0412BE8}] => (Allow) C:\Program Files\Steam\Steam.exe No File
FirewallRules: [TCP Query User{93E087E8-1AA3-4F29-9514-572E943B4BED}C:\program files\valve\hl.exe] => (Allow) C:\program files\valve\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{1C0568DD-4400-4BF5-9A4A-DAEF5EB3776C}C:\program files\valve\hl.exe] => (Allow) C:\program files\valve\hl.exe (Valve) [File not signed]

==================== Restore Points =========================

29-01-2019 20:11:50 avast! antivirus system restore point
30-01-2019 19:54:47 avast! antivirus system restore point
30-01-2019 20:16:31 avast! antivirus system restore point
31-01-2019 20:50:17 avast! antivirus system restore point
31-01-2019 22:08:22 avast! antivirus system restore point
03-02-2019 20:49:42 avast! antivirus system restore point
03-02-2019 22:08:22 avast! antivirus system restore point
05-02-2019 21:40:19 avast! antivirus system restore point
05-02-2019 22:08:33 avast! antivirus system restore point
10-02-2019 11:56:00 avast! antivirus system restore point
13-02-2019 21:07:45 avast! antivirus system restore point
11-03-2019 23:20:18 avast! antivirus system restore point
12-03-2019 20:59:25 avast! antivirus system restore point
29-03-2019 19:12:03 avast! antivirus system restore point
09-11-2019 18:44:08 Installed Steam
09-11-2019 19:12:39 ??????????? Counter-Strike 1.6
09-11-2019 20:48:12 Removed Steam
09-11-2019 21:05:36 ??????? Counter-Strike 1.6
09-11-2019 21:15:06 ??????????? Counter-Strike 1.6

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/09/2019 11:25:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program hl.exe verze 1.1.1.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID procesu: 910
Čas zahájení: 01d5974bd3b60df9
Čas ukončení: 467

Error: (11/09/2019 11:00:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/09/2019 09:52:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/09/2019 09:15:05 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {d663c471-ce7a-4841-86be-c4e12408260b}

Error: (11/09/2019 09:05:35 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {d663c471-ce7a-4841-86be-c4e12408260b}

Error: (11/09/2019 07:38:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program hl.exe verze 1.1.1.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Oznámení a řešení problémů.
ID procesu: 898
Čas zahájení: 01d5972c76879fc5
Čas ukončení: 0

Error: (11/09/2019 07:12:35 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {d663c471-ce7a-4841-86be-c4e12408260b}

Error: (11/09/2019 06:33:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (11/09/2019 11:01:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (11/09/2019 09:53:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (11/09/2019 09:02:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba aswbIDSAgent byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (11/09/2019 06:33:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (11/09/2019 06:32:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:30:07, 9.11.2019) bylo neočekávané.

Error: (11/09/2019 05:24:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (11/09/2019 05:23:25 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (23:17:04, 8.11.2019) bylo neočekávané.

Error: (11/08/2019 09:02:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba aswbIDSAgent byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.


CodeIntegrity:
===================================

Date: 2019-11-03 19:56:35.767
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-11-03 19:56:35.304
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-11-03 19:56:34.904
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-11-03 19:56:34.426
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-01-21 00:30:18.610
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-01-21 00:30:18.532
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-01-21 00:30:18.454
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-01-21 00:30:18.376
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Acer v0.3506 07/22/2008
Motherboard: Acer, Inc. Mammoth
Processor: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Percentage of memory in use: 82%
Total physical RAM: 3065.94 MB
Available physical RAM: 551.43 MB
Total Virtual: 6334.89 MB
Available Virtual: 3138.89 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:144.04 GB) (Free:80.76 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:144.04 GB) (Free:84.02 GB) NTFS

\\?\Volume{c749201a-1cd6-11e9-888f-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:10 GB) (Free:1.41 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 13AEAEC9)
Partition 1: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=144 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu - využití CPU 100%

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Aky proces najviac vytazuje procesor?

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
flustr
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 10 led 2007 12:21

Re: Kontrola logu - využití CPU 100%

#3 Příspěvek od flustr »

Ahoj,
děkuji za pomoc.

Procesy:
Není zde žádný výrazně omezující proces. Skáče tam hlavně - chrome. exe, taskmg.exe, dwm.exe, taskeng.exe, ePower_DMC.exe

Ale při zapnutí "všech uživatelů" žere svchost.exe až 40 a 730 000kB (navíc je tam vícekrát), avastSvc.exe 25 a audiodg.exe 15.
Dále se tam občas objevuje i položka “nečinné procesy systému” která bere až 95.
To jsou ti největší žrouti.

Log:

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build: 10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-10-2019
# Duration: 00:00:15
# OS: Windows Vista (TM) Home Premium
# Cleaned: 9
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files\Convesoft

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Deleted HKLM\Software\Classes\Installer\Features\074A36B543391D44FA16C62EBD65A59E
Deleted HKLM\Software\Classes\Installer\Products\074A36B543391D44FA16C62EBD65A59E
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\074A36B543391D44FA16C62EBD65A59E

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [22155 octets] - [10/11/2019 13:11:56]
AdwCleaner[S00].txt - [5318 octets] - [10/11/2019 13:13:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu - využití CPU 100%

#4 Příspěvek od Conder »

Polozka "Necinne procesy systemu" nevytazuje CPU, prave naopak to znazornuje nevyuzitie CPU. Ak chces vediet vyuzitie CPU, tak mozes vidiet v Spravcovi uloh na karte Vykon (a tiez v dolnej liste Spravcu uloh).

Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
flustr
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 10 led 2007 12:21

Re: Kontrola logu - využití CPU 100%

#5 Příspěvek od flustr »

nové logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-11-2019 01
Ran by M (administrator) on M-PC (Acer, inc. Aspire 7730G) (11-11-2019 23:09:30)
Running from C:\Users\M\Desktop
Loaded Profiles: M (Available Profiles: M)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\ACER\Mobility Center\MobilityService.exe
() [File not signed] C:\Program Files\Acer\Acer Bio Protection\BASVC.exe
() [File not signed] C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
() [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() [File not signed] C:\Windows\PLFSetI.exe
(Acer Corp.) [File not signed] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
(Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
(Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\CompPtcVUI.exe
(Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(CyberLink -> ) [File not signed] C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(CyberLink -> ) C:\Program Files\Cyberlink\Shared files\RichVideo.exe
(CyberLink Corp.) [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(CyberLink) [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
(DT Soft Ltd -> DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTLite.exe
(EGIS TECHNOLOGY INC. -> Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(EGIS TECHNOLOGY INC. -> Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(NewTech Infosystems, Inc -> ) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
(NewTech Infosystems, Inc -> NewTech InfoSystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
(NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
(Realtek Semiconductor Corp.) [File not signed] C:\Users\M\AppData\Local\Temp\RtkBtMnt.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [6111232 2008-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1033512 2008-01-18] (Synaptics Incorporated -> Synaptics, Inc.)
HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated)
HKLM\...\Run: [eAudio] => C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [544768 2008-03-07] (Acer Incorporated) [File not signed]
HKLM\...\Run: [ePower_DMC] => C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [397312 2008-04-23] (Acer Inc.) [File not signed]
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40048 2007-03-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [BkupTray] => C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [34040 2008-04-06] (NewTech Infosystems, Inc -> )
HKLM\...\Run: [WarReg_PopUp] => C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [303104 2008-01-29] (Acer Incorporated) [File not signed]
HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2019-01-20] (Google) [File not signed]
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-20] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [13543968 2008-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] => C:\Windows\system32\NvMcTray.dll [92704 2008-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [821768 2008-07-02] (Dritek System Inc. -> Dritek System Inc.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2007-10-23] () [File not signed]
HKLM\...\Run: [eRecoveryService] => [X]
HKLM\...\Run: [ZPdtWzdVitaKey MC3000] => C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [3607040 2019-01-20] (Arachnoid Biometrics Identification Group Corp.) [File not signed]
HKLM\...\Run: [ArcadeDeluxeAgent] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [147456 2008-05-12] (CyberLink Corp.) [File not signed]
HKLM\...\Run: [CLMLServer] => C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [167936 2008-05-12] (CyberLink) [File not signed]
HKLM\...\Run: [PlayMovie] => C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [167936 2008-05-12] (Acer Corp.) [File not signed]
HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [242392 2019-11-10] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2019-01-20] (Google Inc -> Google Inc.)
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd -> DT Soft Ltd)
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\MountPoints2: {717ef116-809d-11e9-a10d-001e68e29a2d} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\MountPoints2: {8a35db69-1ce9-11e9-a6d3-001e68e29a2d} - G:\Setup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-01-21] (Google Inc -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{5ECD2B32-EE53-4D02-8C18-089742CE5065}] -> C:\Program Files\Acer\Acer Bio Protection\CompPtc.dll [2019-01-20] (Arachnoid Biometrics Identification Group Corp.) [File not signed]
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [113664 2019-01-20] (Google) [File not signed]
Lsa: [Notification Packages] scecli C:\Program Files\Acer\Acer Bio Protection\PwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2019-01-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B34765D-F2D6-44DC-ABFC-55406D69F849} - System32\Tasks\{F97BB80E-C520-4090-B3D5-7A7044C7FA95} => C:\Windows\system32\pcalua.exe -a C:\Users\M\Downloads\NESetup2_1_50.exe -d C:\Users\M\Downloads
Task: {488B3D63-D490-4CA5-B32D-316793B38CB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-01-20] (Google Inc -> Google Inc.)
Task: {53D90854-83C2-402C-90D7-22F6B1D7F8E4} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [2762968 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
Task: {A4EA5DEC-D1A3-4CEA-8F18-8F7C1529B29D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [156968 2019-01-20] (Google Inc -> Google Inc.)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => %windir%\system32\rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries <==== ATTENTION
Task: {AC08AC55-AD00-4EA0-A702-8829E84D0F56} - System32\Tasks\{10062B7A-352E-4B8F-8589-4AF9CDD2208B} => C:\Windows\system32\pcalua.exe -a C:\Users\M\Desktop\Posudky\program\NESetup2_1_50.exe -d C:\Users\M\Desktop\Posudky\program

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Microsoft Windows -> Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 217.144.16.197 217.144.16.199 192.168.1.254
Tcpip\..\Interfaces\{43BD8E87-7A28-43E2-AEE4-22D9B5859752}: [DhcpNameServer] 217.144.16.197 217.144.16.199 192.168.1.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0119&m=aspire_7730g
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://cs.intl.acer.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-709419016-1147377520-125327568-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0119&m=aspire_7730g
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-709419016-1147377520-125327568-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... SK832SK833
SearchScopes: HKU\S-1-5-21-709419016-1147377520-125327568-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... SK832SK833
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-21] (Google Inc -> Google Inc.)
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-21] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-709419016-1147377520-125327568-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-21] (Google Inc -> Google Inc.)

FireFox:
========
FF ProfilePath: C:\Users\M\AppData\Roaming\Mozilla\Firefox\Profiles\89bh58pq.default [2019-01-21]
FF NetworkProxy: Mozilla\Firefox\Profiles\89bh58pq.default -> type", 0
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-branding.js [2010-09-14]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox-l10n.js [2010-09-14]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\firefox.js [2010-09-14]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\reporter.js [2010-09-14]

Chrome:
=======
CHR Notifications: Default -> hxxps://a.robotcaptcha2.info; hxxps://cz1n.kingdoms.com; hxxps://cz1n.kingdoms.com; hxxps://www.artofzoo.com
CHR Profile: C:\Users\M\AppData\Local\Google\Chrome\User Data\Default [2019-11-11]
CHR Extension: (Prezentace) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-21]
CHR Extension: (Dokumenty) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-21]
CHR Extension: (Disk Google) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-21]
CHR Extension: (YouTube) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-21]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-10-20]
CHR Extension: (Tabulky) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-22]
CHR Extension: (Avast Online Security) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-10-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-20]
CHR Extension: (Gmail) - C:\Users\M\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AgereModemAudio; C:\Windows\system32\agrsmsvc.exe [13312 2008-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Agere Systems)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [6799632 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [324000 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [File not signed]
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [81504 2008-01-16] (CyberLink -> ) [File not signed]
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-03-21] () [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel(R) Corporation) [File not signed]
S3 GoogleDesktopManager-080708-050100; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2019-01-20] (Google) [File not signed]
R2 IGBASVC; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [3471360 2019-01-20] () [File not signed]
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] () [File not signed]
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-04] () [File not signed]
R2 nvsvc; C:\Windows\system32\nvvsvc.exe [196608 2008-08-07] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel(R) Corporation) [File not signed]
R2 RichVideo; C:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] (CyberLink -> )
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AgereSoftModem; C:\Windows\System32\DRIVERS\AGRSM.sys [1202560 2008-02-29] (Microsoft Windows Hardware Compatibility Publisher -> Agere Systems)
R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [43184 2019-01-20] (Dejan Maksimovic -> Alfa Corporation)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167480 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188976 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [165384 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284256 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57904 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [183176 2019-11-10] (AVAST Software s.r.o. -> AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42736 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [40688 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [135200 2019-11-10] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr.sys [70640 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [72800 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784552 2019-11-10] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [397984 2019-11-10] (AVAST Software s.r.o. -> AVAST Software)
S3 aswStmXP; C:\Windows\System32\drivers\aswStmXP.sys [146584 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310200 2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
R3 ATSWPDRV; C:\Windows\System32\DRIVERS\ATSwpDrv.sys [146688 2008-04-25] (AuthenTec, Inc. -> AuthenTec, Inc.)
R3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [210432 2008-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
S3 btwaudio; C:\Windows\System32\drivers\btwaudio.sys [80424 2008-02-14] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwavdt; C:\Windows\System32\drivers\btwavdt.sys [80936 2007-07-16] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwrchid; C:\Windows\System32\DRIVERS\btwrchid.sys [16168 2007-07-16] (Broadcom Corporation -> Broadcom Corporation.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2019-01-20] (DT Soft Ltd -> DT Soft Ltd)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Microsoft Windows -> Společnost Microsoft)
R2 int15; C:\Windows\system32\drivers\int15.sys [69632 2007-01-26] () [File not signed]
S4 iteatapi; C:\Windows\system32\drivers\iteatapi.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
S4 iteraid; C:\Windows\system32\drivers\iteraid.sys [35944 2006-11-02] (Microsoft Windows -> Integrated Technology Express, Inc.)
R3 JMCR; C:\Windows\System32\DRIVERS\jmcr.sys [81296 2008-04-21] (Contoso.com(Test) -> JMicron Technology Corp.)
S4 Mraid35x; C:\Windows\system32\drivers\mraid35x.sys [33384 2006-11-02] (Microsoft Windows -> LSI Logic Corporation)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1083880 2009-04-11] (Microsoft Windows -> Společnost Microsoft)
R2 NTIPPKernel; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [122368 2008-01-16] (Cyberlink Corp.) [File not signed]
S4 ntrigdigi; C:\Windows\system32\drivers\ntrigdigi.sys [20608 2006-11-02] (Microsoft Windows -> N-trig Innovative Technologies)
R3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [7545824 2008-08-07] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S4 uliahci; C:\Windows\system32\drivers\uliahci.sys [238648 2008-01-21] (Microsoft Windows -> ULi Electronics Inc.)
S4 UlSata; C:\Windows\system32\drivers\ulsata.sys [98408 2006-11-02] (Microsoft Windows -> Promise Technology, Inc.)
S4 ulsata2; C:\Windows\system32\drivers\ulsata2.sys [115816 2008-01-21] (Microsoft Windows -> Promise Technology, Inc.)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Winbond Electronics Corporation)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [61424 2008-05-09] (CyberLink -> Cyberlink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-11 09:20 - 2019-11-11 09:20 - 000138968 _____ C:\Windows\Minidump\Mini111119-01.dmp
2019-11-11 09:20 - 2019-11-11 09:20 - 000000000 ____D C:\Windows\Minidump
2019-11-11 09:19 - 2019-11-11 09:19 - 369429654 _____ C:\Windows\MEMORY.DMP
2019-11-10 21:42 - 2019-11-10 21:42 - 000000000 ____D C:\Users\M\AppData\Roaming\AVAST Software
2019-11-10 21:42 - 2019-11-10 21:42 - 000000000 ____D C:\Users\M\AppData\Local\CEF
2019-11-10 21:42 - 2019-11-10 21:42 - 000000000 ____D C:\Users\M\AppData\Local\AVAST Software
2019-11-10 21:36 - 2019-11-10 21:36 - 000001844 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-11-10 21:36 - 2019-11-10 21:36 - 000001844 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2019-11-10 21:36 - 2019-11-10 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-11-10 21:35 - 2019-11-10 21:35 - 000000000 ____D C:\4fc505190573163f4c85051ca152ee1c
2019-11-10 21:34 - 2019-01-22 22:05 - 000323288 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-11-10 21:28 - 2019-11-10 21:28 - 000230080 _____ (AVAST Software) C:\Users\M\Downloads\avast_free_antivirus_setup_online (2).exe
2019-11-10 13:26 - 2019-11-10 13:26 - 000002463 _____ C:\Users\M\Desktop\AdwCleaner[C00].txt
2019-11-10 13:16 - 2019-11-10 13:16 - 000000027 _____ C:\Windows\system32\MPFServiceFailureCount.txt
2019-11-10 13:11 - 2019-11-10 13:15 - 000000000 ____D C:\AdwCleaner
2019-11-10 13:09 - 2019-11-10 13:09 - 007622344 _____ (Malwarebytes) C:\Users\M\Downloads\adwcleaner_7.4.2.exe
2019-11-10 13:09 - 2019-11-10 13:09 - 007622344 _____ (Malwarebytes) C:\Users\M\Desktop\adwcleaner_7.4.2.exe
2019-11-09 23:45 - 2019-11-09 23:49 - 000051485 _____ C:\Users\M\Desktop\Addition.txt
2019-11-09 23:39 - 2019-11-11 23:12 - 000025438 _____ C:\Users\M\Desktop\FRST.txt
2019-11-09 23:38 - 2019-11-11 23:10 - 000000000 ____D C:\FRST
2019-11-09 23:37 - 2019-11-09 23:36 - 001988096 _____ (Farbar) C:\Users\M\Desktop\FRST.exe
2019-11-09 23:36 - 2019-11-09 23:36 - 001988096 _____ (Farbar) C:\Users\M\Downloads\FRST.exe
2019-11-09 22:01 - 2019-11-09 22:01 - 000001767 _____ C:\Users\M\Desktop\Counter Strike 1.6 Non Steam.lnk
2019-11-09 21:48 - 2019-11-09 21:50 - 000003680 _____ C:\Users\M\Desktop\SERVERY.txt
2019-11-09 21:15 - 2019-11-09 21:15 - 000001457 _____ C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2019-11-09 21:15 - 2019-11-09 21:15 - 000001457 _____ C:\ProgramData\Desktop\Counter-Strike 1.6.lnk
2019-11-09 19:23 - 2019-11-09 22:01 - 000001783 _____ C:\Users\M\Desktop\Dedicated Server.lnk
2019-11-09 19:14 - 2019-11-09 22:01 - 000000000 ____D C:\Program Files\Valve
2019-11-09 18:47 - 2019-11-09 18:47 - 000000000 ____D C:\Program Files\Common Files\Steam
2019-11-07 21:40 - 2019-11-07 21:40 - 000000000 ____D C:\Users\M\AppData\Roaming\CyberLink
2019-10-26 18:19 - 2019-10-26 21:15 - 000000000 ____D C:\Users\M\Desktop\videa
2019-10-23 10:03 - 2019-10-23 10:03 - 000046080 _____ C:\Users\M\Downloads\TMT DAILY PLANNING.xls
2019-10-23 09:50 - 2019-10-23 09:50 - 000044544 _____ C:\Users\M\Downloads\1191167100.xls
2019-10-23 09:50 - 2019-10-23 09:50 - 000014033 _____ C:\Users\M\Downloads\Tabulka 3P204.xlsx
2019-10-23 09:50 - 2019-10-23 09:50 - 000014033 _____ C:\Users\M\Downloads\Tabulka 3P204 (1).xlsx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-11 23:08 - 2019-01-22 21:53 - 000054377 _____ C:\ProgramData\nvModes.001
2019-11-11 23:06 - 2019-01-20 19:54 - 000000000 _____ C:\Windows\system32\LogConfigTemp.xml
2019-11-11 23:06 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-11 23:06 - 2006-11-02 13:47 - 000003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2019-11-11 23:06 - 2006-11-02 13:47 - 000003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2019-11-11 23:05 - 2019-01-20 23:04 - 000000012 _____ C:\Windows\bthservsdp.dat
2019-11-11 23:05 - 2006-11-02 14:01 - 000031516 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-11-11 22:49 - 2019-01-20 20:58 - 000000863 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-11-11 22:49 - 2019-01-20 20:58 - 000000863 _____ C:\ProgramData\Desktop\VLC media player.lnk
2019-11-11 22:11 - 2008-01-21 07:47 - 001418230 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-11 22:11 - 2008-01-21 07:46 - 000607464 _____ C:\Windows\system32\perfh005.dat
2019-11-11 22:11 - 2008-01-21 07:46 - 000118096 _____ C:\Windows\system32\perfc005.dat
2019-11-11 22:11 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2019-11-11 22:07 - 2019-01-22 21:53 - 000054377 _____ C:\ProgramData\nvModes.dat
2019-11-10 21:35 - 2019-01-22 22:06 - 000183176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-11-10 21:35 - 2019-01-22 22:03 - 000003826 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-11-10 21:35 - 2019-01-22 22:02 - 000784552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-11-10 21:35 - 2019-01-20 19:35 - 000397984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-11-10 21:35 - 2019-01-20 19:35 - 000135200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-11-10 20:53 - 2008-04-14 15:05 - 000000000 ____D C:\ProgramData\McAfee
2019-11-10 20:49 - 2008-04-14 15:06 - 000000000 ____D C:\ProgramData\SiteAdvisor
2019-11-09 21:02 - 2019-01-22 22:50 - 000000000 _____ C:\Windows\system32\last.dump
2019-11-09 19:14 - 2008-04-14 14:54 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2019-11-08 19:38 - 2019-01-20 20:01 - 000000000 ____D C:\Users\M\AppData\Local\PowerCinema
2019-11-05 19:50 - 2019-01-20 19:35 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-05 19:50 - 2019-01-20 19:35 - 000003248 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-05 19:49 - 2019-01-20 19:26 - 000000000 ____D C:\Program Files\Google
2019-11-03 19:49 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\LiveKernelReports
2019-10-26 21:43 - 2019-01-20 20:59 - 000000000 ____D C:\Users\M\AppData\Roaming\vlc

==================== Files in the root of some directories ========

2019-01-20 19:25 - 2019-01-20 20:02 - 000000680 _____ () C:\Users\M\AppData\Local\d3d9caps.dat
2019-01-20 21:05 - 2019-04-18 15:04 - 000006144 _____ () C:\Users\M\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-11-11 23:13
==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x86) Version: 09-11-2019 01
Ran by M (11-11-2019 23:13:11)
Running from C:\Users\M\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2019-01-20 17:20:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-709419016-1147377520-125327568-500 - Administrator - Disabled)
Guest (S-1-5-21-709419016-1147377520-125327568-501 - Limited - Disabled)
M (S-1-5-21-709419016-1147377520-125327568-1000 - Administrator - Enabled) => C:\Users\M

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0405-0000-0000000FF1CE}_HOMESTUDENTR_{3C3813E1-C370-4F32-9639-8B43C7C780CD}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-001F-041B-0000-0000000FF1CE}_HOMESTUDENTR_{F67648A4-713E-4298-BBAD-A83D8283B0F3}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}_HOMESTUDENTR_{2659571A-3405-4486-B7D8-2F125BC0E3B2}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{90120000-00A1-0405-0000-0000000FF1CE}_HOMESTUDENTR_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
Acer Arcade Deluxe (HKLM\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 2.0.5315 - CyberLink Corp.) Hidden
Acer Arcade Deluxe (HKLM\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 2.0.5315 - CyberLink Corp.)
Acer Bio Protection

AAA 6.0.00.13 (HKLM\...\Acer Acer Bio Protection 6.0.00.13) (Version: - )
Acer Crystal Eye Webcam 2.0.8 (HKLM\...\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}) (Version: 2.0.8 - SuYin)
Acer eAudio Management (HKLM\...\{57265292-228A-41FA-9AEC-4620CBCC2739}) (Version: 3.0.3007 - CyberLink Corp.)
Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 3.0.3060 - Egis Inc.)
Acer Empowering Technology (HKLM\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.0.3006 - Acer Incorporated)
Acer ePower Management (HKLM\...\{58E5844B-7CE2-413D-83D1-99294BF6C74F}) (Version: 3.0.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.0.3013 - Acer Incorporated)
Acer eSettings Management (HKLM\...\{13D85C14-2B85-419F-AC41-C7F21E68B25D}) (Version: 3.0.3007 - Acer Incorporated)
Acer GameZone Console 2.0.1.1 (HKLM\...\Acer GameZone Console_is1) (Version: - Oberon Media, Inc.)
Acer GridVista (HKLM\...\GridVista) (Version: 2.72.317 - )
Acer Mobility Center Plug-In (HKLM\...\{11316260-6666-467B-AC34-183FCB5D4335}) (Version: 3.0.3000 - Acer Inc.)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 1.12.0506 - Acer Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}) (Version: 1.0 - Microsoft Corporation) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader 8.1.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Agatha Christie Death on the Nile (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}) (Version: - Oberon Media)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version: - Agere Systems)
Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
AuthenTec Fingerprint Sensor Minimum Install (HKLM\...\{31A5ED9F-E07B-4F6E-8179-27325BAAC502}) (Version: 7.10.0.1129 - AuthenTec)
AutoCAD 2009 - český (HKLM\...\{5783F2D7-7001-0405-0002-0060B0CE6BBA}) (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2009 - český (HKLM\...\AutoCAD 2009 - český) (Version: 17.2.56.0 - Autodesk)
Autodesk Design Review 2009 (HKLM\...\{450063AA-643B-417C-8CF5-405BA3F4EF40}) (Version: 9.0.96 - Autodesk, Inc.) Hidden
Autodesk Design Review 2009 (HKLM\...\Autodesk Design Review 2009) (Version: 9.0.96 - Autodesk, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
AVerMedia A310 (MiniCard, DVB-T) 1.1.0.27 (HKLM\...\AVerMedia A310 (MiniCard, DVB-T)) (Version: 1.1.0.27 - AVerMedia TECHNOLOGIES, Inc.)
Azada (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}) (Version: - Oberon Media)
Backspin Billiards (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}) (Version: - Oberon Media)
Big Kahuna Reef (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}) (Version: - Oberon Media)
Bookworm Deluxe (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}) (Version: - Oberon Media)
Bricks of Egypt (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}) (Version: - Oberon Media)
Broadcom Gigabit Integrated Controller (HKLM\...\{A64A5576-D862-44F8-89DC-2B17FCC9B86E}) (Version: 11.11.03 - Broadcom Corporation)
Cake Mania (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Counter-Strike 1.6 (HKLM\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Diner Dash Flo on the Go (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}) (Version: - Oberon Media)
eSobi v2 (HKLM\...\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.3.000189 - esobi Inc.) Hidden
eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.3.000189 - esobi Inc.)
Flip Words 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}) (Version: - Oberon Media)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.7.0808.07150 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.2.183.23 - Google Inc.) Hidden
Chicken Invaders 3 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}) (Version: - Oberon Media)
Chuzzle (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}) (Version: - Oberon Media)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Jewel Quest Solitaire (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}) (Version: - Oberon Media)
JMicron JMB38X Flash Media Controller (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.10.04 - JMicron Technology Corp.)
Kick N Rush (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}) (Version: - Oberon Media)
Launch Manager (HKLM\...\LManager) (Version: - )
LightScribe 1.4.142.1 (HKLM\...\{CE386A4E-D0DA-4208-8235-BCE43275C694}) (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Mahjong Escape Ancient China (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media)
Mahjongg Artifacts (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}) (Version: - Oberon Media)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Works (HKLM\...\{C73B5B3B-F974-48CA-8B91-3E8A432AEA5B}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox (3.6.10) (HKLM\...\Mozilla Firefox (3.6.10)) (Version: 3.6.10 (cs) - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery Case Files - Huntsville (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}) (Version: - Oberon Media)
Mystery Solitaire - Secret Island (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}) (Version: - Oberon Media)
NemExpress (HKLM\...\NemExpress) (Version: NemExpress version 1.11 - PLUTO-OLT spol. s r. o.)
NTI Backup Now 5 (HKLM\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.503 - NewTech Infosystems)
NTI Backup Now Standard (HKLM\...\{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.503 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM\...\{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6322 - Název společnosti:) Hidden
NTI Media Maker 8 (HKLM\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6322 - Název společnosti:)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
Orion (HKLM\...\{5B63A470-9334-44D1-AF61-6CE2DB565AE9}) (Version: 2.0.1 - Convesoft)
PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.4619 - CyberLink Corp.)
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2713 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2713 - CyberLink Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5612 - Realtek Semiconductor Corp.)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{35C0A1E4-D02A-412C-841F-266DBB116ABB}) (Version: 12.02.0000 - Intel(R) Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.2.4.0 - Synaptics)
Turbo Pizza (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}) (Version: - Oberon Media)
Update for Office 2007 (KB946691) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A420F522-7395-4872-9882-C591B4B92278}) (Version: - Microsoft)
VBA (2627.01) (HKLM\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.6300 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6300 - Broadcom Corporation)
Winbond CIR Device Drivers (HKLM\...\{10F498FF-5392-4DF3-8F73-FE172A9F3800}) (Version: 7.60.1012 - Winbond Electronics Corporation)
Zuma Deluxe (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}) (Version: - Oberon Media)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-709419016-1147377520-125327568-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2009\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2008-02-10] (Autodesk, Inc -> Autodesk, Inc.) [File not signed]
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2008-02-10] (Autodesk, Inc -> Autodesk) [File not signed]
ContextMenuHandlers1: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2008-01-21] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSshellExt.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-22] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [EDSshellExt] -> {29FF7AB0-BE34-4992-A30B-53A9D86EE239} => C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSshellExt.dll [2008-03-04] (EGIS TECHNOLOGY INC. -> Egis Incorporated.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {A70C977A-BF00-412C-90B7-034C51DA2439} => C:\Windows\system32\nvcpl.dll [2008-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2019-01-22] (AVAST Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2008-04-14 15:47 - 2007-11-27 14:08 - 000032768 _____ () [File not signed] C:\Acer\Mobility Center\MobilityInterface.dll
2008-05-12 22:11 - 2008-05-12 22:11 - 000753664 ____N () [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
2008-05-12 22:11 - 2008-05-12 22:11 - 000007680 ____N () [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
2019-01-20 19:57 - 2019-01-20 19:57 - 000080896 _____ () [File not signed] C:\Program Files\Acer\Acer Bio Protection\PwdFilter.dll
2008-04-14 15:14 - 2008-03-07 02:35 - 000016384 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eAudio\eAudioSrvPlugin.dll
2008-04-14 15:11 - 2008-05-26 14:37 - 000016384 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll
2008-04-14 15:11 - 2008-05-26 14:39 - 000143360 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll
2008-04-14 15:11 - 2008-05-26 14:40 - 000016384 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll
2008-04-14 15:11 - 2008-05-26 14:37 - 000036864 _____ () [File not signed] C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll
2019-11-10 21:34 - 2019-11-10 21:34 - 048936448 _____ () [File not signed] C:\Program Files\Alwil Software\Avast5\libcef.dll
2008-10-16 16:57 - 2008-10-16 16:57 - 000200704 _____ () [File not signed] C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL
2008-04-04 01:54 - 2008-04-04 01:54 - 000003072 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 001024000 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000098304 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000061440 _____ () [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll
2008-02-12 13:12 - 2008-02-12 13:12 - 000126976 _____ () [File not signed] C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000028672 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3006.0__672b450de5a7e94a\Framework.Host.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000061440 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3006.0__3036420f80dd6947\Framework.Library.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000032768 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3006.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000020480 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3006.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000016384 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3006.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000036864 _____ () [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3006.0__4df5dcab8860d239\Framework.Utility.dll
2008-04-14 15:14 - 2008-04-23 14:58 - 000204800 _____ () [File not signed] C:\Windows\System32\SysHook.dll
2019-01-20 19:56 - 2019-01-20 19:56 - 000208896 _____ (ABIG) [File not signed] C:\Windows\system32\ATSC70PBA.dll
2008-04-14 15:14 - 2008-04-23 14:58 - 000016384 _____ (Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\ePowerSrvPlugin.dll
2008-04-14 15:14 - 2008-04-23 14:57 - 000032768 _____ (Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\WMIInterface.dll
2008-04-14 15:14 - 2008-04-23 14:57 - 000091648 _____ (Acer Inc.) [File not signed] C:\Program Files\Acer\Empowering Technology\ePower\WMIServiceDLL.dll
2019-01-20 19:54 - 2008-06-04 13:01 - 000057344 _____ (Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.RemoteServer.dll
2019-01-20 19:54 - 2008-04-29 09:37 - 000028672 _____ (Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\eRecovery\eRecovery.ServicePlugin.dll
2019-01-20 19:53 - 2008-04-29 09:37 - 000016384 _____ (Acer Incorporated) [File not signed] C:\Program Files\Acer\Empowering Technology\Service\eRecovery.RemoteServerInterface.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000020480 _____ (acer) [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Service.Utility\3.0.3006.0__40d56bd2d2a1d6f8\Framework.Service.Utility.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000032768 _____ (acer) [File not signed] C:\Windows\assembly\GAC_MSIL\Framework.Utility.CommonFunctions\3.0.3006.0__770d2a375f176870\Framework.Utility.CommonFunctions.dll
2019-01-20 19:57 - 2008-05-19 03:58 - 000666624 _____ (Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\CustomRes.dll
2019-01-20 19:57 - 2019-01-20 19:57 - 000126976 _____ (Arachnoid Biometrics Identification Group Corp.) [File not signed] C:\Program Files\Acer\Acer Bio Protection\FPLaunchCache.dll
2008-04-22 15:49 - 2008-04-22 15:49 - 001207296 _____ (AuthenTec, Inc.) [File not signed] C:\Windows\system32\ATSC70.DLL
2008-02-10 08:31 - 2008-02-10 08:31 - 000128664 _____ (Autodesk, Inc -> Autodesk) [File not signed] C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll
2008-02-10 08:28 - 2008-02-10 08:28 - 000307352 _____ (Autodesk, Inc -> Autodesk, Inc.) [File not signed] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll
2008-02-10 08:08 - 2008-02-10 08:08 - 000043160 _____ (Autodesk, Inc -> Autodesk, Inc.) [File not signed] C:\Windows\system32\AcSignIcon.dll
2019-11-11 17:22 - 2019-11-11 17:22 - 006743880 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19111100\algo.dll
2019-11-11 17:22 - 2019-11-11 17:22 - 000340960 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19111100\arPot.dll
2019-11-11 17:22 - 2019-11-11 17:22 - 000388464 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19111100\aswArray.dll
2019-11-11 17:22 - 2019-11-11 17:22 - 000539336 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19111100\aswCleanerDLL.dll
2019-11-11 17:22 - 2019-11-11 17:22 - 000510848 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19111100\aswCmnBS.dll
2019-11-11 17:22 - 2019-11-11 17:22 - 000436984 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19111100\aswCmnIS.dll
2019-11-11 17:22 - 2019-11-11 17:22 - 000159664 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19111100\aswCmnOS.dll
2019-11-11 17:22 - 2019-11-11 17:22 - 001622360 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19111100\aswEngin.dll
2019-11-11 17:22 - 2019-11-11 17:22 - 000617296 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19111100\aswFiDb.dll
2019-11-11 17:22 - 2019-11-11 17:22 - 000423600 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19111100\aswRep.dll
2019-11-11 17:22 - 2019-11-11 17:22 - 002059288 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19111100\swhealthex2.dll
2019-11-11 17:22 - 2019-11-11 17:22 - 000065144 _____ (AVAST Software s.r.o. -> AVAST Software) [File not signed] C:\Program Files\Alwil Software\Avast5\defs\19111100\uiExt.dll
2019-01-22 22:05 - 2019-01-22 22:05 - 002387776 _____ (AVAST Software s.r.o. -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Alwil Software\Avast5\libcrypto-1_1.dll
2019-01-22 22:05 - 2019-01-22 22:05 - 000512832 _____ (AVAST Software s.r.o. -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Alwil Software\Avast5\libssl-1_1.dll
2008-02-12 12:46 - 2008-02-12 05:46 - 000102400 _____ (Broadcom Corporation.) [File not signed] C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll
2008-02-12 13:19 - 2008-02-12 13:19 - 000208896 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btmmhook.dll
2008-02-12 12:36 - 2008-02-12 12:36 - 000184320 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btncopy.dll
2008-02-12 12:46 - 2008-02-12 12:46 - 000233472 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btosif.dll
2008-02-12 12:26 - 2008-02-12 12:26 - 005271552 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btrez.dll
2008-02-12 12:31 - 2008-02-12 12:31 - 000602112 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btwapi.dll
2008-02-12 12:58 - 2008-02-12 12:58 - 000393216 _____ (Broadcom Corporation.) [File not signed] C:\Windows\system32\btwhidcs.DLL
2008-05-12 22:11 - 2008-05-12 22:11 - 000047616 ____N (CyberLink Corp.) [File not signed] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\Common\CLRCEngine3.dll
2008-04-14 15:14 - 2008-03-04 12:18 - 000008192 _____ (CyberLink) [File not signed] C:\Program Files\Acer\Empowering Technology\eAudio\Language\CSY\LangCSY.dll
2007-01-17 10:20 - 2007-01-17 10:20 - 000032768 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSLog.dll
2007-01-17 10:20 - 2007-01-17 10:20 - 000081920 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files\Common Files\LightScribe\LSSProxy.dll
2019-01-20 19:41 - 2008-07-20 17:43 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\CSY\IAAMon_CSY.dll
2019-01-20 19:41 - 2008-07-20 17:42 - 000118784 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\CSY\PlugInRAID_CSY.dll
2019-01-20 19:41 - 2008-07-20 17:32 - 000204800 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
2008-10-16 16:54 - 2008-10-16 16:54 - 000655360 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
2008-10-16 16:56 - 2008-10-16 16:56 - 000581632 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
2008-10-16 16:56 - 2008-10-16 16:56 - 000499712 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
2008-10-16 17:07 - 2008-10-16 17:07 - 000864256 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
2008-10-16 16:59 - 2008-10-16 16:59 - 001519616 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
2008-10-16 16:58 - 2008-10-16 16:58 - 000135168 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
2008-10-16 17:05 - 2008-10-16 17:05 - 000987136 _____ (Intel(R) Corporation) [File not signed] C:\Windows\System32\IWMSSvc.dll
2019-01-20 20:01 - 2008-05-09 11:55 - 001060864 ____N (Microsoft Corporation) [File not signed] C:\Program Files\Acer Arcade Deluxe\PlayMovie\MFC71.DLL
2019-01-20 20:01 - 2008-05-09 11:55 - 000499712 ____N (Microsoft Corporation) [File not signed] C:\Program Files\Acer Arcade Deluxe\PlayMovie\MSVCP71.dll
2019-01-20 20:01 - 2008-05-09 11:55 - 000348160 ____N (Microsoft Corporation) [File not signed] C:\Program Files\Acer Arcade Deluxe\PlayMovie\MSVCR71.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\MSVCP71.dll
2008-02-28 21:44 - 2008-02-28 21:44 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\MSVCR71.dll
2008-02-28 21:43 - 2008-02-28 21:43 - 001047552 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MFC71U.DLL
2008-02-28 21:43 - 2008-02-28 21:43 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MSVCP71.dll
2008-02-28 21:43 - 2008-02-28 21:43 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\MSVCR71.dll
2008-05-12 22:10 - 2008-05-12 22:10 - 001060864 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MFC71.DLL
2008-05-12 22:10 - 2008-05-12 22:10 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSVCP71.dll
2008-05-12 22:10 - 2008-05-12 22:10 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\MSVCR71.dll
2008-04-14 14:45 - 2008-04-14 14:45 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80.DLL
2008-04-14 14:45 - 2008-04-14 14:45 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed\MFC80U.DLL
2008-04-06 21:23 - 2008-04-06 21:23 - 000376832 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKaux.dll
2008-04-04 01:54 - 2008-04-04 01:54 - 000036864 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKauxLOC.dll
2008-04-08 05:46 - 2008-04-08 05:46 - 000319488 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKImage.dll
2008-04-04 01:54 - 2008-04-04 01:54 - 000036864 _____ (NewTech InfoSystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BKImageLOC.dll
2008-04-04 01:52 - 2008-04-04 01:52 - 000135168 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\CdrMmc32.dll
2008-04-04 02:14 - 2008-04-04 02:14 - 000241664 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Cdrw32.dll
2008-04-04 02:15 - 2008-04-04 02:15 - 000069632 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\CdrwEx32.dll
2008-03-03 12:11 - 2008-03-03 12:11 - 000086016 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\listor.dll
2008-03-03 12:11 - 2008-03-03 12:11 - 000011776 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\locator.dll
2008-04-06 21:22 - 2008-04-06 21:22 - 000159744 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Data32.dll
2008-04-04 01:52 - 2008-04-04 01:52 - 000069632 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Hddrw32.dll
2008-04-04 01:52 - 2008-04-04 01:52 - 000014336 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\ImagFile.dll
2008-04-07 03:52 - 2008-04-07 03:52 - 000065536 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Scd32.dll
2008-04-04 02:03 - 2008-04-04 02:03 - 000009728 _____ (NewTech Infosystems, Inc.) [File not signed] C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvcLOC.dll
2008-04-14 15:10 - 2008-04-14 15:10 - 000270336 _____ (The Apache Software Foundation) [File not signed] C:\Windows\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
2007-09-06 09:28 - 2007-09-06 09:28 - 001089536 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-709419016-1147377520-125327568-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2019-11-11 23:07 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-709419016-1147377520-125327568-1000\Control Panel\Desktop\\Wallpaper -> c:\Windows\Web\wallpaper\Acer01.jpg
DNS Servers: 217.144.16.197 - 217.144.16.199
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{25EDAE7F-F1EB-4B8F-BC4F-6A7325166AE3}] => (Allow) C:\Program Files\Cyberlink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.) [File not signed]
FirewallRules: [{83FF83CE-F875-4D7D-A9B5-EE60C20AF335}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () [File not signed]
FirewallRules: [{E7D0F75B-7A5D-4B64-B9EA-76A99A62111B}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () [File not signed]
FirewallRules: [{119C3235-7ED9-40B7-97AE-2A871ACA9723}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.) [File not signed]
FirewallRules: [{C06A3F7E-5592-411D-B1D9-A6779F6C9F32}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe (NewTech Infosystems, Inc.) [File not signed]
FirewallRules: [{5C5BF230-09FE-4104-8509-46E87C2BB03F}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech Infosystems, Inc -> NewTech InfoSystems, Inc.)
FirewallRules: [{951A5035-3C8B-4C1A-B988-47DB52A6E2B7}] => (Allow) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe (NewTech Infosystems, Inc -> NewTech InfoSystems, Inc.)
FirewallRules: [{06617333-A7C8-46AE-A905-FC71BC2906B9}] => (Allow) C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe (CyberLink -> Acer Incorporated) [File not signed]
FirewallRules: [{9E4B23B2-C371-4B67-B5CF-0106F370AB48}] => (Allow) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe (Acer Corp.) [File not signed]
FirewallRules: [{C3E80BD6-698B-4C71-97C0-E5AF6C09730E}] => (Allow) C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) [File not signed]
FirewallRules: [{F23C0933-600A-47B6-9224-3783F4DC79E5}] => (Allow) C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe (Acer Incorporated) [File not signed]
FirewallRules: [{8DE3D4DB-ADA8-466D-9C24-010343ED9DD6}] => (Allow) LPort=80
FirewallRules: [{C1AC7C97-CE84-4EF6-B061-3F662BA54B7D}] => (Allow) LPort=80
FirewallRules: [{8FB702FF-1FFF-4134-B97C-C1095AFD9A51}] => (Allow) LPort=80
FirewallRules: [{137E2C99-F66D-4BA4-949F-89C3691E3425}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{A76A5251-7F8A-4DF2-906B-C5D7AF924735}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe No File
FirewallRules: [{FAF1B447-F42D-4699-B948-31E9C5006B30}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe No File
FirewallRules: [{2EFF4FDC-0A51-4993-83A7-642F62C92788}] => (Allow) C:\Program Files\Steam\Steam.exe No File
FirewallRules: [{71E80469-F3E6-40F7-AEC5-30B6C0412BE8}] => (Allow) C:\Program Files\Steam\Steam.exe No File
FirewallRules: [TCP Query User{93E087E8-1AA3-4F29-9514-572E943B4BED}C:\program files\valve\hl.exe] => (Allow) C:\program files\valve\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{1C0568DD-4400-4BF5-9A4A-DAEF5EB3776C}C:\program files\valve\hl.exe] => (Allow) C:\program files\valve\hl.exe (Valve) [File not signed]
FirewallRules: [{ED36DCE8-C7F5-492D-93FA-A84113BDA029}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{9C94E4AC-8BC4-4E27-9308-0E596F90BC71}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)

==================== Restore Points =========================

30-01-2019 20:16:31 avast! antivirus system restore point
31-01-2019 20:50:17 avast! antivirus system restore point
31-01-2019 22:08:22 avast! antivirus system restore point
03-02-2019 20:49:42 avast! antivirus system restore point
03-02-2019 22:08:22 avast! antivirus system restore point
05-02-2019 21:40:19 avast! antivirus system restore point
05-02-2019 22:08:33 avast! antivirus system restore point
10-02-2019 11:56:00 avast! antivirus system restore point
13-02-2019 21:07:45 avast! antivirus system restore point
11-03-2019 23:20:18 avast! antivirus system restore point
12-03-2019 20:59:25 avast! antivirus system restore point
29-03-2019 19:12:03 avast! antivirus system restore point
09-11-2019 18:44:08 Installed Steam
09-11-2019 19:12:39 ??????????? Counter-Strike 1.6
09-11-2019 20:48:12 Removed Steam
09-11-2019 21:05:36 ??????? Counter-Strike 1.6
09-11-2019 21:15:06 ??????????? Counter-Strike 1.6
10-11-2019 20:59:10 avast! antivirus system restore point
10-11-2019 21:09:04 avast! antivirus system restore point

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/11/2019 11:06:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/11/2019 09:21:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/10/2019 10:47:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/10/2019 09:40:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/10/2019 09:36:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Chybující aplikace AvastUI.exe, verze 8.0.1506.399, časové razítko 0x52dfd7e2, chybující modul aswUtil.dll!?IsAdmin@CAvastUtil@@QAEHH@Z, verze 6.0.6002.18327, časové razítko 0x4cb73436, kód výjimky 0xc0000139, posun chyby 0x00009f7d,
ID procesu 0x17e8, čas spuštění aplikace 0x01d59806913e15e0.

Error: (11/10/2019 09:08:59 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {319076c6-e85f-4b84-a51d-938f8010932d}

Error: (11/10/2019 09:06:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/10/2019 08:58:59 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {e369aeff-be04-43a3-905b-c95ccca8f21b}


System errors:
=============
Error: (11/11/2019 11:07:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (11/11/2019 11:04:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (11/11/2019 11:03:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (11/11/2019 11:03:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (11/11/2019 10:47:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (11/11/2019 10:47:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (11/11/2019 09:21:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba aswStmXP neuspěla při spuštění v důsledku následující chyby:
Uvedená procedura nebyla nalezena.

Error: (11/11/2019 09:20:40 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:10:33, 11.11.2019) bylo neočekávané.


CodeIntegrity:
===================================

Date: 2019-11-11 22:07:53.113
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-11-11 22:07:52.957
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-11-11 22:07:52.816
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-11-11 22:07:52.535
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-11-03 19:56:35.767
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-11-03 19:56:35.304
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-11-03 19:56:34.904
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-11-03 19:56:34.426
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\staport.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: Acer v0.3506 07/22/2008
Motherboard: Acer, Inc. Mammoth
Processor: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz
Percentage of memory in use: 85%
Total physical RAM: 3065.94 MB
Available physical RAM: 434.15 MB
Total Virtual: 6334.89 MB
Available Virtual: 3521.46 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:144.04 GB) (Free:80.31 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:144.04 GB) (Free:84.02 GB) NTFS

\\?\Volume{c749201a-1cd6-11e9-888f-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:10 GB) (Free:1.41 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 13AEAEC9)
Partition 1: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=144 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu - využití CPU 100%

#6 Příspěvek od Conder »

:arrow: Odporucam odinstalovat "Google Toolbar for Internet Explorer", ak ho nepotrebujes/nepouzivas.

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 
File: C:\Windows\system32\pla.dll
CMD: type "C:\Windows\System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries"

HKLM\...\Run: [eRecoveryService] => [X]
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2019-01-20] (Google Inc -> Google Inc.)
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\MountPoints2: {717ef116-809d-11e9-a10d-001e68e29a2d} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\MountPoints2: {8a35db69-1ce9-11e9-a6d3-001e68e29a2d} - G:\Setup.exe
Task: {1B34765D-F2D6-44DC-ABFC-55406D69F849} - System32\Tasks\{F97BB80E-C520-4090-B3D5-7A7044C7FA95} => C:\Windows\system32\pcalua.exe -a C:\Users\M\Downloads\NESetup2_1_50.exe -d C:\Users\M\Downloads
Task: {AC08AC55-AD00-4EA0-A702-8829E84D0F56} - System32\Tasks\{10062B7A-352E-4B8F-8589-4AF9CDD2208B} => C:\Windows\system32\pcalua.exe -a C:\Users\M\Desktop\Posudky\program\NESetup2_1_50.exe -d C:\Users\M\Desktop\Posudky\program
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0119&m=aspire_7730g
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://cs.intl.acer.yahoo.com
HKU\S-1-5-21-709419016-1147377520-125327568-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0119&m=aspire_7730g
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} -  No File
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
2019-11-10 20:53 - 2008-04-14 15:05 - 000000000 ____D C:\ProgramData\McAfee
FirewallRules: [{A76A5251-7F8A-4DF2-906B-C5D7AF924735}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe No File
FirewallRules: [{FAF1B447-F42D-4699-B948-31E9C5006B30}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe No File

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
flustr
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 10 led 2007 12:21

Re: Kontrola logu - využití CPU 100%

#7 Příspěvek od flustr »

Log po provedení popsaných úprav:

Fix result of Farbar Recovery Scan Tool (x86) Version: 09-11-2019 01
Ran by M (12-11-2019 20:03:09) Run:1
Running from C:\Users\M\Desktop
Loaded Profiles: M (Available Profiles: M)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
File: C:\Windows\system32\pla.dll
CMD: type "C:\Windows\System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries"

HKLM\...\Run: [eRecoveryService] => [X]
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2019-01-20] (Google Inc -> Google Inc.)
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\MountPoints2: {717ef116-809d-11e9-a10d-001e68e29a2d} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-709419016-1147377520-125327568-1000\...\MountPoints2: {8a35db69-1ce9-11e9-a6d3-001e68e29a2d} - G:\Setup.exe
Task: {1B34765D-F2D6-44DC-ABFC-55406D69F849} - System32\Tasks\{F97BB80E-C520-4090-B3D5-7A7044C7FA95} => C:\Windows\system32\pcalua.exe -a C:\Users\M\Downloads\NESetup2_1_50.exe -d C:\Users\M\Downloads
Task: {AC08AC55-AD00-4EA0-A702-8829E84D0F56} - System32\Tasks\{10062B7A-352E-4B8F-8589-4AF9CDD2208B} => C:\Windows\system32\pcalua.exe -a C:\Users\M\Desktop\Posudky\program\NESetup2_1_50.exe -d C:\Users\M\Desktop\Posudky\program
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0119&m=aspire_7730g
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://cs.intl.acer.yahoo.com
HKU\S-1-5-21-709419016-1147377520-125327568-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0119&m=aspire_7730g
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
2019-11-10 20:53 - 2008-04-14 15:05 - 000000000 ____D C:\ProgramData\McAfee
FirewallRules: [{A76A5251-7F8A-4DF2-906B-C5D7AF924735}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe No File
FirewallRules: [{FAF1B447-F42D-4699-B948-31E9C5006B30}] => (Allow) C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 889
Average :
Sum : 13289392429
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe ========================

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
File not signed
MD5: 6FD7F370817F16B5E1F08B91BADAA2EE
Creation and modification date: 2019-01-20 19:26 - 2019-01-20 19:26
Size: 000024064
Attributes: ----A
Company Name: Google
Internal Name: Google Desktop
Original Name:
Product: Google Desktop
Description: Google Desktop
File Version: 5.7.808.7150
Product Version: 5.7.808.7150
Copyright: Copyright (c) 2003-08 Google. All Rights Reserved.
VirusTotal: https://www.virustotal.com/file/2c25601 ... 562659976/

====== End of File: ======


========================= File: C:\Windows\system32\pla.dll ========================

C:\Windows\system32\pla.dll
Catalog: C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_25_for_KB948465~31bf3856ad364e35~x86~~6.0.1.18005.cat
File is digitally signed
MD5: B1689DF169143F57053F795390C99DB3
Creation and modification date: 2008-01-21 03:24 - 2008-01-21 03:24
Size: 001502208
Attributes: ----A
Company Name: Microsoft Windows -> Microsoft Corporation
Internal Name: PLA.DLL
Original Name: PLA.DLL
Product: Microsoft® Windows® Operating System
Description: Performance Logs & Alerts
File Version: 6.0.6001.18000 (longhorn_rtm.080118-1840)
Product Version: 6.0.6001.18000
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/887b8c7 ... 571470667/

====== End of File: ======


========= type "C:\Windows\System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries" =========

<Task xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo>
<Version>1.0</Version>
<URI>\Microsoft\Windows\PLA\System\ConvertLogEntries</URI>
<SecurityDescriptor>O:SYD:P(A;;FA;;;BA)(A;;FA;;;SY)</SecurityDescriptor>
</RegistrationInfo>
<Triggers>
<EventTrigger id="295b821f-3ef2-4803-ba8e-4735e6d3537c">
<Enabled>true</Enabled>
<Subscription><QueryList><Query Id="0" Path="Microsoft-Windows-TaskScheduler/Operational"><Select Path="Microsoft-Windows-TaskScheduler/Operational">*[EventData[@Name='TaskStartFailedEvent']/Data[@Name='TaskName']!='\Microsoft\Windows\PLA\System\ConvertLogEntries']</Select></Query></QueryList></Subscription>
</EventTrigger>
</Triggers>
<Principals>
<Principal id="System">
<RunLevel>LeastPrivilege</RunLevel>
<UserId>S-1-5-18</UserId>
</Principal>
</Principals>
<Settings>
<IdleSettings>
<StopOnIdleEnd>true</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
<MultipleInstancesPolicy>Queue</MultipleInstancesPolicy>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>true</StopIfGoingOnBatteries>
<AllowHardTerminate>false</AllowHardTerminate>
<StartWhenAvailable>false</StartWhenAvailable>
<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
<AllowStartOnDemand>false</AllowStartOnDemand>
<Enabled>true</Enabled>
<Hidden>true</Hidden>
<RunOnlyIfIdle>false</RunOnlyIfIdle>
<WakeToRun>false</WakeToRun>
<ExecutionTimeLimit>PT0S</ExecutionTimeLimit>
<Priority>7</Priority>
</Settings>
<Actions Context="System">
<Exec>
<Command>%windir%\system32\rundll32.exe</Command>
<Arguments>%windir%\system32\pla.dll,PlaConvertLogEntries</Arguments>
</Exec>
</Actions>
</Task>
========= End of CMD: =========

"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService" => removed successfully.
"HKU\S-1-5-21-709419016-1147377520-125327568-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg" => not found
HKU\S-1-5-21-709419016-1147377520-125327568-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{717ef116-809d-11e9-a10d-001e68e29a2d} => removed successfully.
HKU\S-1-5-21-709419016-1147377520-125327568-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8a35db69-1ce9-11e9-a6d3-001e68e29a2d} => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B34765D-F2D6-44DC-ABFC-55406D69F849}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B34765D-F2D6-44DC-ABFC-55406D69F849}" => removed successfully.
C:\Windows\System32\Tasks\{F97BB80E-C520-4090-B3D5-7A7044C7FA95} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F97BB80E-C520-4090-B3D5-7A7044C7FA95}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC08AC55-AD00-4EA0-A702-8829E84D0F56}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC08AC55-AD00-4EA0-A702-8829E84D0F56}" => removed successfully.
C:\Windows\System32\Tasks\{10062B7A-352E-4B8F-8589-4AF9CDD2208B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{10062B7A-352E-4B8F-8589-4AF9CDD2208B}" => removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-709419016-1147377520-125327568-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{0BF43445-2F28-4351-9252-17FE6E806AA0}" => removed successfully.
HKLM\System\CurrentControlSet\Services\IpInIp => removed successfully.
IpInIp => service removed successfully.
HKLM\System\CurrentControlSet\Services\NwlnkFlt => removed successfully.
NwlnkFlt => service removed successfully.
HKLM\System\CurrentControlSet\Services\NwlnkFwd => removed successfully.
NwlnkFwd => service removed successfully.
C:\ProgramData\McAfee => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A76A5251-7F8A-4DF2-906B-C5D7AF924735}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FAF1B447-F42D-4699-B948-31E9C5006B30}" => removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36822425 B
Java, Flash, Steam htmlcache => 75 B
Windows/system/drivers => 66648032 B
Edge => 0 B
Chrome => 38563156 B
Firefox => 21652978 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 2997663 B
LocalService => 3063891 B
NetworkService => 3063891 B
M => 183184064 B

RecycleBin => 341265824 B
EmptyTemp: => 673 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:05:43 ====
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu - využití CPU 100%

#8 Příspěvek od Conder »

:arrow: Plocha ma cca 12 GB, co je vela. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

:arrow: Ak si odinstaloval ten Google Toolbar, tak este jeden fixlist na upratanie po nom:

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
CMD: dir /a "C:\4fc505190573163f4c85051ca152ee1c"

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-21] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-21] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-709419016-1147377520-125327568-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-21] (Google Inc -> Google Inc.)
C:\Program Files\Google\GoogleToolbarNotifier
C:\Program Files\Google\Google Toolbar
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
flustr
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 10 led 2007 12:21

Re: Kontrola logu - využití CPU 100%

#9 Příspěvek od flustr »

Ahoj,

plocha vyčištěna.

Google Toolbar odinstalován již minule, opětovnou kontrolou nyní nenalezen.

Nový log:

Fix result of Farbar Recovery Scan Tool (x86) Version: 09-11-2019 01
Ran by M (13-11-2019 19:46:07) Run:2
Running from C:\Users\M\Desktop
Loaded Profiles: M (Available Profiles: M)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
CMD: dir /a "C:\4fc505190573163f4c85051ca152ee1c"

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-21] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-21] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-709419016-1147377520-125327568-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2019-01-21] (Google Inc -> Google Inc.)
C:\Program Files\Google\GoogleToolbarNotifier
C:\Program Files\Google\Google Toolbar
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
================== ExportKey: ===================

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}" => not found

=== End of ExportKey ===
================== ExportKey: ===================

"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => not found

=== End of ExportKey ===

========= dir /a "C:\4fc505190573163f4c85051ca152ee1c" =========

Svazek v jednotce C je ACER.
S‚riov‚ źˇslo svazku je 22D2-51C1.

Věpis adres ýe C:\4fc505190573163f4c85051ca152ee1c

10.11.2019 21:35 <DIR> .
10.11.2019 21:35 <DIR> ..
14.07.2009 12:11 510 Windows6.0-KB970158-x86-pkgProperties.txt
14.07.2009 12:09 601˙801 Windows6.0-KB970158-x86.cab
14.07.2009 12:11 442 Windows6.0-KB970158-x86.xml
14.07.2009 12:12 185˙878 WSUSSCAN.cab
Soubor…: 4, Bajt…: 788˙631
Adres ý…: 2, Volněch bajt…: 99˙900˙526˙592

========= End of CMD: =========

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => not found
"HKU\S-1-5-21-709419016-1147377520-125327568-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully.
"C:\Program Files\Google\GoogleToolbarNotifier" => not found
"C:\Program Files\Google\Google Toolbar" => not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C} => not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7078146 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 13973231 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 692 B
LocalService => 692 B
NetworkService => 692 B
M => 4594588 B

RecycleBin => 0 B
EmptyTemp: => 32.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:47:42 ====
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu - využití CPU 100%

#10 Příspěvek od Conder »

OK. Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
flustr
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 10 led 2007 12:21

Re: Kontrola logu - využití CPU 100%

#11 Příspěvek od flustr »

Bohužel k žádnému zásadnímu pokroku nedošlo.
CPU je stále na 100 % a to i po spuštění PC.
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu - využití CPU 100%

#12 Příspěvek od Conder »

V case 100% vyuzitia CPU urob a posli screenshot (snimku obrazovky) zo Spravcu uloh - klavesa Print Screen, otvorit Malovani, Ctrl+V, ulozit a posli ako prilohu alebo nahraj na nejake webove ulozisko a posli odkaz.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
flustr
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 10 led 2007 12:21

Re: Kontrola logu - využití CPU 100%

#13 Příspěvek od flustr »

Děkuji za pomoc, screenshot přiložen
Přílohy
cpu.jpg
cpu.jpg (94.35 KiB) Zobrazeno 1844 x
Nahoru
Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Kontrola logu - využití CPU 100%

#14 Příspěvek od Conder »

Su nainstalovane vsetky dolezite aktualizacie, ktore dostupne cez Windows Update?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!
Nahoru
flustr
Návštěvník
Návštěvník
Příspěvky: 39
Registrován: 10 led 2007 12:21

Re: Kontrola logu - využití CPU 100%

#15 Příspěvek od flustr »

Mám tam staré win Vista, takže podpora je nulová.
Nicméně dle win update by mělo být vše nainstalované.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“