Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
miška
Návštěvník
Návštěvník
Příspěvky: 148
Registrován: 17 bře 2010 10:59

Prosím o kontrolu logu

#1 Příspěvek od miška »

*Zdravím všec/hny Prosím o kontrol+u log+u. Notes je pomal-ý a tak/hle píše klávesnice. Dost virů jsem odstranila. Přesto je to divn
é. Dostala jsem /ho domů na vyzkoušení kvůli jedné *závěrečné práci. Takto je prakticky nepoužitelný. Píše si jak chce. N+umerická pípá. Děk+uji moc


Logfile of random's system information tool 1.10 (written by random/random)
Run by HP at 2021-05-11 21:33:41
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 528 GB (74%) free of 715 GB
Total RAM: 3977 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:33:51, on 11.5.2021
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\HP\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\HP.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.brothersoft.com?f=undefined
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HP HD Webcam Driver_Monitor] C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [479c9a49f987ecec44882b8796e3b50a] "C:\Users\HP\AppData\Local\Temp\Systeme32.exe" ..
O4 - HKCU\..\Run: [07648c4d77e66ec99a8a499782f50811] "C:\Users\HP\AppData\Local\Temp\procexp.exe" ..
O4 - HKCU\..\Run: [tmp1B6C] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp1B6C.tmp.vbs"
O4 - HKCU\..\Run: [tmpC327] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpC327.tmp.vbs"
O4 - HKCU\..\Run: [tmp6FBC] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6FBC.tmp.vbs"
O4 - HKCU\..\Run: [systeeeem] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\systeeeem.vbs"
O4 - HKCU\..\Run: [a54d6d1e46ec2a573aab436cd804429e] "C:\Users\HP\AppData\Local\Temp\procexp.exe" ..
O4 - HKCU\..\Run: [tmp6B2] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6B2.tmp.vbs"
O4 - HKCU\..\Run: [systeeem] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\systeeem.vbs"
O4 - HKCU\..\Run: [tmp63D3] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp63D3.tmp.vbs"
O4 - HKCU\..\Run: [tmp6A09] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6A09.tmp.vbs"
O4 - HKCU\..\Run: [tmp3AC2] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3AC2.tmp.vbs"
O4 - HKCU\..\Run: [tmp3E7E] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E7E.tmp.vbs"
O4 - HKCU\..\Run: [tmp48DB] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp48DB.tmp.vbs"
O4 - HKCU\..\Run: [1a0fcf865ad660482963ef3a2816560e] "C:\Users\HP\server.exe" ..
O4 - HKCU\..\Run: [tmp3A80] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3A80.tmp.vbs"
O4 - HKCU\..\Run: [tmpAA6A] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpAA6A.tmp.vbs"
O4 - HKCU\..\Run: [tmpDF94] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpDF94.tmp.vbs"
O4 - HKCU\..\Run: [tmp2ABC] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp2ABC.tmp.vbs"
O4 - HKCU\..\Run: [Product] C:\Users\HP\AppData\Local\Temp\jbmceqngwj.exe
O4 - HKCU\..\Run: [758841e6eac2f6b11e7cc3c2438b67f5] "C:\Users\HP\AppData\Local\Temp\jbmceqngwj.exe" ..
O4 - HKCU\..\Run: [tmp198A] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp198A.tmp.vbs"
O4 - HKCU\..\Run: [tmp520] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp520.tmp.vbs"
O4 - HKCU\..\Run: [39a975f54eec9d402ce156da3c5f0302] "C:\Users\HP\AppData\Local\Temp\chrome.exe" ..
O4 - HKCU\..\Run: [\3i3anx3lh05nib0jjb4jw1] "C:\Users\HP\AppData\Local\Temp\Svchost.exe" ..
O4 - HKCU\..\Run: [tmp3E89] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E89.tmp.vbs"
O4 - HKCU\..\Run: [tmp3E88] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E88.tmp.vbs"
O4 - HKCU\..\Run: [32a790c25e2a4b645e827300e906d14b] "C:\Users\HP\AppData\Local\Temp\cmd.exe" ..
O4 - HKCU\..\Run: [tmp10D4] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp10D4.tmp.vbs"
O4 - HKCU\..\Run: [tmp53C8] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp53C8.tmp.vbs"
O4 - HKCU\..\Run: [tmpC4D5] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpC4D5.tmp.vbs"
O4 - HKCU\..\Run: [tmp6908] wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6908.tmp.vbs"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: systeeem.vbs
O4 - Startup: tmp10D4.tmp.vbs
O4 - Startup: tmp198A.tmp.vbs
O4 - Startup: tmp1B6C.tmp.vbs
O4 - Startup: tmp2ABC.tmp.vbs
O4 - Startup: tmp3A80.tmp.vbs
O4 - Startup: tmp3AC2.tmp.vbs
O4 - Startup: tmp3E7E.tmp.vbs
O4 - Startup: tmp3E88.tmp.vbs
O4 - Startup: tmp3E89.tmp.vbs
O4 - Startup: tmp48DB.tmp.vbs
O4 - Startup: tmp520.tmp.vbs
O4 - Startup: tmp53C8.tmp.vbs
O4 - Startup: tmp63D3.tmp.vbs
O4 - Startup: tmp6908.tmp.vbs
O4 - Startup: tmp6A09.tmp.vbs
O4 - Startup: tmp6B2.tmp.vbs
O4 - Startup: tmpAA6A.tmp.vbs
O4 - Startup: tmpC327.tmp.vbs
O4 - Startup: tmpC4D5.tmp.vbs
O4 - Startup: tmpDF94.tmp.vbs
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files%20(x86)/Jewel%20Quest%20Solitaire/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files%20(x86)/Jewel%20Quest%20Solitaire/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\Avast Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Služba Avast Browser Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Avast Software\Avast\AvastSvc.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
O23 - Service: Služba Avast Browser Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.94\elevation_service.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\Avast Software\Avast\wsc_proxy.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 17944 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-24 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-24 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30 1019336]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-30 636032]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HP HD Webcam Driver_Monitor"=C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [2012-07-26 303480]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-03-14 319360]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-03-01 56088]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-03-27 291608]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"DivXMediaServer"=C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe []
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-08-15 4411440]
"BlueStacks Agent"=C:\Program Files (x86)\BlueStacks\HD-Agent.exe [2015-03-24 863960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"479c9a49f987ecec44882b8796e3b50a"=C:\Users\HP\AppData\Local\Temp\Systeme32.exe .. []
"07648c4d77e66ec99a8a499782f50811"=C:\Users\HP\AppData\Local\Temp\procexp.exe .. []
"tmp1B6C"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp1B6C.tmp.vbs []
"tmpC327"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmpC327.tmp.vbs []
"tmp6FBC"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp6FBC.tmp.vbs []
"systeeeem"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\systeeeem.vbs []
"a54d6d1e46ec2a573aab436cd804429e"=C:\Users\HP\AppData\Local\Temp\procexp.exe .. []
"tmp6B2"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp6B2.tmp.vbs []
"systeeem"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\systeeem.vbs []
"tmp63D3"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp63D3.tmp.vbs []
"tmp6A09"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp6A09.tmp.vbs []
"tmp3AC2"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp3AC2.tmp.vbs []
"tmp3E7E"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp3E7E.tmp.vbs []
"tmp48DB"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp48DB.tmp.vbs []
"1a0fcf865ad660482963ef3a2816560e"=C:\Users\HP\server.exe .. []
"tmp3A80"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp3A80.tmp.vbs []
"tmpAA6A"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmpAA6A.tmp.vbs []
"tmpDF94"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmpDF94.tmp.vbs []
"tmp2ABC"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp2ABC.tmp.vbs []
"Product"=C:\Users\HP\AppData\Local\Temp\jbmceqngwj.exe []
"758841e6eac2f6b11e7cc3c2438b67f5"=C:\Users\HP\AppData\Local\Temp\jbmceqngwj.exe .. []
"tmp198A"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp198A.tmp.vbs []
"tmp520"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp520.tmp.vbs []
"39a975f54eec9d402ce156da3c5f0302"=C:\Users\HP\AppData\Local\Temp\chrome.exe .. []
"\3i3anx3lh05nib0jjb4jw1"=C:\Users\HP\AppData\Local\Temp\Svchost.exe .. []
"tmp3E89"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp3E89.tmp.vbs []
"tmp3E88"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp3E88.tmp.vbs []
"32a790c25e2a4b645e827300e906d14b"=C:\Users\HP\AppData\Local\Temp\cmd.exe .. []
"tmp10D4"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp10D4.tmp.vbs []
"tmp53C8"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp53C8.tmp.vbs []
"tmpC4D5"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmpC4D5.tmp.vbs []
"tmp6908"=wscript.exe //B C:\Users\HP\AppData\Local\Temp\tmp6908.tmp.vbs []
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-04-22 33698888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [2021-05-06 1504312]

C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
systeeem.vbs
tmp10D4.tmp.vbs
tmp198A.tmp.vbs
tmp1B6C.tmp.vbs
tmp2ABC.tmp.vbs
tmp3A80.tmp.vbs
tmp3AC2.tmp.vbs
tmp3E7E.tmp.vbs
tmp3E88.tmp.vbs
tmp3E89.tmp.vbs
tmp48DB.tmp.vbs
tmp520.tmp.vbs
tmp53C8.tmp.vbs
tmp63D3.tmp.vbs
tmp6908.tmp.vbs
tmp6A09.tmp.vbs
tmp6B2.tmp.vbs
tmpAA6A.tmp.vbs
tmpC327.tmp.vbs
tmpC4D5.tmp.vbs
tmpDF94.tmp.vbs
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aswSP.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"vidc.VP60"=C:\Windows\system32\vp6vfw.dll
"vidc.VP61"=C:\Windows\system32\vp6vfw.dll
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2021-05-11 21:33:42 ----D---- C:\Program Files (x86)\trend micro
2021-05-11 21:33:41 ----D---- C:\rsit
2021-05-06 19:39:49 ----HD---- C:\$AV_ASW
2021-05-06 19:37:34 ----D---- C:\Program Files (x86)\AVAST Software
2021-05-06 19:35:17 ----D---- C:\Users\HP\AppData\Roaming\Avast Software
2021-05-06 19:30:19 ----D---- C:\ProgramData\Avast Software
2021-05-06 18:35:42 ----SHD---- C:\found.002

======List of files/folders modified in the last 1 month======

2021-05-11 21:33:42 ----RD---- C:\Program Files (x86)
2021-05-11 21:32:57 ----D---- C:\Windows\Temp
2021-05-11 20:42:48 ----SHD---- C:\Windows\Installer
2021-05-11 19:22:43 ----D---- C:\Program Files (x86)\Opera
2021-05-11 19:19:37 ----SHD---- C:\System Volume Information
2021-05-11 19:18:07 ----A---- C:\Windows\win.ini
2021-05-11 19:18:07 ----A---- C:\Windows\movexe.ini
2021-05-11 19:17:42 ----SHD---- C:\Config.Msi
2021-05-11 19:17:42 ----D---- C:\Windows\SysWOW64
2021-05-11 19:17:42 ----D---- C:\ProgramData\Skype
2021-05-11 19:17:41 ----D---- C:\Program Files (x86)\Common Files
2021-05-11 19:13:52 ----D---- C:\ProgramData\MFAData
2021-05-11 19:12:10 ----D---- C:\Windows\inf
2021-05-11 19:12:09 ----D---- C:\Windows\Minidump
2021-05-11 19:12:09 ----D---- C:\Windows
2021-05-11 18:27:07 ----D---- C:\Users\HP\AppData\Roaming\Skype
2021-05-11 13:46:51 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2021-05-11 08:27:43 ----A---- C:\Windows\SysWOW64\log.txt
2021-05-11 08:26:25 ----D---- C:\Windows\Prefetch
2021-05-06 23:28:09 ----D---- C:\Users\HP\AppData\Roaming\uTorrent
2021-05-06 23:27:12 ----HD---- C:\ProgramData
2021-05-06 20:27:16 ----D---- C:\Temp
2021-05-06 20:17:07 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2021-05-06 20:16:32 ----D---- C:\Windows\SysWOW64\Macromed
2021-05-06 19:59:25 ----D---- C:\Windows\System32
2021-05-06 19:49:05 ----SD---- C:\Users\HP\AppData\Roaming\Microsoft
2021-05-06 19:31:59 ----RD---- C:\Program Files
2021-05-06 18:21:42 ----D---- C:\Users\HP\AppData\Roaming\DAEMON Tools Lite
2021-05-06 18:21:41 ----D---- C:\ProgramData\BlueStacksSetup
2021-05-06 18:21:20 ----D---- C:\Windows\Logs
2021-05-06 16:40:24 ----D---- C:\Windows\Microsoft.NET
2021-05-06 16:36:57 ----RSD---- C:\Windows\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys []
R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys []
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys []
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys []
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys []
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys []
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys []
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys []
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys []
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys []
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys []
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys []
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys []
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys []
R1 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys []
R1 aswNetHub;aswNetHub; C:\Windows\system32\drivers\aswNetHub.sys []
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys []
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys []
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys []
R2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2015-03-24 144600]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys []
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys []
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys []
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys []
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys []
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys []
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys []
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys []
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BthMtpEnum;Modul pro výčet zařízení Bluetooth MTP; C:\Windows\system32\DRIVERS\BthMtpEnum.sys []
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys []
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys []
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys []
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys []
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 SPUVCbv;SPUVCb Driver Service; C:\Windows\System32\Drivers\SPUVCbv_x64.sys []
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
S1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys []
S1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys []
S1 ldwttias;ldwttias; \??\C:\Windows\system32\drivers\ldwttias.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys []
S3 HtcVCom32;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-01-25 169672]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-07 211072]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [2021-05-06 606944]
R2 avast! Tools;Avast Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [2021-05-06 356064]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [2021-05-06 56920]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2015-03-24 388824]
R2 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2015-03-24 798424]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-03-14 365440]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-03-01 13592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-28 128280]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-28 165144]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-03-28 277784]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-11-12 327680]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-28 363800]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [2021-05-06 7894040]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-03-14 994176]
S2 avast;Služba Avast Browser Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2021-05-06 194200]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]
S2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2015-03-24 433880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-15 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2021-05-06 335416]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 avastm;Služba Avast Browser Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2021-05-06 194200]
S3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService); C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.94\elevation_service.exe [2021-04-27 1396968]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-03-26 276248]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\elevation_service.exe [2021-04-24 1498216]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-15 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#2 Příspěvek od Rudy »

Zdravím!
Dejte, prosím, logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . Jsou přesnější zvláště v 64b systému. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

miška
Návštěvník
Návštěvník
Příspěvky: 148
Registrován: 17 bře 2010 10:59

Re: Prosím o kontrolu logu

#3 Příspěvek od miška »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-05-2021
Ran by HP (13-05-2021 11:01:22)
Running from C:\Users\HP\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-02-19 13:44:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1045858485-730689710-2132366811-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1045858485-730689710-2132366811-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1045858485-730689710-2132366811-1002 - Limited - Enabled)
HP (S-1-5-21-1045858485-730689710-2132366811-1000 - Administrator - Enabled) => C:\Users\HP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
AS: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\uTorrent) (Version: 3.3.1.30003 - BitTorrent Inc.)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Reader XI (11.0.13) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{8642397F-CF08-6B30-A477-A039BBAA511E}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.3.2459 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 90.0.9316.94 - AVAST Software)
AVG 2013 (HKLM\...\{BC20D4CC-C409-42A9-A783-B3ACBD5ABE91}) (Version: 13.0.3408 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3408 - AVG Technologies CZ, s.r.o.)
AVG 2014 (HKLM\...\{2EA43D50-131A-44DE-A678-47F6D572AB30}) (Version: 14.0.3604 - AVG Technologies CZ, s.r.o.) Hidden
BlueStacks Notification Center (HKLM-x32\...\{011580CB-3D7F-47A6-A5D2-1287A4E43C73}) (Version: 0.9.18.5016 - BlueStack Systems, Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.93 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HDVidCodec (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - hdvidcodec.com)
HP 3D DriveGuard (HKLM\...\{6762C07C-6D68-4179-BE01-F274AA047943}) (Version: 5.0.8.0 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.12 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.5.9.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Jewel Quest Solitaire (HKLM-x32\...\Jewel Quest Solitaire) (Version: - )
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.68.0 - JMicron Technology Corp.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.129 - PandoraTV)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Název společnosti:)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.50.1123.2011 - Realtek)
Registrace uživatele zařízení Canon MP280 series (HKLM-x32\...\Registrace uživatele zařízení Canon MP280 series) (Version: - )
Restaurant Empire (HKLM-x32\...\InstallShield_{681343DC-2519-466F-B53E-05CB9A9A6A86}) (Version: 1.00.000 - Název společnosti:)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.3.0 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
Tamagotchi Simulator 2.5 (HKLM-x32\...\TamagotchiSimulator2.5) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Web Cake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - Web Cake LLC)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files (x86)\AVG\AVG2013\avgsea.dll [2013-03-28] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1-x32: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => C:\Users\HP\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-03-30] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files (x86)\AVG\AVG2013\avgsea.dll [2013-03-28] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2008-12-04] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2011-12-26 14:20 - 2011-12-26 14:20 - 000016384 ____R () [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-01-20 15:51 - 2009-01-20 15:51 - 000007168 _____ () [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll
2012-03-30 00:07 - 2012-03-30 00:07 - 000369152 _____ () [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-08-07 19:10 - 2012-08-07 19:10 - 000021504 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Bluetooth Suite\L10n\cs-CZ\BtTray.cs-CZ.dll
2013-02-20 09:37 - 2012-02-02 03:25 - 000059904 ____R () [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-10-15 08:52 - 2014-10-15 08:52 - 000172544 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000034816 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2012-03-30 00:08 - 2012-03-30 00:08 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
2012-03-30 00:08 - 2012-03-30 00:08 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll
2012-03-30 00:08 - 2012-03-30 00:08 - 000039936 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll
2012-03-30 00:08 - 2012-03-30 00:08 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll
2012-03-30 00:08 - 2012-03-30 00:08 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Audio.Graphics.Dashboard.dll
2012-03-30 00:08 - 2012-03-30 00:08 - 000018944 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll
2012-03-30 00:07 - 2012-03-30 00:07 - 000035840 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossFireX.Graphics.Dashboard.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 000441344 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000036864 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.shared.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000057344 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU2.Graphics.Shared.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Shared.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 000052736 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000036352 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 002510848 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000110592 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 000159744 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll
2012-03-30 00:08 - 2012-03-30 00:08 - 000015872 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
2012-03-30 00:07 - 2012-03-30 00:07 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 000010752 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000172032 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 001007616 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2012-03-30 00:08 - 2012-03-30 00:08 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll
2012-03-30 00:08 - 2012-03-30 00:08 - 000011264 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll
2012-03-30 00:08 - 2012-03-30 00:08 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 000060928 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 001394176 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000282624 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Eeu.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000037888 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000413696 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000303104 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000029184 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000047104 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000025088 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000097280 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2012-03-30 00:07 - 2012-03-30 00:07 - 000020992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll
2012-01-05 19:18 - 2012-01-05 19:18 - 000147456 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
2012-03-30 00:07 - 2012-03-30 00:07 - 000222208 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerXpress.Graphics.Dashboard.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000048128 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerXpress.Graphics.Runtime.dll
2012-03-30 00:05 - 2012-03-30 00:05 - 000026112 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.PowerXpress.Graphics.Shared.dll
2012-03-30 00:07 - 2012-03-30 00:07 - 002723840 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000380928 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000061440 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2009-04-22 13:13 - 2009-04-22 13:13 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0702.dll
2009-06-17 06:27 - 2009-06-17 06:27 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2007-10-29 15:56 - 2007-10-29 15:56 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0710.dll
2009-06-17 11:24 - 2009-06-17 11:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2008-04-03 17:29 - 2008-04-03 17:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2009-01-20 16:36 - 2009-01-20 16:36 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0901.dll
2010-10-07 14:07 - 2010-10-07 14:07 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
2010-11-05 15:18 - 2010-11-05 15:18 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
2012-03-30 00:08 - 2012-03-30 00:08 - 000331776 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.cs_Localization.dll
2012-03-30 00:08 - 2012-03-30 00:08 - 000315392 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.default_Localization.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000477184 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2012-03-30 00:06 - 2012-03-30 00:06 - 000168960 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000008704 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000036864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2012-03-30 00:08 - 2012-03-30 00:08 - 000028160 _____ (Advanced Mirco Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000311296 _____ (Advanced Mirco Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2012-03-30 00:04 - 2012-03-30 00:04 - 000192512 _____ (Advanced Mirco Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2010-03-04 02:27 - 2010-03-04 02:27 - 000016384 _____ (ATI Technologies Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
2009-04-22 13:13 - 2009-04-22 13:13 - 000045056 _____ (ATI Technologies Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
2013-05-24 15:52 - 2010-04-08 13:43 - 000022528 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Solution Menu EX\LangInfo\CS\CNSELANG.dll
2013-05-24 15:50 - 2010-03-29 04:50 - 000066048 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\MyPrinter\BJMyRes.dll
2013-05-24 15:50 - 2010-03-25 03:50 - 000113152 _____ (CANON INC.) [File not signed] C:\Program Files\Canon\MyPrinter\cnmpu.dll
2021-05-06 23:21 - 2021-05-13 10:43 - 001195008 _____ (ESET) [File not signed] C:\Users\HP\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.DLL
2008-05-07 20:59 - 2008-05-07 20:59 - 000034816 _____ (Hewlett-Packard Company) [File not signed] C:\Windows\System32\hpz3llhn.dll
2009-06-22 21:19 - 2009-06-22 21:19 - 002414080 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\hpzuilhn.dll
2013-11-24 19:34 - 2008-05-07 20:59 - 000099840 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\hpzpplhn.dll
2014-09-13 09:49 - 2014-09-13 09:49 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\26b50aa1e86a984a5c0d53f2bbf95798\IAStorCommon.ni.dll
2013-02-20 09:37 - 2012-02-02 03:26 - 000007168 ____R (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2013-02-20 09:37 - 2012-02-02 03:26 - 000032768 ____R (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorIcon.resources.dll
2013-02-20 09:37 - 2012-02-02 03:26 - 000004608 ____R (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IntelVisualDesign.resources.dll
2013-02-20 09:37 - 2012-02-02 03:25 - 000176128 ____R (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
2013-02-20 09:37 - 2012-02-02 03:25 - 001319424 ____R (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2013-02-20 09:37 - 2012-02-02 03:17 - 000278016 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2013-02-20 09:52 - 2012-03-27 11:12 - 000073728 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2015-08-12 08:58 - 2015-08-12 08:58 - 000228864 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\f073662d167306f404de042fed2370cf\IAStorDataMgr.ni.dll
2020-03-10 14:53 - 2020-03-10 14:53 - 000489472 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\a038b8628203ba96df76752d3ccb0e36\IAStorUtil.ni.dll
2013-03-10 10:32 - 2013-03-10 10:32 - 000225280 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2013-03-10 09:48 - 2013-03-10 09:48 - 000245760 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
2013-09-02 07:28 - 2013-09-02 07:28 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
2013-09-02 07:28 - 2013-09-02 07:28 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2012-08-07 19:15 - 2012-08-07 19:15 - 000384128 _____ (Qualcomm Atheros -> ) [File not signed] [File is in use] C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2013-02-20 09:43 - 2012-08-09 04:12 - 000443008 ____N (Qualcomm Atheros -> Atheros) [File not signed] C:\Windows\system32\athihvs.dll
2012-08-07 19:15 - 2012-08-07 19:15 - 000253056 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvSdkDll.dll
2012-08-07 19:15 - 2012-08-07 19:15 - 000070784 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\CombineAgent.dll
2012-08-07 19:15 - 2012-08-07 19:15 - 000033408 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\CommApi.dll
2012-08-07 19:15 - 2012-08-07 19:15 - 000202368 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2012-08-07 19:15 - 2012-08-07 19:15 - 000085632 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\GattI.dll
2012-08-07 19:16 - 2012-08-07 19:16 - 000124544 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\gatts.DLL
2012-08-07 19:16 - 2012-08-07 19:16 - 000083072 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
2012-08-07 19:16 - 2012-08-07 19:16 - 000035456 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ipc.dll
2012-08-07 19:16 - 2012-08-07 19:16 - 000063104 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ModuleManager.dll
2012-08-07 19:16 - 2012-08-07 19:16 - 001067136 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\OutlookLib.dll
2012-08-07 19:16 - 2012-08-07 19:16 - 000130176 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\skypeagent.dll
2012-08-07 19:16 - 2012-08-07 19:16 - 000027264 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\TCPConnection.dll
2012-08-07 19:16 - 2012-08-07 19:16 - 000098944 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\utils.dll
2012-08-07 19:15 - 2012-08-07 19:15 - 000034944 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] [File is in use] C:\Program Files (x86)\Bluetooth Suite\BtTray.Infrastructure.dll
2012-08-07 19:15 - 2012-08-07 19:15 - 000042112 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] [File is in use] C:\Program Files (x86)\Bluetooth Suite\BtTray.Toolkit.dll
2012-08-07 19:15 - 2012-08-07 19:15 - 000114304 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] [File is in use] C:\Program Files (x86)\Bluetooth Suite\CommApiInterop.dll
2012-08-07 19:15 - 2012-08-07 19:15 - 000010880 _____ (Qualcomm Atheros -> Qualcomm Atheros) [File not signed] [File is in use] C:\Program Files (x86)\Bluetooth Suite\ExtensionToolkit.dll
2012-08-07 19:13 - 2012-08-07 19:13 - 000194048 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Audio\audio.dll
2012-08-07 19:13 - 2012-08-07 19:13 - 000177152 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\BIP\BIP.dll
2012-08-07 19:13 - 2012-08-07 19:13 - 000161792 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\BPP\BPP.dll
2012-08-07 19:11 - 2012-08-07 19:11 - 000018432 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\DID\DId.dll
2012-08-07 19:11 - 2012-08-07 19:11 - 000036352 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\FAX\Fax.dll
2012-08-07 19:13 - 2012-08-07 19:13 - 000419840 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2012-08-07 19:13 - 2012-08-07 19:13 - 000087552 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2012-08-07 19:10 - 2012-08-07 19:10 - 000096768 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\goep\goep.dll
2012-08-07 19:10 - 2012-08-07 19:10 - 000024576 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2012-08-07 19:13 - 2012-08-07 19:13 - 000091136 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2012-08-07 19:11 - 2012-08-07 19:11 - 000303616 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\LE\LE.dll
2012-08-07 19:10 - 2012-08-07 19:10 - 000098304 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\OppOperation\ObjPush.dll
2012-08-07 19:13 - 2012-08-07 19:13 - 000065024 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2012-08-07 19:13 - 2012-08-07 19:13 - 000066560 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\pbap\pbap.dll
2012-08-07 19:13 - 2012-08-07 19:13 - 000063488 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2012-08-07 19:13 - 2012-08-07 19:13 - 000097280 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\sap\sap.dll
2012-08-07 19:13 - 2012-08-07 19:13 - 000087552 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2012-08-07 19:13 - 2012-08-07 19:13 - 000055296 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\spp\spp.dll
2012-08-07 19:12 - 2012-08-07 19:12 - 000064512 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Modules\Sync\Sync.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\HP:zylomtest [0]
AlternateDataStreams: C:\Users\HP:zylomtr{000HQ7FF-AD7A-3FG5-BPAV-24QJBB1JIVVH} [32]
AlternateDataStreams: C:\ProgramData\TEMP:1DA424AA [123]
AlternateDataStreams: C:\ProgramData\TEMP:1EEB23AD [113]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:59320096 [95]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\ProgramData\TEMP:E0AE69BE [123]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.brothersoft.com?f=undefined
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
URLSearchHook: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1066435
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1066435
SearchScopes: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 2&tsp=5270
SearchScopes: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 -> 8CD64B1266F04AC89AC5507D0C01B5B6 URL = hxxp://mixidj.delta-search.com/?q={searchTerms}&affID=121125&tt=180413_new&babsrc=SP_ss&mntrId=CA5626E54361A142
SearchScopes: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.buenosearch.com/?q={searchTerms}&ba ... 2&tsp=5270
SearchScopes: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 -> {97FD17B2-9DD0-440F-B9EB-16D6F2119DF5} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=PTV&o=15184&src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^RY&apn_dtid=^YYYYYY^V2^CZ&apn_uid=b02f3322-4dd5-42be-90d2-e440f3579f60&apn_sauid=40715029-7A1B-4ED4-B6CF-2AA1F86668D5
SearchScopes: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1066435
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (Canon Inc. -> CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-24] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-10-30] (DAEMON Tools Code Signing Services -> ) [File not signed]
Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2009-10-30] (DAEMON Tools Code Signing Services -> ) [File not signed]
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2009-10-30] (DAEMON Tools Code Signing Services -> ) [File not signed]
Toolbar: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 -> No Name - {4B4D5056-3600-A76A-76A7-7A786E7484D7} - No File
DPF: HKLM-x32 {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Jewel%20Quest%20Solitaire/Images/stg_drm.ocx
DPF: HKLM-x32 {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Jewel%20Quest%20Solitaire/Images/armhelper.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1045858485-730689710-2132366811-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BBFFF18F-DE67-4430-9CAA-24CA0DC84AD6}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\Btvstack.exe (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
FirewallRules: [{CD7AE141-90B0-478A-AC9B-E76E105BF069}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
FirewallRules: [{2E155F35-33B5-4919-AD39-9A9F42B16B4A}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
FirewallRules: [{03B526B5-F4F8-4E64-9259-506325FDC05D}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\Win7Ui.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
FirewallRules: [TCP Query User{49C4F156-D110-4B74-9CEF-47497779D448}C:\program files (x86)\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\bluetooth suite\btvstack.exe (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
FirewallRules: [UDP Query User{16C43AB4-783E-4159-8A7D-6237D32567BE}C:\program files (x86)\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\bluetooth suite\btvstack.exe (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
FirewallRules: [TCP Query User{E49CC4E8-E319-46EE-8FAF-8125D1B97843}C:\program files (x86)\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\bluetooth suite\bttray.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
FirewallRules: [UDP Query User{A4F1A2C5-5238-4009-95F0-9C69000B9547}C:\program files (x86)\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\bluetooth suite\bttray.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
FirewallRules: [{F0B83B36-359C-4831-A941-315CF4092EE9}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [{C81F5D61-CA80-4F88-BA13-7EDA7BB7E06D}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [{6A35E1DA-6A19-4D84-A2E8-BCA979ACA152}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{93169B5A-61AC-42BA-8445-64203BA7F3E2}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{87AFEBD8-1D93-4208-BE17-D98F259B0558}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{1A20D74A-EE5D-49EE-A006-2B826D6617E2}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{6C260F8C-EA05-4C62-BAD3-E3A2EC860860}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{BD412734-4914-48DA-BFE7-DE7ABE7AC184}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{372F6D53-49B2-42A8-86B3-7D03E5968D76}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{AD5DE0AB-82C1-48CB-9BDD-CA69CA0301AB}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{7C0CD20F-B995-4484-BE64-C015832D6918}] => (Allow) C:\Program Files (x86)\ExpressFiles\expressdl.exe => No File
FirewallRules: [{EDD3E445-07E8-4CA8-A898-D0E143A10FAF}] => (Allow) C:\Program Files (x86)\ExpressFiles\expressdl.exe => No File
FirewallRules: [{E006F0BC-76B8-4071-ACE6-4D0510B0204C}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe => No File
FirewallRules: [{8DA9BF33-D189-4198-ACAE-914870475C91}] => (Allow) C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe => No File
FirewallRules: [{0D85299A-3542-4774-8839-A355FB19CC77}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{3FC72417-0EDC-4945-80A7-ABF89A01CEE8}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{4E01839E-CD7C-45AC-A0F9-3CC8702C6757}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{8C545A5E-2CBF-4C85-9B8A-2BC9E561A2E1}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{C0D90D07-5D42-4C91-A5A3-46B01F5EDBB5}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{BB6A7C8C-3051-43C9-A912-3E37DFAAEB61}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{87B4D5E0-C121-4D24-942C-ABBA2DDB4389}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{0CCD130F-5CDE-4D71-B3A6-C6DEAB9DCA8F}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{0B4733AF-F20C-420F-B07B-F6EEA69E846A}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{CCB80C10-15E0-43A3-B15B-641040E6B29F}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{0AF60574-50A3-4E56-BFD7-FF3F2D405A21}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe => No File
FirewallRules: [{6F0636E5-DEA8-4D12-8B26-3FECC3EF273C}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{376E42D6-C93E-49B6-9F83-E0419A05C047}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{2EDF5826-1CC3-4F82-813C-FB1AA6DAEEB4}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{374028B6-37F8-45A0-B3E5-9343BFAD3322}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{78B35960-15ED-4E75-B335-6FBB50AF26E9}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{2C4E46D2-3559-4B03-B4D9-5E393409D504}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [TCP Query User{532F26EC-2EDA-4C1A-8A4F-0BD20B452B0F}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{870B8294-F75F-4660-A87A-7CC5FE31D92A}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{EBDE7856-58DB-49C8-9DB4-7E0EA04E8DC0}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{53C3F4A2-DF0E-409B-BC9F-E747367BB384}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{98B43AE5-4B97-41B7-A805-834339898CF7}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [UDP Query User{36BDD8DA-5EB5-4468-A273-233ED32FDA1B}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [{A820039B-A712-4027-890F-563B027B0B86}] => (Block) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [{F9A0AD4C-3871-41A8-8AE1-BE78F2A57B92}] => (Block) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [TCP Query User{FC8B1561-4F28-4769-A4C0-C4A69E13A34F}C:\program files (x86)\popcorn time fleex edition\popcorn-time-fleex.exe] => (Allow) C:\program files (x86)\popcorn time fleex edition\popcorn-time-fleex.exe => No File
FirewallRules: [UDP Query User{A79B4061-9D43-4BEB-862D-CC5A7DD01A06}C:\program files (x86)\popcorn time fleex edition\popcorn-time-fleex.exe] => (Allow) C:\program files (x86)\popcorn time fleex edition\popcorn-time-fleex.exe => No File
FirewallRules: [TCP Query User{A5A85AC3-1192-412B-B9AA-558579DCC2B9}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{C86B3E25-A62B-42C5-9676-88735CC6E05C}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe (Electronic Arts) [File not signed]
FirewallRules: [{C78E5C77-D038-47B5-8E57-130FD668355F}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{5E9090A3-5E46-47C0-838F-43FD6588B806}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{6DCDE687-7C7D-45F5-947E-A37219146693}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8C9D7429-3BAB-4886-8F4F-D11013156963}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{51B2DA6E-A9DA-4A9E-A5FB-4C58A3C92509}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [{24778E7D-0D7C-4976-A65B-8F996ECF53AB}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [TCP Query User{F7A67382-F324-4DEC-B522-E25961A223E2}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{FE2263EF-9CF5-4B80-AA89-CE069E71B50E}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{802A873F-FFA6-4AE1-936C-9120F6D4E424}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8679B108-704B-4D99-AF9A-7C0496A5C49D}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{75969E8B-5AC4-4A3F-ADB4-3F0DCC318910}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{D36E85D0-1655-464F-9343-740C0124A91E}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe (Electronic Arts) [File not signed]

==================== Restore Points =========================

09-01-2016 08:50:57 Windows Update
09-01-2016 14:58:18 Windows Update
18-01-2016 19:45:40 Windows Update
06-05-2021 17:44:25 Windows Update
06-05-2021 17:49:51 Windows Defender Checkpoint
11-05-2021 19:17:07 Removed Skype™ 7.7
11-05-2021 19:19:31 Odstraněno The Sims 3

==================== Faulty Device Manager Devices ============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (05/13/2021 11:02:39 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/13/2021 10:42:50 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/13/2021 10:34:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: avgdiagex.exe, verze: 13.0.0.3304, časové razítko: 0x51539980
Název chybujícího modulu: avgduix.dll, verze: 13.0.0.3211, časové razítko: 0x5122e30b
Kód výjimky: 0xc0000005
Posun chyby: 0x000527d9
ID chybujícího procesu: 0xbb0
Čas spuštění chybující aplikace: 0x01d747d2aca796b1
Cesta k chybující aplikaci: C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\AVG\AVG2013\avgduix.dll
ID zprávy: f7f10fc4-b3c5-11eb-8e34-74e5436237a6

Error: (05/13/2021 10:34:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: avgwdsvc.exe, verze: 13.0.0.3390, časové razítko: 0x51eea58d
Název chybujícího modulu: avgwd.dll, verze: 13.0.0.3406, časové razítko: 0x52291686
Kód výjimky: 0xc0000005
Posun chyby: 0x000808f1
ID chybujícího procesu: 0xc5c
Čas spuštění chybující aplikace: 0x01d747d2aa0cb6f7
Cesta k chybující aplikaci: C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\AVG\AVG2013\avgwd.dll
ID zprávy: f7ec4d04-b3c5-11eb-8e34-74e5436237a6

Error: (05/13/2021 10:33:36 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.ApplicationException: Cannot start service. C:\ProgramData\BlueStacks\Android\kernel.elf.signature doesn't exist
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/11/2021 09:42:48 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/11/2021 08:42:48 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/11/2021 07:42:48 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (05/13/2021 10:45:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (05/13/2021 10:45:27 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\HP\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (05/13/2021 10:45:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (05/13/2021 10:45:26 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\HP\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (05/13/2021 10:45:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (05/13/2021 10:45:26 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\HP\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (05/13/2021 10:45:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (05/13/2021 10:45:26 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\HP\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.


Windows Defender:
================
Date: 2021-05-06 18:59:26.481
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=261488
Název:Spyware:MSIL/Keylogger.GB!MTB
Závažnost:Vysoké
Kategorie:Spyware
Nalezeno v cestě:file:C:\Users\HP\AppData\Local\Temp\procxexp.exe;process:pid:6412,ProcessStart:132647934065528525;regkey:HKCU@S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\534d745390fdf7ecee18ac89e08f5536;runkey:HKCU@S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\534d745390fdf7ecee18ac89e08f5536
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2021-05-06 18:56:23.376
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=261488
Název:Spyware:MSIL/Keylogger.GB!MTB
Závažnost:Vysoké
Kategorie:Spyware
Nalezeno v cestě:file:C:\Users\HP\AppData\Local\Temp\procxexp.exe;process:pid:6412,ProcessStart:132647934065528525
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2021-05-06 17:49:51.052
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=261488
Název:Spyware:MSIL/Keylogger.GB!MTB
Závažnost:Vysoké
Kategorie:Spyware
Nalezeno v cestě:file:C:\Users\HP\AppData\Local\Temp\procxexp.exe;process:pid:4288,ProcessStart:132647693646185861;regkey:HKCU@S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\534d745390fdf7ecee18ac89e08f5536;regkey:HKCU@S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\96d8c32f941bac361720175180feed57;runkey:HKCU@S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\534d745390fdf7ecee18ac89e08f5536;runkey:HKCU@S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\96d8c32f941bac361720175180feed57
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2021-05-06 17:47:31.493
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=261488
Název:Spyware:MSIL/Keylogger.GB!MTB
Závažnost:Vysoké
Kategorie:Spyware
Nalezeno v cestě:file:C:\Users\HP\AppData\Local\Temp\procxexp.exe;process:pid:4288,ProcessStart:132647693646185861
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2014-10-12 09:24:10.594
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C4235520-5A06-4D56-A7FF-BAD73473E763}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2016-01-18 18:43:17.441
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-08-17 13:56:02.475
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-07-21 17:51:14.839
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-01-22 15:06:56.218
Description:
Modul programu %1 byl ukončen v důsledku neočekávané chyby.
Typ chyby:%5
Kód výjimky:%6
Zdroj:%3

Date: 2014-12-04 02:43:19.681
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

==================== Memory info ===========================

BIOS: Hewlett-Packard 68IRR Ver. F.42 07/16/2013
Motherboard: Hewlett-Packard 17F6
Processor: Intel(R) Pentium(R) CPU B970 @ 2.30GHz
Percentage of memory in use: 89%
Total physical RAM: 3977.48 MB
Available physical RAM: 405.05 MB
Total Virtual: 7953.17 MB
Available Virtual: 2969.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:515.35 GB) NTFS

\\?\Volume{c86133c3-7a97-11e2-996d-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: B9D9C8E2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ====================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-05-2021
Ran by HP (administrator) on HP-PC (Hewlett-Packard HP ProBook 4540s) (13-05-2021 10:57:16)
Running from C:\Users\HP\Downloads
Loaded Profiles: HP & Administrator
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvBugReport.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Bluestack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Bluestack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Electronic Arts) [File not signed] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
(ESET, spol. s r.o. -> ESET) C:\Users\HP\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Oracle America, Inc. -> Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Sunplus Innovation Technology Inc. -> ) [File not signed] C:\Program Files (x86)\HP HD Webcam Driver\Monitor.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [763520 2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-09] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-12] (IDT, Inc.) [File not signed]
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [118496 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [303480 2012-07-26] (Sunplus Innovation Technology Inc. -> ) [File not signed]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Oracle America, Inc. -> Sun Microsystems, Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [863960 2015-03-24] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts) [File not signed]
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [479c9a49f987ecec44882b8796e3b50a] => "C:\Users\HP\AppData\Local\Temp\Systeme32.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [07648c4d77e66ec99a8a499782f50811] => "C:\Users\HP\AppData\Local\Temp\procexp.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp1B6C] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp1B6C.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpC327] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpC327.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6FBC] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6FBC.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [systeeeem] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\systeeeem.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [a54d6d1e46ec2a573aab436cd804429e] => "C:\Users\HP\AppData\Local\Temp\procexp.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6B2] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6B2.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [systeeem] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\systeeem.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp63D3] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp63D3.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6A09] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6A09.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3AC2] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3AC2.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3E7E] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E7E.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp48DB] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp48DB.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [1a0fcf865ad660482963ef3a2816560e] => "C:\Users\HP\server.exe" ..
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3A80] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3A80.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpAA6A] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpAA6A.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpDF94] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpDF94.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp2ABC] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp2ABC.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [Product] => C:\Users\HP\AppData\Local\Temp\jbmceqngwj.exe <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [758841e6eac2f6b11e7cc3c2438b67f5] => "C:\Users\HP\AppData\Local\Temp\jbmceqngwj.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp198A] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp198A.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp520] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp520.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [39a975f54eec9d402ce156da3c5f0302] => "C:\Users\HP\AppData\Local\Temp\chrome.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [\3i3anx3lh05nib0jjb4jw1] => "C:\Users\HP\AppData\Local\Temp\Svchost.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3E89] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E89.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3E88] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E88.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [32a790c25e2a4b645e827300e906d14b] => "C:\Users\HP\AppData\Local\Temp\cmd.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp10D4] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp10D4.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp53C8] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp53C8.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpC4D5] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpC4D5.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6908] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6908.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {64c1ce72-a5a2-11e2-8ef4-b4b52f74a535} - E:\Autorun.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {78054ae3-457d-11e3-a9db-74e5436237a6} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {78054ae6-457d-11e3-a9db-74e5436237a6} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {b73de67b-c2f7-11e3-a2e4-74e5436237a6} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {c86133c7-7a97-11e2-996d-806e6f6e6963} - D:\SWSETUP\APPINSTL\hpsoftwaresetup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-23] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP280 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\Windows\system32\CNMLMAA.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\Windows\system32\hpz3llhn.dll [34816 2008-05-07] (Hewlett-Packard Company) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-05-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.94\Installer\chrmstp.exe [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\systeeem.vbs [2015-06-06] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp10D4.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp198A.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp1B6C.tmp.vbs [2015-06-06] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp2ABC.tmp.vbs [2020-07-24] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3A80.tmp.vbs [2020-03-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3AC2.tmp.vbs [2015-08-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E7E.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E88.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E89.tmp.vbs [2015-08-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp48DB.tmp.vbs [2020-03-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp520.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp53C8.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp63D3.tmp.vbs [2015-08-03] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6908.tmp.vbs [2015-06-06] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6A09.tmp.vbs [2015-08-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6B2.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpAA6A.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpC327.tmp.vbs [2015-08-08] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpC4D5.tmp.vbs [2020-03-09] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpDF94.tmp.vbs [2020-03-09] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2021-02-21]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\Users\Administrator\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\HP\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1FF7FA22-6CDF-485B-9F13-C96F789F5682} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {23626978-507D-48D9-B660-5EA5B0329E2A} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser
Task: {2E3E5201-D600-414C-8AA9-7995FB509410} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {2E3E5201-D600-414C-8AA9-7995FB509410} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation)
Task: {3F76E0BD-FF5C-4520-BDCC-0D2A43BAD7EC} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {4054D2D7-74AC-4AAA-8F9F-F56CE3D43617} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {41877916-772B-4FE3-AF9E-851A394CA4CE} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Administrator => F:\programs\HARDDISK TOOLS\Hard Disk Sentinel\HDSentinel.exe
Task: {440448F5-64B8-49A2-A075-5107072032BF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-05-06] (Avast Software s.r.o. -> Avast Software)
Task: {45601BD9-77A0-4419-9B64-C9A07C652516} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-15] (Google Inc -> Google Inc.)
Task: {572755CB-95A2-4236-8A54-3731B7FF9646} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\HP\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007456 2021-05-06] (ESET, spol. s r.o. -> ESET)
Task: {710E386C-903E-4F76-A3D4-2F73402BC421} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe <==== ATTENTION
Task: {86036A6C-8A82-40CD-9410-2806F50E8036} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\HP\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007456 2021-05-06] (ESET, spol. s r.o. -> ESET)
Task: {A16F4D1C-4126-4599-974E-1A66FADCF290} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A7B89CA7-C559-468C-9BB4-A92A1DBEF346} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
Task: {B7AE16C4-2611-4F2F-A17A-50D54441A5E2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2021-05-06] (Adobe Inc. -> Adobe)
Task: {B90C3B24-4871-4BC2-8509-4B30AFE66D77} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-05-06] (Adobe Inc. -> Adobe)
Task: {B9F686F9-BC92-4ADE-87B3-9076360803CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {C0F73A9D-6280-4A8C-907C-6964E94EB4F5} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4699872 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
Task: {C78654E0-D3B4-42C5-B8E1-42F05B065F0C} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {C9E615ED-5C57-4C17-A278-12D8ECF359DE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {C9E615ED-5C57-4C17-A278-12D8ECF359DE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation)
Task: {CBA2F9D5-1C24-48BD-85D2-81E509F8113B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
Task: {D6901769-0BBC-4BDC-B4F4-5AE21BA36E55} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {D9E86DC8-524A-46D0-B58D-AA53EE6D9227} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {D9E86DC8-524A-46D0-B58D-AA53EE6D9227} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {D9E86DC8-524A-46D0-B58D-AA53EE6D9227} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation)
Task: {E44129DB-CD1B-4148-90A0-79EF6FF4BF68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-15] (Google Inc -> Google Inc.)
Task: {FC448C9B-C0C3-4464-A63C-894BEADD49A6} - System32\Tasks\{6840B39C-F370-4AC1-A580-91E063E06C9F} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Tamagotchi Simulator\fimain.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0A39EE86-807A-4082-A15E-572BC6DBE5AE}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{E7BC3211-21AE-408E-8BCE-8C59FDF7A222}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F386FD0C-EA75-4002-9925-2A713DCCD12A}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2021-05-06] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2021-05-06] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-03-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2006-09-26] (Zylom) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2021-05-13]
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-07]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-06]
CHR HKLM-x32\...\Chrome\Extension: [dnllcmllkjofnojidnaknldfehfhehoo] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-05-06] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7894040 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211072 2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [606944 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [356064 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.94\elevation_service.exe [1396968 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-03-24] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-24] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [798424 2015-03-24] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-07] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35664 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [212192 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [365024 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250336 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99288 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41296 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [180448 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522384 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2021-05-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107792 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82872 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [850632 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467720 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215352 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326992 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [144600 2015-03-24] (Bluestack Systems, Inc. -> BlueStack Systems)
R3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (Sqa.com(Test) -> QUALCOMM Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-10-10] (Disc Soft Ltd -> Duplex Secure Ltd.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1062008 2012-08-03] (Sunplus Innovation Technology Inc. -> Sunplus)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [543744 2012-11-12] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S1 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
S1 ldwttias; \??\C:\Windows\system32\drivers\ldwttias.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-13 10:57 - 2021-05-13 11:00 - 000038401 _____ C:\Users\HP\Downloads\FRST.txt
2021-05-13 10:56 - 2021-05-13 10:59 - 000000000 ____D C:\FRST
2021-05-13 10:55 - 2021-05-13 10:55 - 002299392 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2021-05-11 21:33 - 2021-05-11 21:33 - 001107968 _____ C:\Users\HP\Downloads\RSIT.exe
2021-05-11 21:33 - 2021-05-11 21:33 - 000000000 ____D C:\rsit
2021-05-11 21:33 - 2021-05-11 21:33 - 000000000 ____D C:\Program Files (x86)\trend micro
2021-05-11 13:32 - 2021-05-11 13:32 - 008703024 _____ (ESET) C:\Users\HP\Downloads\eset_smart_security_premium_live_installer.exe
2021-05-06 23:49 - 2021-05-06 23:49 - 000003744 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2021-05-06 23:49 - 2021-05-06 23:49 - 000003304 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2021-05-06 23:20 - 2021-05-13 10:43 - 000001189 _____ C:\Users\HP\Desktop\ESET Online Scanner.lnk
2021-05-06 23:20 - 2021-05-06 23:20 - 000000000 ____D C:\Users\HP\AppData\Local\ESET
2021-05-06 23:19 - 2021-05-06 23:19 - 011697056 _____ (ESET) C:\Users\HP\Downloads\esetonlinescanner.exe
2021-05-06 20:18 - 2021-05-06 20:18 - 000001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-05-06 20:18 - 2021-05-06 20:18 - 000001066 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-05-06 19:48 - 2021-05-06 19:48 - 000004474 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-05-06 19:39 - 2021-05-06 19:39 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-05-06 19:39 - 2021-05-06 19:39 - 000003150 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2021-05-06 19:39 - 2021-05-06 19:39 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-05-06 19:39 - 2021-05-06 19:39 - 000002458 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-05-06 19:39 - 2021-05-06 19:39 - 000002458 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2021-05-06 19:39 - 2021-05-06 19:39 - 000000000 ___HD C:\$AV_ASW
2021-05-06 19:39 - 2021-05-06 19:39 - 000000000 ____D C:\Users\HP\AppData\Local\AVAST Software
2021-05-06 19:37 - 2021-05-06 19:37 - 000003426 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineUA
2021-05-06 19:37 - 2021-05-06 19:37 - 000003298 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineCore
2021-05-06 19:37 - 2021-05-06 19:37 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2021-05-06 19:35 - 2021-05-06 19:35 - 000002075 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-05-06 19:35 - 2021-05-06 19:35 - 000002075 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2021-05-06 19:35 - 2021-05-06 19:35 - 000000000 ____D C:\Users\HP\AppData\Roaming\Avast Software
2021-05-06 19:35 - 2021-05-06 19:35 - 000000000 ____D C:\Users\HP\AppData\Local\CEF
2021-05-06 19:35 - 2021-05-06 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2021-05-06 19:33 - 2021-05-06 19:33 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-05-06 19:32 - 2021-05-13 10:39 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-05-06 19:32 - 2021-05-06 19:32 - 000850632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000522384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000467720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000365024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000339680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-05-06 19:32 - 2021-05-06 19:32 - 000326992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000250336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000215352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000212192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000180448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000099288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000082872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000041296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000035664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-05-06 19:31 - 2021-05-06 19:31 - 000000000 ____D C:\Program Files\Avast Software
2021-05-06 19:30 - 2021-05-13 10:37 - 000000000 ____D C:\ProgramData\Avast Software
2021-05-06 19:05 - 2021-05-06 19:05 - 000220392 _____ (AVAST Software) C:\Users\HP\Downloads\avast_free_antivirus_setup_online.exe
2021-05-06 18:35 - 2021-05-06 18:35 - 000000000 __SHD C:\found.002
2021-05-06 18:15 - 2021-05-13 10:37 - 000000000 ____D C:\Program Files\CCleaner
2021-05-06 18:15 - 2021-05-06 20:26 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-05-06 18:15 - 2021-05-06 18:15 - 000002796 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-05-06 18:15 - 2021-05-06 18:15 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-05-06 18:15 - 2021-05-06 18:15 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-05-06 18:15 - 2021-05-06 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-05-06 18:00 - 2021-05-06 18:01 - 031273232 _____ (Piriform Software Ltd) C:\Users\HP\Downloads\ccsetup578.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-13 10:45 - 2009-07-14 06:45 - 000018928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-05-13 10:45 - 2009-07-14 06:45 - 000018928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-05-13 10:34 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-05-13 10:33 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-05-11 19:22 - 2013-03-12 22:33 - 000000000 ____D C:\Program Files (x86)\Opera
2021-05-11 19:19 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2021-05-11 19:18 - 2013-08-07 11:15 - 000000051 _____ C:\Windows\movexe.ini
2021-05-11 19:18 - 2013-04-28 12:41 - 000000000 ____D C:\Program Files\Tamagotchi Simulator
2021-05-11 19:18 - 2009-07-14 04:34 - 000000529 _____ C:\Windows\win.ini
2021-05-11 19:17 - 2013-02-27 22:20 - 000000000 ____D C:\ProgramData\Skype
2021-05-11 19:13 - 2013-06-23 11:03 - 000000000 ____D C:\ProgramData\MFAData
2021-05-11 19:12 - 2013-08-05 21:08 - 000000000 ____D C:\Windows\Minidump
2021-05-11 19:12 - 2013-03-03 13:38 - 000000000 ____D C:\Users\HP\AppData\Local\CrashDumps
2021-05-11 18:27 - 2013-02-27 22:20 - 000000000 ____D C:\Users\HP\AppData\Roaming\Skype
2021-05-11 13:49 - 2013-08-19 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2021-05-11 13:46 - 2013-04-15 09:58 - 000000000 ____D C:\Program Files (x86)\DAEMON Tools Toolbar
2021-05-06 23:28 - 2013-09-14 13:44 - 000000000 ____D C:\Users\HP\AppData\Roaming\uTorrent
2021-05-06 23:28 - 2013-09-14 13:44 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2021-05-06 20:27 - 2014-09-16 22:48 - 000000000 ____D C:\Temp
2021-05-06 20:18 - 2013-03-04 20:37 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-06 20:18 - 2013-03-04 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-06 20:18 - 2013-03-04 20:37 - 000000000 ____D C:\Program Files\WinRAR
2021-05-06 20:17 - 2013-02-27 20:43 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2021-05-06 20:17 - 2013-02-27 20:43 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2021-05-06 20:17 - 2013-02-27 20:43 - 000004396 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2021-05-06 20:16 - 2013-02-27 20:43 - 000000000 ____D C:\Windows\system32\Macromed
2021-05-06 20:16 - 2013-02-27 20:41 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-05-06 19:59 - 2009-08-31 00:45 - 005193434 _____ C:\Windows\system32\perfh005.dat
2021-05-06 19:59 - 2009-08-31 00:45 - 001718272 _____ C:\Windows\system32\perfc005.dat
2021-05-06 19:59 - 2009-07-14 07:13 - 000006248 _____ C:\Windows\system32\PerfStringBackup.INI
2021-05-06 18:21 - 2013-04-20 20:13 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2021-05-06 18:21 - 2013-04-15 09:49 - 000000000 ____D C:\Users\HP\AppData\Roaming\DAEMON Tools Lite
2021-05-06 18:09 - 2013-02-27 22:29 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-06 17:56 - 2013-02-27 22:27 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-06 17:56 - 2013-02-27 22:27 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-06 17:38 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2021-05-06 12:34 - 2014-01-17 19:54 - 000000000 ____D C:\Users\HP\Desktop\Filmy

==================== Files in the root of some directories ========

2016-01-08 17:26 - 2016-01-08 17:26 - 006420480 _____ () C:\Program Files (x86)\GUT2CDB.tmp
2015-09-11 16:28 - 2015-09-11 16:28 - 006420480 _____ () C:\Program Files (x86)\GUT50DE.tmp
2016-02-16 14:16 - 2016-02-16 14:16 - 006871040 _____ () C:\Program Files (x86)\GUTC2A3.tmp
2013-12-27 18:17 - 2014-01-07 21:09 - 000001755 _____ () C:\Users\HP\AppData\Roaming\msltppo.dat
2013-12-27 18:17 - 2014-01-17 15:50 - 000000027 _____ () C:\Users\HP\AppData\Roaming\msqvov.dat
2015-01-12 21:15 - 2015-01-12 21:15 - 000000000 _____ () C:\Users\HP\AppData\Local\{579EC55E-9F89-41C1-A3D1-6CEAE46E43B6}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2014-12-18 04:22
==================== End of FRST.txt ========================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#4 Příspěvek od Rudy »

Teď spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

miška
Návštěvník
Návštěvník
Příspěvky: 148
Registrován: 17 bře 2010 10:59

Re: Prosím o kontrolu logu

#5 Příspěvek od miška »

ještě tam byla kamera v předinstalovan-ýcbh na seznamu


# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-28.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-13-2021
# Duration: 00:00:16
# OS: Windows 7 Home Premium
# Cleaned: 140
# Failed: 3


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\77zip
Deleted C:\Program Files (x86)\7Go Games
Deleted C:\Program Files (x86)\AskPartnerNetwork
Deleted C:\Program Files (x86)\Conduit
Deleted C:\Program Files (x86)\DAEMON Tools Toolbar
Deleted C:\Program Files (x86)\GreenTree Applications
Deleted C:\Program Files (x86)\PANDORA.TV
Deleted C:\Program Files (x86)\PC Performer
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Program Files (x86)\SimilarSites
Deleted C:\Program Files (x86)\Speed Analysis 3
Deleted C:\Program Files (x86)\WinZip Registry Optimizer
Deleted C:\Program Files (x86)\hdvidcodec.com
Deleted C:\ProgramData\Ask
Deleted C:\ProgramData\AskPartnerNetwork
Deleted C:\ProgramData\IBUpdaterService
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted C:\ProgramData\Tarma Installer
Deleted C:\ProgramData\apn
Deleted C:\ProgramData\ytd video downloader
Deleted C:\Users\HP\AppData\Roaming\7go
Deleted C:\Users\HP\AppData\Roaming\ExpressFiles
Deleted C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com
Deleted C:\Users\HP\AppData\Roaming\OpenCandy
Deleted C:\Users\HP\AppData\Roaming\Performersoft
Deleted C:\Users\HP\AppData\Roaming\RHEng
Deleted C:\Users\HP\AppData\Roaming\Seznam.cz
Deleted C:\Users\HP\AppData\Roaming\SimilarSites
Deleted C:\Users\HP\AppData\Roaming\SpeedAnalysis3
Deleted C:\Users\HP\AppData\Roaming\Systweak
Deleted C:\Users\HP\AppData\Roaming\Web Cake
Deleted C:\Users\HP\AppData\Roaming\iWin
Deleted C:\Users\Public\Documents\iWin

***** [ Files ] *****

Deleted C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
Deleted C:\Windows\System32\roboot64.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\EXPRESS FILESUPDATE

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\07648c4d77e66ec99a8a499782f50811
Deleted HKCU\SOFTWARE\1a0fcf865ad660482963ef3a2816560e
Deleted HKCU\SOFTWARE\32a790c25e2a4b645e827300e906d14b
Deleted HKCU\SOFTWARE\39a975f54eec9d402ce156da3c5f0302
Deleted HKCU\SOFTWARE\479c9a49f987ecec44882b8796e3b50a
Deleted HKCU\SOFTWARE\534d745390fdf7ecee18ac89e08f5536
Deleted HKCU\SOFTWARE\53b07e273dda1ff4ff75606570e70a20
Deleted HKCU\SOFTWARE\6501b9e18ff11b877b8fce670cce7729
Deleted HKCU\SOFTWARE\758841e6eac2f6b11e7cc3c2438b67f5
Deleted HKCU\SOFTWARE\828b8645780e5a30945d953ac2a0a203
Deleted HKCU\SOFTWARE\857dbdfe768ee41
Deleted HKCU\SOFTWARE\96d8c32f941bac361720175180feed57
Deleted HKCU\SOFTWARE\a54d6d1e46ec2a573aab436cd804429e
Deleted HKCU\Software\1ClickDownload
Deleted HKCU\Software\APN PIP
Deleted HKCU\Software\AppDataLow\Software\Crossrider
Deleted HKCU\Software\CToolbar
Deleted HKCU\Software\Classes\pokki
Deleted HKCU\Software\DC3_FEXEC
Deleted HKCU\Software\DataMngr
Deleted HKCU\Software\DataMngr_Toolbar
Deleted HKCU\Software\ExpressFiles
Deleted HKCU\Software\GotClip Downloader
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\8CD64B1266F04AC89AC5507D0C01B5B6
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Deleted HKCU\Software\Microsoft\Internet Explorer\TabbedBrowsing|bProtectShowTabsWelcome
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{4B4D5056-3600-A76A-76A7-7A786E7484D7}
Deleted HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Deleted HKCU\Software\PIP
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\Softonic
Deleted HKCU\Software\dt soft\daemon tools toolbar
Deleted HKCU\Software\filescout
Deleted HKCU\Software\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKLM\SOFTWARE\Classes\Toolbar.CT1066435
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{710E386C-903E-4F76-A3D4-2F73402BC421}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Express FilesUpdate
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{FC8B1561-4F28-4769-A4C0-C4A69E13A34F}C:\program files (x86)\popcorn time fleex edition\popcorn-time-fleex.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{A79B4061-9D43-4BEB-862D-CC5A7DD01A06}C:\program files (x86)\popcorn time fleex edition\popcorn-time-fleex.exe
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0AF60574-50A3-4E56-BFD7-FF3F2D405A21}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7C0CD20F-B995-4484-BE64-C015832D6918}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8DA9BF33-D189-4198-ACAE-914870475C91}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E006F0BC-76B8-4071-ACE6-4D0510B0204C}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{EDD3E445-07E8-4CA8-A898-D0E143A10FAF}
Deleted HKLM\Software\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Deleted HKLM\Software\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Deleted HKLM\Software\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Deleted HKLM\Software\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted HKLM\Software\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Deleted HKLM\Software\Classes\Prod.cap
Deleted HKLM\Software\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Deleted HKLM\Software\Classes\driverscanner
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Deleted HKLM\Software\Speedchecker Limited
Deleted HKLM\Software\Tarma Installer
Deleted HKLM\Software\Wow6432Node\857dbdfe768ee41
Deleted HKLM\Software\Wow6432Node\CToolbar
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\DataMngr
Deleted HKLM\Software\Wow6432Node\ExpressFiles
Deleted HKLM\Software\Wow6432Node\PIP
Deleted HKLM\Software\Wow6432Node\Uniblue
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{A2773ED4-83BD-488A-A186-73590706C916}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\AboutURLs|bProtectTabs
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Deleted HKLM\Software\Wow6432Node\dt soft\daemon tools toolbar
Deleted HKLM\Software\Wow6432Node\systweak
Deleted HKLM\Software\Wow6432Node\{DAF8B7E5-449D-4180-8281-10E536E597F2}
Deleted HKU\.DEFAULT\Software\AppDataLow\Software\DefaultTab
Deleted HKU\.DEFAULT\Software\AskToolbar
Deleted HKU\.DEFAULT\Software\DefaultTab
Deleted HKU\S-1-5-18\Software\AppDataLow\Software\DefaultTab
Deleted HKU\S-1-5-18\Software\AskToolbar
Deleted HKU\S-1-5-18\Software\DefaultTab
Deleted HKU\S-1-5-21-1045858485-730689710-2132366811-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted HKU\S-1-5-21-1045858485-730689710-2132366811-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{828DC97A-2277-4E10-92A9-4907FA0922A9}
Deleted HKU\S-1-5-21-1045858485-730689710-2132366811-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}
Deleted HKU\S-1-5-21-1045858485-730689710-2132366811-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Deleted HKU\S-1-5-21-1045858485-730689710-2132366811-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{828DC97A-2277-4E10-92A9-4907FA0922A9}
Deleted HKU\S-1-5-21-1045858485-730689710-2132366811-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}
Not Deleted HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{D8278076-BC68-4484-9233-6E7F1628B56C}
Not Deleted HKLM\Software\Microsoft\Internet Explorer\Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17}
Not Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [15517 octets] - [13/05/2021 15:13:27]
AdwCleaner[S01].txt - [15579 octets] - [13/05/2021 15:24:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#6 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

miška
Návštěvník
Návštěvník
Příspěvky: 148
Registrován: 17 bře 2010 10:59

Re: Prosím o kontrolu logu

#7 Příspěvek od miška »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2021
Ran by HP (13-05-2021 17:51:18)
Running from C:\Users\HP\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-02-19 13:44:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1045858485-730689710-2132366811-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1045858485-730689710-2132366811-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1045858485-730689710-2132366811-1002 - Limited - Enabled)
HP (S-1-5-21-1045858485-730689710-2132366811-1000 - Administrator - Enabled) => C:\Users\HP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
AS: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG update module (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\uTorrent) (Version: 3.3.1.30003 - BitTorrent Inc.)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Reader XI (11.0.13) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{8642397F-CF08-6B30-A477-A039BBAA511E}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.3.2459 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 90.0.9316.94 - AVAST Software)
AVG 2013 (HKLM\...\{BC20D4CC-C409-42A9-A783-B3ACBD5ABE91}) (Version: 13.0.3408 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3408 - AVG Technologies CZ, s.r.o.)
AVG 2014 (HKLM\...\{2EA43D50-131A-44DE-A678-47F6D572AB30}) (Version: 14.0.3604 - AVG Technologies CZ, s.r.o.) Hidden
BlueStacks Notification Center (HKLM-x32\...\{011580CB-3D7F-47A6-A5D2-1287A4E43C73}) (Version: 0.9.18.5016 - BlueStack Systems, Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.79 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HP 3D DriveGuard (HKLM\...\{6762C07C-6D68-4179-BE01-F274AA047943}) (Version: 5.0.8.0 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.12 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.5.9.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Jewel Quest Solitaire (HKLM-x32\...\Jewel Quest Solitaire) (Version: - )
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.68.0 - JMicron Technology Corp.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.129 - PandoraTV)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Název společnosti:)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.50.1123.2011 - Realtek)
Registrace uživatele zařízení Canon MP280 series (HKLM-x32\...\Registrace uživatele zařízení Canon MP280 series) (Version: - )
Restaurant Empire (HKLM-x32\...\InstallShield_{681343DC-2519-466F-B53E-05CB9A9A6A86}) (Version: 1.00.000 - Název společnosti:)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.3.0 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
Tamagotchi Simulator 2.5 (HKLM-x32\...\TamagotchiSimulator2.5) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.66 - Nullsoft, Inc)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files (x86)\AVG\AVG2013\avgsea.dll [2013-03-28] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1-x32: [MRAICQCMenu] -> {7C9E7B90-88EC-4852-AC7A-C938268A5D04} => C:\Users\HP\AppData\Roaming\ICQM\ICQ\dll\mramenu.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-03-30] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files (x86)\AVG\AVG2013\avgsea.dll [2013-03-28] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-05] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [180224 2008-12-04] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2013-02-20 09:37 - 2012-02-02 03:25 - 000059904 ____R () [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-10-15 08:52 - 2014-10-15 08:52 - 000172544 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2012-03-30 00:02 - 2012-03-30 00:02 - 000837632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2012-03-30 00:01 - 2012-03-30 00:01 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2008-05-07 20:59 - 2008-05-07 20:59 - 000034816 _____ (Hewlett-Packard Company) [File not signed] C:\Windows\System32\hpz3llhn.dll
2009-06-22 21:19 - 2009-06-22 21:19 - 002414080 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\DRIVERS\x64\3\hpzuilhn.dll
2013-11-24 19:34 - 2008-05-07 20:59 - 000099840 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\hpzpplhn.dll
2014-09-13 09:49 - 2014-09-13 09:49 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\26b50aa1e86a984a5c0d53f2bbf95798\IAStorCommon.ni.dll
2013-02-20 09:37 - 2012-02-02 03:26 - 000007168 ____R (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2013-02-20 09:37 - 2012-02-02 03:26 - 000032768 ____R (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorIcon.resources.dll
2013-02-20 09:37 - 2012-02-02 03:26 - 000004608 ____R (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IntelVisualDesign.resources.dll
2013-02-20 09:37 - 2012-02-02 03:25 - 000176128 ____R (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
2013-02-20 09:37 - 2012-02-02 03:25 - 001319424 ____R (Intel Corporation) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2013-02-20 09:37 - 2012-02-02 03:17 - 000278016 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2015-08-12 08:58 - 2015-08-12 08:58 - 000228864 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\f073662d167306f404de042fed2370cf\IAStorDataMgr.ni.dll
2020-03-10 14:53 - 2020-03-10 14:53 - 000489472 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\a038b8628203ba96df76752d3ccb0e36\IAStorUtil.ni.dll
2013-03-10 10:32 - 2013-03-10 10:32 - 000225280 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\ucrtbase.DLL
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1029\avast.local_vc142.crt\VCRUNTIME140.dll
2012-08-07 19:15 - 2012-08-07 19:15 - 000033408 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\CommApi.dll
2012-08-07 19:15 - 2012-08-07 19:15 - 000202368 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\FolderViewImpl.dll
2012-08-07 19:16 - 2012-08-07 19:16 - 000035456 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\ipc.dll
2012-08-07 19:16 - 2012-08-07 19:16 - 000027264 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\TCPConnection.dll
2012-08-07 19:16 - 2012-08-07 19:16 - 000098944 _____ (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Bluetooth Suite\utils.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\HP:zylomtest [0]
AlternateDataStreams: C:\Users\HP:zylomtr{000HQ7FF-AD7A-3FG5-BPAV-24QJBB1JIVVH} [32]
AlternateDataStreams: C:\ProgramData\TEMP:1DA424AA [123]
AlternateDataStreams: C:\ProgramData\TEMP:1EEB23AD [113]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:59320096 [95]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\ProgramData\TEMP:E0AE69BE [123]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
URLSearchHook: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 -> {97FD17B2-9DD0-440F-B9EB-16D6F2119DF5} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=PTV&o=15184&src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^RY&apn_dtid=^YYYYYY^V2^CZ&apn_uid=b02f3322-4dd5-42be-90d2-e440f3579f60&apn_sauid=40715029-7A1B-4ED4-B6CF-2AA1F86668D5
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (Canon Inc. -> CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-24] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKLM-x32 - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
DPF: HKLM-x32 {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Jewel%20Quest%20Solitaire/Images/stg_drm.ocx
DPF: HKLM-x32 {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Jewel%20Quest%20Solitaire/Images/armhelper.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1045858485-730689710-2132366811-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BBFFF18F-DE67-4430-9CAA-24CA0DC84AD6}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\Btvstack.exe (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
FirewallRules: [{CD7AE141-90B0-478A-AC9B-E76E105BF069}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
FirewallRules: [{2E155F35-33B5-4919-AD39-9A9F42B16B4A}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
FirewallRules: [{03B526B5-F4F8-4E64-9259-506325FDC05D}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\Win7Ui.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
FirewallRules: [TCP Query User{49C4F156-D110-4B74-9CEF-47497779D448}C:\program files (x86)\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\bluetooth suite\btvstack.exe (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
FirewallRules: [UDP Query User{16C43AB4-783E-4159-8A7D-6237D32567BE}C:\program files (x86)\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\bluetooth suite\btvstack.exe (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
FirewallRules: [TCP Query User{E49CC4E8-E319-46EE-8FAF-8125D1B97843}C:\program files (x86)\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\bluetooth suite\bttray.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
FirewallRules: [UDP Query User{A4F1A2C5-5238-4009-95F0-9C69000B9547}C:\program files (x86)\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\bluetooth suite\bttray.exe (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
FirewallRules: [{F0B83B36-359C-4831-A941-315CF4092EE9}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [{C81F5D61-CA80-4F88-BA13-7EDA7BB7E06D}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [{6A35E1DA-6A19-4D84-A2E8-BCA979ACA152}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{93169B5A-61AC-42BA-8445-64203BA7F3E2}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{87AFEBD8-1D93-4208-BE17-D98F259B0558}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{1A20D74A-EE5D-49EE-A006-2B826D6617E2}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{6C260F8C-EA05-4C62-BAD3-E3A2EC860860}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{BD412734-4914-48DA-BFE7-DE7ABE7AC184}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{372F6D53-49B2-42A8-86B3-7D03E5968D76}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{AD5DE0AB-82C1-48CB-9BDD-CA69CA0301AB}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{0D85299A-3542-4774-8839-A355FB19CC77}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{3FC72417-0EDC-4945-80A7-ABF89A01CEE8}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{4E01839E-CD7C-45AC-A0F9-3CC8702C6757}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{8C545A5E-2CBF-4C85-9B8A-2BC9E561A2E1}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{C0D90D07-5D42-4C91-A5A3-46B01F5EDBB5}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{BB6A7C8C-3051-43C9-A912-3E37DFAAEB61}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{87B4D5E0-C121-4D24-942C-ABBA2DDB4389}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{0CCD130F-5CDE-4D71-B3A6-C6DEAB9DCA8F}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{0B4733AF-F20C-420F-B07B-F6EEA69E846A}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{CCB80C10-15E0-43A3-B15B-641040E6B29F}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{6F0636E5-DEA8-4D12-8B26-3FECC3EF273C}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{376E42D6-C93E-49B6-9F83-E0419A05C047}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{2EDF5826-1CC3-4F82-813C-FB1AA6DAEEB4}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{374028B6-37F8-45A0-B3E5-9343BFAD3322}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{78B35960-15ED-4E75-B335-6FBB50AF26E9}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{2C4E46D2-3559-4B03-B4D9-5E393409D504}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
FirewallRules: [TCP Query User{532F26EC-2EDA-4C1A-8A4F-0BD20B452B0F}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{870B8294-F75F-4660-A87A-7CC5FE31D92A}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{EBDE7856-58DB-49C8-9DB4-7E0EA04E8DC0}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{53C3F4A2-DF0E-409B-BC9F-E747367BB384}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{98B43AE5-4B97-41B7-A805-834339898CF7}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [UDP Query User{36BDD8DA-5EB5-4468-A273-233ED32FDA1B}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [{A820039B-A712-4027-890F-563B027B0B86}] => (Block) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [{F9A0AD4C-3871-41A8-8AE1-BE78F2A57B92}] => (Block) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [TCP Query User{A5A85AC3-1192-412B-B9AA-558579DCC2B9}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{C86B3E25-A62B-42C5-9676-88735CC6E05C}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe (Electronic Arts) [File not signed]
FirewallRules: [{C78E5C77-D038-47B5-8E57-130FD668355F}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{5E9090A3-5E46-47C0-838F-43FD6588B806}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{6DCDE687-7C7D-45F5-947E-A37219146693}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8C9D7429-3BAB-4886-8F4F-D11013156963}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{51B2DA6E-A9DA-4A9E-A5FB-4C58A3C92509}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [{24778E7D-0D7C-4976-A65B-8F996ECF53AB}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [TCP Query User{F7A67382-F324-4DEC-B522-E25961A223E2}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{FE2263EF-9CF5-4B80-AA89-CE069E71B50E}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [{8679B108-704B-4D99-AF9A-7C0496A5C49D}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{75969E8B-5AC4-4A3F-ADB4-3F0DCC318910}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{D36E85D0-1655-464F-9343-740C0124A91E}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe (Electronic Arts) [File not signed]
FirewallRules: [{A51349ED-BE4C-41A7-B98D-A1CCD2DE0A79}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

09-01-2016 14:58:18 Windows Update
18-01-2016 19:45:40 Windows Update
06-05-2021 17:44:25 Windows Update
06-05-2021 17:49:51 Windows Defender Checkpoint
11-05-2021 19:17:07 Removed Skype™ 7.7
11-05-2021 19:19:31 Odstraněno The Sims 3

==================== Faulty Device Manager Devices ============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (05/13/2021 05:45:37 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/13/2021 04:42:48 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/13/2021 03:42:48 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/13/2021 03:05:13 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/13/2021 01:42:49 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/13/2021 12:42:50 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/13/2021 11:42:51 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (05/13/2021 11:02:39 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.


System errors:
=============
Error: (05/13/2021 03:24:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) ME Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/13/2021 03:24:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/13/2021 03:24:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/13/2021 03:24:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/13/2021 03:24:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Audio Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/13/2021 03:24:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (05/13/2021 03:24:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BlueStacks Updater Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (05/13/2021 03:24:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2021-05-06 18:59:26.481
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=261488
Název:Spyware:MSIL/Keylogger.GB!MTB
Závažnost:Vysoké
Kategorie:Spyware
Nalezeno v cestě:file:C:\Users\HP\AppData\Local\Temp\procxexp.exe;process:pid:6412,ProcessStart:132647934065528525;regkey:HKCU@S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\534d745390fdf7ecee18ac89e08f5536;runkey:HKCU@S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\534d745390fdf7ecee18ac89e08f5536
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2021-05-06 18:56:23.376
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=261488
Název:Spyware:MSIL/Keylogger.GB!MTB
Závažnost:Vysoké
Kategorie:Spyware
Nalezeno v cestě:file:C:\Users\HP\AppData\Local\Temp\procxexp.exe;process:pid:6412,ProcessStart:132647934065528525
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2021-05-06 17:49:51.052
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=261488
Název:Spyware:MSIL/Keylogger.GB!MTB
Závažnost:Vysoké
Kategorie:Spyware
Nalezeno v cestě:file:C:\Users\HP\AppData\Local\Temp\procxexp.exe;process:pid:4288,ProcessStart:132647693646185861;regkey:HKCU@S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\534d745390fdf7ecee18ac89e08f5536;regkey:HKCU@S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\96d8c32f941bac361720175180feed57;runkey:HKCU@S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\534d745390fdf7ecee18ac89e08f5536;runkey:HKCU@S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\96d8c32f941bac361720175180feed57
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2021-05-06 17:47:31.493
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=261488
Název:Spyware:MSIL/Keylogger.GB!MTB
Závažnost:Vysoké
Kategorie:Spyware
Nalezeno v cestě:file:C:\Users\HP\AppData\Local\Temp\procxexp.exe;process:pid:4288,ProcessStart:132647693646185861
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\SYSTEM
Název procesu:C:\Windows\System32\svchost.exe

Date: 2014-10-12 09:24:10.594
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C4235520-5A06-4D56-A7FF-BAD73473E763}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2016-01-18 18:43:17.441
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-08-17 13:56:02.475
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-07-21 17:51:14.839
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2015-01-22 15:06:56.218
Description:
Modul programu %1 byl ukončen v důsledku neočekávané chyby.
Typ chyby:%5
Kód výjimky:%6
Zdroj:%3

Date: 2014-12-04 02:43:19.681
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

==================== Memory info ===========================

BIOS: Hewlett-Packard 68IRR Ver. F.42 07/16/2013
Motherboard: Hewlett-Packard 17F6
Processor: Intel(R) Pentium(R) CPU B970 @ 2.30GHz
Percentage of memory in use: 82%
Total physical RAM: 3977.48 MB
Available physical RAM: 710.58 MB
Total Virtual: 7953.17 MB
Available Virtual: 3882.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:515.42 GB) NTFS

\\?\Volume{c86133c3-7a97-11e2-996d-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: B9D9C8E2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================




Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2021
Ran by HP (administrator) on HP-PC (Hewlett-Packard HP ProBook 4540s) (13-05-2021 17:49:43)
Running from C:\Users\HP\Downloads
Loaded Profiles: HP & Administrator
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <6>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <10>
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [763520 2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros) [File not signed]
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-03-09] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-12] (IDT, Inc.) [File not signed]
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [118496 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM-x32\...\Run: [HP HD Webcam Driver_Monitor] => C:\Program Files (x86)\HP HD Webcam Driver\monitor.exe [303480 2012-07-26] (Sunplus Innovation Technology Inc. -> ) [File not signed]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Oracle America, Inc. -> Sun Microsystems, Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411440 2013-08-15] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [863960 2015-03-24] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts) [File not signed]
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [479c9a49f987ecec44882b8796e3b50a] => "C:\Users\HP\AppData\Local\Temp\Systeme32.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [07648c4d77e66ec99a8a499782f50811] => "C:\Users\HP\AppData\Local\Temp\procexp.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp1B6C] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp1B6C.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpC327] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpC327.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6FBC] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6FBC.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [systeeeem] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\systeeeem.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [a54d6d1e46ec2a573aab436cd804429e] => "C:\Users\HP\AppData\Local\Temp\procexp.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6B2] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6B2.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [systeeem] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\systeeem.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp63D3] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp63D3.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6A09] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6A09.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3AC2] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3AC2.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3E7E] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E7E.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp48DB] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp48DB.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [1a0fcf865ad660482963ef3a2816560e] => "C:\Users\HP\server.exe" ..
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3A80] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3A80.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpAA6A] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpAA6A.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpDF94] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpDF94.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp2ABC] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp2ABC.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [Product] => C:\Users\HP\AppData\Local\Temp\jbmceqngwj.exe <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [758841e6eac2f6b11e7cc3c2438b67f5] => "C:\Users\HP\AppData\Local\Temp\jbmceqngwj.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp198A] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp198A.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp520] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp520.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [39a975f54eec9d402ce156da3c5f0302] => "C:\Users\HP\AppData\Local\Temp\chrome.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [\3i3anx3lh05nib0jjb4jw1] => "C:\Users\HP\AppData\Local\Temp\Svchost.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3E89] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E89.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3E88] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E88.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [32a790c25e2a4b645e827300e906d14b] => "C:\Users\HP\AppData\Local\Temp\cmd.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp10D4] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp10D4.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp53C8] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp53C8.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpC4D5] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpC4D5.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6908] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6908.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33698888 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {64c1ce72-a5a2-11e2-8ef4-b4b52f74a535} - E:\Autorun.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {78054ae3-457d-11e3-a9db-74e5436237a6} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {78054ae6-457d-11e3-a9db-74e5436237a6} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {b73de67b-c2f7-11e3-a2e4-74e5436237a6} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {c86133c7-7a97-11e2-996d-806e6f6e6963} - D:\SWSETUP\APPINSTL\hpsoftwaresetup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-23] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MP280 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAA.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP280 series: C:\Windows\system32\CNMLMAA.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\Windows\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\Windows\system32\hpz3llhn.dll [34816 2008-05-07] (Hewlett-Packard Company) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-13] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.94\Installer\chrmstp.exe [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\systeeem.vbs [2015-06-06] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp10D4.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp198A.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp1B6C.tmp.vbs [2015-06-06] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp2ABC.tmp.vbs [2020-07-24] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3A80.tmp.vbs [2020-03-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3AC2.tmp.vbs [2015-08-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E7E.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E88.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E89.tmp.vbs [2015-08-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp48DB.tmp.vbs [2020-03-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp520.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp53C8.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp63D3.tmp.vbs [2015-08-03] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6908.tmp.vbs [2015-06-06] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6A09.tmp.vbs [2015-08-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6B2.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpAA6A.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpC327.tmp.vbs [2015-08-08] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpC4D5.tmp.vbs [2020-03-09] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpDF94.tmp.vbs [2020-03-09] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2021-02-21]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Policies: C:\Users\Administrator\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\HP\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1FF7FA22-6CDF-485B-9F13-C96F789F5682} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {23626978-507D-48D9-B660-5EA5B0329E2A} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser
Task: {2E3E5201-D600-414C-8AA9-7995FB509410} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {2E3E5201-D600-414C-8AA9-7995FB509410} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation)
Task: {3F76E0BD-FF5C-4520-BDCC-0D2A43BAD7EC} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2229072 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
Task: {4054D2D7-74AC-4AAA-8F9F-F56CE3D43617} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-04-22] (Piriform Software Ltd -> Piriform)
Task: {41877916-772B-4FE3-AF9E-851A394CA4CE} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Administrator => F:\programs\HARDDISK TOOLS\Hard Disk Sentinel\HDSentinel.exe
Task: {440448F5-64B8-49A2-A075-5107072032BF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-05-06] (Avast Software s.r.o. -> Avast Software)
Task: {45601BD9-77A0-4419-9B64-C9A07C652516} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-15] (Google Inc -> Google Inc.)
Task: {572755CB-95A2-4236-8A54-3731B7FF9646} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\HP\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007456 2021-05-06] (ESET, spol. s r.o. -> ESET)
Task: {86036A6C-8A82-40CD-9410-2806F50E8036} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\HP\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007456 2021-05-06] (ESET, spol. s r.o. -> ESET)
Task: {A16F4D1C-4126-4599-974E-1A66FADCF290} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28082760 2021-04-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A7B89CA7-C559-468C-9BB4-A92A1DBEF346} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
Task: {B7AE16C4-2611-4F2F-A17A-50D54441A5E2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2021-05-06] (Adobe Inc. -> Adobe)
Task: {B90C3B24-4871-4BC2-8509-4B30AFE66D77} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-05-06] (Adobe Inc. -> Adobe)
Task: {B9F686F9-BC92-4ADE-87B3-9076360803CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {C0F73A9D-6280-4A8C-907C-6964E94EB4F5} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4699872 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
Task: {C78654E0-D3B4-42C5-B8E1-42F05B065F0C} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {C9E615ED-5C57-4C17-A278-12D8ECF359DE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {C9E615ED-5C57-4C17-A278-12D8ECF359DE} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation)
Task: {CBA2F9D5-1C24-48BD-85D2-81E509F8113B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
Task: {D41E6022-CD42-4CC2-97E4-F03097D6860F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {D41E6022-CD42-4CC2-97E4-F03097D6860F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {D41E6022-CD42-4CC2-97E4-F03097D6860F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [343040 [343040 2015-07-04]] (Microsoft Windows -> Microsoft Corporation)
Task: {D6901769-0BBC-4BDC-B4F4-5AE21BA36E55} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {E44129DB-CD1B-4148-90A0-79EF6FF4BF68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-15] (Google Inc -> Google Inc.)
Task: {FC448C9B-C0C3-4464-A63C-894BEADD49A6} - System32\Tasks\{6840B39C-F370-4AC1-A580-91E063E06C9F} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Tamagotchi Simulator\fimain.exe"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0A39EE86-807A-4082-A15E-572BC6DBE5AE}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{E7BC3211-21AE-408E-8BCE-8C59FDF7A222}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F386FD0C-EA75-4002-9925-2A713DCCD12A}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2021-05-06] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2021-05-06] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-03-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-05-06] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2006-09-26] (Zylom) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2021-05-13]
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-07]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-06]
CHR HKLM-x32\...\Chrome\Extension: [dnllcmllkjofnojidnaknldfehfhehoo] - C:\Program Files (x86)\HDvidCodec.com\HDvidCodec10.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2021-05-06] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7894040 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211072 2012-08-07] (Qualcomm Atheros -> Qualcomm Atheros Commnucations) [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [606944 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [356064 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\90.0.9316.94\elevation_service.exe [1396968 2021-04-27] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56920 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-03-24] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-24] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [798424 2015-03-24] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-07] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35664 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [212192 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [365024 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250336 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99288 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41296 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [180448 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [522384 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2021-05-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107792 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [82872 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [850632 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467720 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215352 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326992 2021-05-06] (Avast Software s.r.o. -> AVAST Software)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206648 2013-07-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-07-01] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-09-05] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o. -> AVG Technologies CZ, s.r.o.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [144600 2015-03-24] (Bluestack Systems, Inc. -> BlueStack Systems)
R3 BthMtpEnum; C:\Windows\System32\DRIVERS\BthMtpEnum.sys [64512 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 htcnprot; C:\Windows\System32\DRIVERS\htcnprot.sys [36928 2013-10-17] (HTC Corp. -> Windows (R) Win 7 DDK provider)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (Sqa.com(Test) -> QUALCOMM Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-10-10] (Disc Soft Ltd -> Duplex Secure Ltd.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1062008 2012-08-03] (Sunplus Innovation Technology Inc. -> Sunplus)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [543744 2012-11-12] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S1 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
S1 ldwttias; \??\C:\Windows\system32\drivers\ldwttias.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-13 17:48 - 2021-05-13 17:48 - 002299392 _____ (Farbar) C:\Users\HP\Downloads\FRST64.exe
2021-05-13 17:38 - 2021-05-13 17:38 - 000000000 _____ C:\Users\HP\Desktop\Addition.txt
2021-05-13 17:27 - 2021-05-13 17:27 - 000000000 ____D C:\Users\HP\Desktop\FRST-OlderVersion
2021-05-13 15:21 - 2021-05-13 15:21 - 008534696 _____ (Malwarebytes) C:\Users\HP\Desktop\AdwCleaner.exe
2021-05-13 15:12 - 2021-05-13 15:24 - 000000000 ____D C:\AdwCleaner
2021-05-13 11:01 - 2021-05-13 11:07 - 000083021 _____ C:\Users\HP\Downloads\Addition.txt
2021-05-13 10:57 - 2021-05-13 17:50 - 000034903 _____ C:\Users\HP\Downloads\FRST.txt
2021-05-13 10:56 - 2021-05-13 17:50 - 000000000 ____D C:\FRST
2021-05-11 21:33 - 2021-05-11 21:33 - 001107968 _____ C:\Users\HP\Downloads\RSIT.exe
2021-05-11 21:33 - 2021-05-11 21:33 - 000000000 ____D C:\rsit
2021-05-11 21:33 - 2021-05-11 21:33 - 000000000 ____D C:\Program Files (x86)\trend micro
2021-05-11 13:32 - 2021-05-11 13:32 - 008703024 _____ (ESET) C:\Users\HP\Downloads\eset_smart_security_premium_live_installer.exe
2021-05-06 23:49 - 2021-05-06 23:49 - 000003744 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2021-05-06 23:49 - 2021-05-06 23:49 - 000003304 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2021-05-06 23:20 - 2021-05-13 10:43 - 000001189 _____ C:\Users\HP\Desktop\ESET Online Scanner.lnk
2021-05-06 23:20 - 2021-05-06 23:20 - 000000000 ____D C:\Users\HP\AppData\Local\ESET
2021-05-06 23:19 - 2021-05-06 23:19 - 011697056 _____ (ESET) C:\Users\HP\Downloads\esetonlinescanner.exe
2021-05-06 20:18 - 2021-05-06 20:18 - 000001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-05-06 20:18 - 2021-05-06 20:18 - 000001066 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-05-06 19:48 - 2021-05-06 19:48 - 000004474 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-05-06 19:39 - 2021-05-06 19:39 - 000003732 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-05-06 19:39 - 2021-05-06 19:39 - 000003150 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2021-05-06 19:39 - 2021-05-06 19:39 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-05-06 19:39 - 2021-05-06 19:39 - 000002458 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-05-06 19:39 - 2021-05-06 19:39 - 000002458 _____ C:\ProgramData\Desktop\Avast Secure Browser.lnk
2021-05-06 19:39 - 2021-05-06 19:39 - 000000000 ___HD C:\$AV_ASW
2021-05-06 19:39 - 2021-05-06 19:39 - 000000000 ____D C:\Users\HP\AppData\Local\AVAST Software
2021-05-06 19:37 - 2021-05-06 19:37 - 000003426 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineUA
2021-05-06 19:37 - 2021-05-06 19:37 - 000003298 _____ C:\Windows\system32\Tasks\AvastUpdateTaskMachineCore
2021-05-06 19:37 - 2021-05-06 19:37 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2021-05-06 19:35 - 2021-05-06 19:35 - 000002075 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-05-06 19:35 - 2021-05-06 19:35 - 000002075 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2021-05-06 19:35 - 2021-05-06 19:35 - 000000000 ____D C:\Users\HP\AppData\Roaming\Avast Software
2021-05-06 19:35 - 2021-05-06 19:35 - 000000000 ____D C:\Users\HP\AppData\Local\CEF
2021-05-06 19:35 - 2021-05-06 19:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2021-05-06 19:33 - 2021-05-06 19:33 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-05-06 19:32 - 2021-05-13 10:39 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-05-06 19:32 - 2021-05-06 19:32 - 000850632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000522384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000467720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000365024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000339680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-05-06 19:32 - 2021-05-06 19:32 - 000326992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000250336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000215352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000212192 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000180448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000099288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000082872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000041296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000035664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-05-06 19:32 - 2021-05-06 19:32 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-05-06 19:31 - 2021-05-06 19:31 - 000000000 ____D C:\Program Files\Avast Software
2021-05-06 19:30 - 2021-05-13 10:37 - 000000000 ____D C:\ProgramData\Avast Software
2021-05-06 19:05 - 2021-05-06 19:05 - 000220392 _____ (AVAST Software) C:\Users\HP\Downloads\avast_free_antivirus_setup_online.exe
2021-05-06 18:35 - 2021-05-06 18:35 - 000000000 __SHD C:\found.002
2021-05-06 18:15 - 2021-05-13 11:09 - 000000000 ____D C:\Program Files\CCleaner
2021-05-06 18:15 - 2021-05-06 20:26 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-05-06 18:15 - 2021-05-06 18:15 - 000002796 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-05-06 18:15 - 2021-05-06 18:15 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-05-06 18:15 - 2021-05-06 18:15 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-05-06 18:15 - 2021-05-06 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-05-06 18:00 - 2021-05-06 18:01 - 031273232 _____ (Piriform Software Ltd) C:\Users\HP\Downloads\ccsetup578.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-05-13 15:14 - 2013-02-27 22:26 - 000000000 ____D C:\Users\HP\AppData\Local\Google
2021-05-13 11:14 - 2013-02-27 22:29 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-13 11:13 - 2009-07-14 06:45 - 000018928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-05-13 11:13 - 2009-07-14 06:45 - 000018928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-05-13 10:34 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2021-05-13 10:33 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-05-11 19:22 - 2013-03-12 22:33 - 000000000 ____D C:\Program Files (x86)\Opera
2021-05-11 19:19 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2021-05-11 19:18 - 2013-08-07 11:15 - 000000051 _____ C:\Windows\movexe.ini
2021-05-11 19:18 - 2013-04-28 12:41 - 000000000 ____D C:\Program Files\Tamagotchi Simulator
2021-05-11 19:18 - 2009-07-14 04:34 - 000000529 _____ C:\Windows\win.ini
2021-05-11 19:17 - 2013-02-27 22:20 - 000000000 ____D C:\ProgramData\Skype
2021-05-11 19:13 - 2013-06-23 11:03 - 000000000 ____D C:\ProgramData\MFAData
2021-05-11 19:12 - 2013-08-05 21:08 - 000000000 ____D C:\Windows\Minidump
2021-05-11 19:12 - 2013-03-03 13:38 - 000000000 ____D C:\Users\HP\AppData\Local\CrashDumps
2021-05-11 18:27 - 2013-02-27 22:20 - 000000000 ____D C:\Users\HP\AppData\Roaming\Skype
2021-05-06 23:28 - 2013-09-14 13:44 - 000000000 ____D C:\Users\HP\AppData\Roaming\uTorrent
2021-05-06 23:28 - 2013-09-14 13:44 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2021-05-06 20:27 - 2014-09-16 22:48 - 000000000 ____D C:\Temp
2021-05-06 20:18 - 2013-03-04 20:37 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-06 20:18 - 2013-03-04 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-05-06 20:18 - 2013-03-04 20:37 - 000000000 ____D C:\Program Files\WinRAR
2021-05-06 20:17 - 2013-02-27 20:43 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2021-05-06 20:17 - 2013-02-27 20:43 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2021-05-06 20:17 - 2013-02-27 20:43 - 000004396 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2021-05-06 20:16 - 2013-02-27 20:43 - 000000000 ____D C:\Windows\system32\Macromed
2021-05-06 20:16 - 2013-02-27 20:41 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-05-06 19:59 - 2009-08-31 00:45 - 005193434 _____ C:\Windows\system32\perfh005.dat
2021-05-06 19:59 - 2009-08-31 00:45 - 001718272 _____ C:\Windows\system32\perfc005.dat
2021-05-06 19:59 - 2009-07-14 07:13 - 000006248 _____ C:\Windows\system32\PerfStringBackup.INI
2021-05-06 18:21 - 2013-04-20 20:13 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2021-05-06 18:21 - 2013-04-15 09:49 - 000000000 ____D C:\Users\HP\AppData\Roaming\DAEMON Tools Lite
2021-05-06 17:56 - 2013-02-27 22:27 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-05-06 17:56 - 2013-02-27 22:27 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-05-06 17:38 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2021-05-06 12:34 - 2014-01-17 19:54 - 000000000 ____D C:\Users\HP\Desktop\Filmy

==================== Files in the root of some directories ========

2016-01-08 17:26 - 2016-01-08 17:26 - 006420480 _____ () C:\Program Files (x86)\GUT2CDB.tmp
2015-09-11 16:28 - 2015-09-11 16:28 - 006420480 _____ () C:\Program Files (x86)\GUT50DE.tmp
2016-02-16 14:16 - 2016-02-16 14:16 - 006871040 _____ () C:\Program Files (x86)\GUTC2A3.tmp
2013-12-27 18:17 - 2014-01-07 21:09 - 000001755 _____ () C:\Users\HP\AppData\Roaming\msltppo.dat
2013-12-27 18:17 - 2014-01-17 15:50 - 000000027 _____ () C:\Users\HP\AppData\Roaming\msqvov.dat
2015-01-12 21:15 - 2015-01-12 21:15 - 000000000 _____ () C:\Users\HP\AppData\Local\{579EC55E-9F89-41C1-A3D1-6CEAE46E43B6}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
AlternateDataStreams: C:\Users\HP:zylomtest [0]
AlternateDataStreams: C:\Users\HP:zylomtr{000HQ7FF-AD7A-3FG5-BPAV-24QJBB1JIVVH} [32]
AlternateDataStreams: C:\ProgramData\TEMP:1DA424AA [123]
AlternateDataStreams: C:\ProgramData\TEMP:1EEB23AD [113]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:59320096 [95]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\ProgramData\TEMP:E0AE69BE [123]
URLSearchHook: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKLM-x32 - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FirewallRules: [{F0B83B36-359C-4831-A941-315CF4092EE9}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [{C81F5D61-CA80-4F88-BA13-7EDA7BB7E06D}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [{0D85299A-3542-4774-8839-A355FB19CC77}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{3FC72417-0EDC-4945-80A7-ABF89A01CEE8}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{4E01839E-CD7C-45AC-A0F9-3CC8702C6757}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{8C545A5E-2CBF-4C85-9B8A-2BC9E561A2E1}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{C0D90D07-5D42-4C91-A5A3-46B01F5EDBB5}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{BB6A7C8C-3051-43C9-A912-3E37DFAAEB61}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{87B4D5E0-C121-4D24-942C-ABBA2DDB4389}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{0CCD130F-5CDE-4D71-B3A6-C6DEAB9DCA8F}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{0B4733AF-F20C-420F-B07B-F6EEA69E846A}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{CCB80C10-15E0-43A3-B15B-641040E6B29F}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [TCP Query User{532F26EC-2EDA-4C1A-8A4F-0BD20B452B0F}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{870B8294-F75F-4660-A87A-7CC5FE31D92A}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{98B43AE5-4B97-41B7-A805-834339898CF7}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [UDP Query User{36BDD8DA-5EB5-4468-A273-233ED32FDA1B}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [{A820039B-A712-4027-890F-563B027B0B86}] => (Block) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [{F9A0AD4C-3871-41A8-8AE1-BE78F2A57B92}] => (Block) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [{C78E5C77-D038-47B5-8E57-130FD668355F}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{5E9090A3-5E46-47C0-838F-43FD6588B806}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{51B2DA6E-A9DA-4A9E-A5FB-4C58A3C92509}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [{24778E7D-0D7C-4976-A65B-8F996ECF53AB}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [TCP Query User{F7A67382-F324-4DEC-B522-E25961A223E2}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{FE2263EF-9CF5-4B80-AA89-CE069E71B50E}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
C:\Users\HP\AppData\Local\Temp
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Oracle America, Inc. -> Sun Microsystems, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [479c9a49f987ecec44882b8796e3b50a] => "C:\Users\HP\AppData\Local\Temp\Systeme32.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [07648c4d77e66ec99a8a499782f50811] => "C:\Users\HP\AppData\Local\Temp\procexp.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp1B6C] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp1B6C.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpC327] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpC327.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6FBC] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6FBC.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [systeeeem] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\systeeeem.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [a54d6d1e46ec2a573aab436cd804429e] => "C:\Users\HP\AppData\Local\Temp\procexp.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6B2] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6B2.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [systeeem] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\systeeem.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp63D3] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp63D3.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6A09] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6A09.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3AC2] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3AC2.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3E7E] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E7E.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp48DB] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp48DB.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3A80] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3A80.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpAA6A] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpAA6A.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpDF94] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpDF94.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp2ABC] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp2ABC.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [Product] => C:\Users\HP\AppData\Local\Temp\jbmceqngwj.exe <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [758841e6eac2f6b11e7cc3c2438b67f5] => "C:\Users\HP\AppData\Local\Temp\jbmceqngwj.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp198A] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp198A.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp520] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp520.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [39a975f54eec9d402ce156da3c5f0302] => "C:\Users\HP\AppData\Local\Temp\chrome.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [\3i3anx3lh05nib0jjb4jw1] => "C:\Users\HP\AppData\Local\Temp\Svchost.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3E89] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E89.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3E88] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E88.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [32a790c25e2a4b645e827300e906d14b] => "C:\Users\HP\AppData\Local\Temp\cmd.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp10D4] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp10D4.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp53C8] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp53C8.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpC4D5] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpC4D5.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6908] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6908.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {64c1ce72-a5a2-11e2-8ef4-b4b52f74a535} - E:\Autorun.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {78054ae3-457d-11e3-a9db-74e5436237a6} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {78054ae6-457d-11e3-a9db-74e5436237a6} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {b73de67b-c2f7-11e3-a2e4-74e5436237a6} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {c86133c7-7a97-11e2-996d-806e6f6e6963} - D:\SWSETUP\APPINSTL\hpsoftwaresetup.exe
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\systeeem.vbs [2015-06-06] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp10D4.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp198A.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp1B6C.tmp.vbs [2015-06-06] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp2ABC.tmp.vbs [2020-07-24] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3A80.tmp.vbs [2020-03-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3AC2.tmp.vbs [2015-08-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E7E.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E88.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E89.tmp.vbs [2015-08-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp48DB.tmp.vbs [2020-03-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp520.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp53C8.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp63D3.tmp.vbs [2015-08-03] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6908.tmp.vbs [2015-06-06] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6A09.tmp.vbs [2015-08-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6B2.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpAA6A.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpC327.tmp.vbs [2015-08-08] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpC4D5.tmp.vbs [2020-03-09] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpDF94.tmp.vbs [2020-03-09] ()
Policies: C:\Users\Administrator\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\HP\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S1 ldwttias; \??\C:\Windows\system32\drivers\ldwttias.sys [X]
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\GUT2CDB.tmp
C:\Program Files (x86)\GUT50DE.tmp
C:\Program Files (x86)\GUTC2A3.tmp
C:\Users\HP\AppData\Local\{579EC55E-9F89-41C1-A3D1-6CEAE46E43B6}

EmptyTemp:
End
Uložte do C:\Users\HP\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

miška
Návštěvník
Návštěvník
Příspěvky: 148
Registrován: 17 bře 2010 10:59

Re: Prosím o kontrolu logu

#9 Příspěvek od miška »

Nevím, jestli se mi to povedlo dobře.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-05-2021 22:35:48)

C:\Users\HP\AppData\Local\Temp => Could not move

==== End of Fixlog 22:35:50 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#10 Příspěvek od Rudy »

Tak to se vám nepovedlo. V C:\Users\HP\Downloads musí být soubor fixlog.txt a v něm asi toto: https://forum.viry.cz/viewtopic.php?p=1541540#p1541540 . Tak vypadá log po mazání.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

miška
Návštěvník
Návštěvník
Příspěvky: 148
Registrován: 17 bře 2010 10:59

Re: Prosím o kontrolu logu

#11 Příspěvek od miška »

Zdravím, sám se log neobjevil. Nějaký byl ve stažených so+uborec/h, klávesnice blbne pořád. Fix result of Farbar Recovery Scan Tool (x64) Version: 15-05-2021





Ran by HP (17-05-2021 19:02:40) Run:2
Running from C:\Users\HP\Downloads
Loaded Profiles: HP & Administrator
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
AlternateDataStreams: C:\Users\HP:zylomtest [0]
AlternateDataStreams: C:\Users\HP:zylomtr{000HQ7FF-AD7A-3FG5-BPAV-24QJBB1JIVVH} [32]
AlternateDataStreams: C:\ProgramData\TEMP:1DA424AA [123]
AlternateDataStreams: C:\ProgramData\TEMP:1EEB23AD [113]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\TEMP:59320096 [95]
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\ProgramData\TEMP:E0AE69BE [123]
URLSearchHook: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-1045858485-730689710-2132366811-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKLM-x32 - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FirewallRules: [{F0B83B36-359C-4831-A941-315CF4092EE9}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [{C81F5D61-CA80-4F88-BA13-7EDA7BB7E06D}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [{0D85299A-3542-4774-8839-A355FB19CC77}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{3FC72417-0EDC-4945-80A7-ABF89A01CEE8}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{4E01839E-CD7C-45AC-A0F9-3CC8702C6757}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{8C545A5E-2CBF-4C85-9B8A-2BC9E561A2E1}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{C0D90D07-5D42-4C91-A5A3-46B01F5EDBB5}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{BB6A7C8C-3051-43C9-A912-3E37DFAAEB61}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{87B4D5E0-C121-4D24-942C-ABBA2DDB4389}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{0CCD130F-5CDE-4D71-B3A6-C6DEAB9DCA8F}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe => No File
FirewallRules: [{0B4733AF-F20C-420F-B07B-F6EEA69E846A}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{CCB80C10-15E0-43A3-B15B-641040E6B29F}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [TCP Query User{532F26EC-2EDA-4C1A-8A4F-0BD20B452B0F}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{870B8294-F75F-4660-A87A-7CC5FE31D92A}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [TCP Query User{98B43AE5-4B97-41B7-A805-834339898CF7}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [UDP Query User{36BDD8DA-5EB5-4468-A273-233ED32FDA1B}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [{A820039B-A712-4027-890F-563B027B0B86}] => (Block) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [{F9A0AD4C-3871-41A8-8AE1-BE78F2A57B92}] => (Block) D:\easysetupassistant\easysetupassistant.exe => No File
FirewallRules: [{C78E5C77-D038-47B5-8E57-130FD668355F}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{5E9090A3-5E46-47C0-838F-43FD6588B806}] => (Allow) C:\Users\HP\AppData\Roaming\ICQM\icq.exe => No File
FirewallRules: [{51B2DA6E-A9DA-4A9E-A5FB-4C58A3C92509}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [{24778E7D-0D7C-4976-A65B-8F996ECF53AB}] => (Allow) C:\Program Files (x86)\Opera\opera.exe => No File
FirewallRules: [TCP Query User{F7A67382-F324-4DEC-B522-E25961A223E2}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
FirewallRules: [UDP Query User{FE2263EF-9CF5-4B80-AA89-CE069E71B50E}C:\users\hp\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\hp\appdata\roaming\utorrent\utorrent.exe => No File
C:\Users\HP\AppData\Local\Temp
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Oracle America, Inc. -> Sun Microsystems, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [479c9a49f987ecec44882b8796e3b50a] => "C:\Users\HP\AppData\Local\Temp\Systeme32.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [07648c4d77e66ec99a8a499782f50811] => "C:\Users\HP\AppData\Local\Temp\procexp.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp1B6C] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp1B6C.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpC327] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpC327.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6FBC] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6FBC.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [systeeeem] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\systeeeem.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [a54d6d1e46ec2a573aab436cd804429e] => "C:\Users\HP\AppData\Local\Temp\procexp.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6B2] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6B2.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [systeeem] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\systeeem.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp63D3] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp63D3.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6A09] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6A09.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3AC2] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3AC2.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3E7E] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E7E.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp48DB] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp48DB.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3A80] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3A80.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpAA6A] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpAA6A.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpDF94] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpDF94.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp2ABC] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp2ABC.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [Product] => C:\Users\HP\AppData\Local\Temp\jbmceqngwj.exe <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [758841e6eac2f6b11e7cc3c2438b67f5] => "C:\Users\HP\AppData\Local\Temp\jbmceqngwj.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp198A] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp198A.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp520] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp520.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [39a975f54eec9d402ce156da3c5f0302] => "C:\Users\HP\AppData\Local\Temp\chrome.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [\3i3anx3lh05nib0jjb4jw1] => "C:\Users\HP\AppData\Local\Temp\Svchost.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3E89] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E89.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp3E88] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp3E88.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [32a790c25e2a4b645e827300e906d14b] => "C:\Users\HP\AppData\Local\Temp\cmd.exe" .. <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp10D4] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp10D4.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp53C8] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp53C8.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmpC4D5] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmpC4D5.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\Run: [tmp6908] => wscript.exe //B "C:\Users\HP\AppData\Local\Temp\tmp6908.tmp.vbs" <==== ATTENTION
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: F - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {64c1ce72-a5a2-11e2-8ef4-b4b52f74a535} - E:\Autorun.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {78054ae3-457d-11e3-a9db-74e5436237a6} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {78054ae6-457d-11e3-a9db-74e5436237a6} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {b73de67b-c2f7-11e3-a2e4-74e5436237a6} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\...\MountPoints2: {c86133c7-7a97-11e2-996d-806e6f6e6963} - D:\SWSETUP\APPINSTL\hpsoftwaresetup.exe
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\systeeem.vbs [2015-06-06] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp10D4.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp198A.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp1B6C.tmp.vbs [2015-06-06] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp2ABC.tmp.vbs [2020-07-24] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3A80.tmp.vbs [2020-03-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3AC2.tmp.vbs [2015-08-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E7E.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E88.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E89.tmp.vbs [2015-08-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp48DB.tmp.vbs [2020-03-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp520.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp53C8.tmp.vbs [2021-01-12] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp63D3.tmp.vbs [2015-08-03] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6908.tmp.vbs [2015-06-06] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6A09.tmp.vbs [2015-08-17] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6B2.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpAA6A.tmp.vbs [2021-01-10] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpC327.tmp.vbs [2015-08-08] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpC4D5.tmp.vbs [2020-03-09] ()
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpDF94.tmp.vbs [2020-03-09] ()
Policies: C:\Users\Administrator\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\HP\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S1 ldwttias; \??\C:\Windows\system32\drivers\ldwttias.sys [X]
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\GUT2CDB.tmp
C:\Program Files (x86)\GUT50DE.tmp
C:\Program Files (x86)\GUTC2A3.tmp
C:\Users\HP\AppData\Local\{579EC55E-9F89-41C1-A3D1-6CEAE46E43B6}

EmptyTemp:
End
*****************

Processes closed successfully.
"C:\Users\HP" => ":zylomtest" ADS not found.
"C:\Users\HP" => ":zylomtr{000HQ7FF-AD7A-3FG5-BPAV-24QJBB1JIVVH}" ADS not found.
"C:\ProgramData\TEMP" => ":1DA424AA" ADS not found.
"C:\ProgramData\TEMP" => ":1EEB23AD" ADS not found.
"C:\ProgramData\TEMP" => ":2CB9631F" ADS not found.
"C:\ProgramData\TEMP" => ":59320096" ADS not found.
"C:\ProgramData\TEMP" => ":D1B5B4F1" ADS not found.
"C:\ProgramData\TEMP" => ":E0AE69BE" ADS not found.
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D8278076-BC68-4484-9233-6E7F1628B56C}" => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17}" => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17}" => not found
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F0B83B36-359C-4831-A941-315CF4092EE9}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C81F5D61-CA80-4F88-BA13-7EDA7BB7E06D}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0D85299A-3542-4774-8839-A355FB19CC77}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3FC72417-0EDC-4945-80A7-ABF89A01CEE8}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4E01839E-CD7C-45AC-A0F9-3CC8702C6757}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8C545A5E-2CBF-4C85-9B8A-2BC9E561A2E1}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0D90D07-5D42-4C91-A5A3-46B01F5EDBB5}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BB6A7C8C-3051-43C9-A912-3E37DFAAEB61}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{87B4D5E0-C121-4D24-942C-ABBA2DDB4389}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0CCD130F-5CDE-4D71-B3A6-C6DEAB9DCA8F}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0B4733AF-F20C-420F-B07B-F6EEA69E846A}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{CCB80C10-15E0-43A3-B15B-641040E6B29F}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{532F26EC-2EDA-4C1A-8A4F-0BD20B452B0F}C:\users\hp\appdata\roaming\utorrent\utorrent.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{870B8294-F75F-4660-A87A-7CC5FE31D92A}C:\users\hp\appdata\roaming\utorrent\utorrent.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{98B43AE5-4B97-41B7-A805-834339898CF7}D:\easysetupassistant\easysetupassistant.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{36BDD8DA-5EB5-4468-A273-233ED32FDA1B}D:\easysetupassistant\easysetupassistant.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A820039B-A712-4027-890F-563B027B0B86}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F9A0AD4C-3871-41A8-8AE1-BE78F2A57B92}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C78E5C77-D038-47B5-8E57-130FD668355F}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5E9090A3-5E46-47C0-838F-43FD6588B806}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51B2DA6E-A9DA-4A9E-A5FB-4C58A3C92509}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{24778E7D-0D7C-4976-A65B-8F996ECF53AB}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F7A67382-F324-4DEC-B522-E25961A223E2}C:\users\hp\appdata\roaming\utorrent\utorrent.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FE2263EF-9CF5-4B80-AA89-CE069E71B50E}C:\users\hp\appdata\roaming\utorrent\utorrent.exe" => not found

"C:\Users\HP\AppData\Local\Temp" folder move:

Could not move "C:\Users\HP\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\479c9a49f987ecec44882b8796e3b50a" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\07648c4d77e66ec99a8a499782f50811" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp1B6C" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmpC327" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp6FBC" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\systeeeem" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\a54d6d1e46ec2a573aab436cd804429e" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp6B2" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\systeeem" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp63D3" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp6A09" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp3AC2" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp3E7E" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp48DB" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp3A80" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmpAA6A" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmpDF94" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp2ABC" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Product" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\758841e6eac2f6b11e7cc3c2438b67f5" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp198A" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp520" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\39a975f54eec9d402ce156da3c5f0302" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\\3i3anx3lh05nib0jjb4jw1" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp3E89" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp3E88" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\32a790c25e2a4b645e827300e906d14b" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp10D4" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp53C8" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmpC4D5" => not found
"HKU\S-1-5-21-1045858485-730689710-2132366811-1000\Software\Microsoft\Windows\CurrentVersion\Run\\tmp6908" => not found
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F => not found
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{64c1ce72-a5a2-11e2-8ef4-b4b52f74a535} => not found
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{78054ae3-457d-11e3-a9db-74e5436237a6} => not found
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{78054ae6-457d-11e3-a9db-74e5436237a6} => not found
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b73de67b-c2f7-11e3-a2e4-74e5436237a6} => not found
HKU\S-1-5-21-1045858485-730689710-2132366811-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c86133c7-7a97-11e2-996d-806e6f6e6963} => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\systeeem.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp10D4.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp198A.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp1B6C.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp2ABC.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3A80.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3AC2.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E7E.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E88.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp3E89.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp48DB.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp520.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp53C8.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp63D3.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6908.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6A09.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmp6B2.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpAA6A.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpC327.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpC4D5.tmp.vbs" => not found
"C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tmpDF94.tmp.vbs" => not found
"C:\Users\Administrator\NTUSER.pol" => not found
"C:\Users\HP\NTUSER.pol" => not found
Tak sem ten log dávám.

miška
Návštěvník
Návštěvník
Příspěvky: 148
Registrován: 17 bře 2010 10:59

Re: Prosím o kontrolu logu

#12 Příspěvek od miška »

Omlouvám se, nebylo to vše. Ještě *zbytek: :)




=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5228103 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 271077 B
Edge => 0 B
Chrome => 52343878 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
HP => 296091 B
Administrator => 296091 B

RecycleBin => 0 B
EmptyTemp: => 63.7 MB temporary data Removed.

================================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu

#13 Příspěvek od Rudy »

OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

miška
Návštěvník
Návštěvník
Příspěvky: 148
Registrován: 17 bře 2010 10:59

Re: Prosím o kontrolu logu

#14 Příspěvek od miška »

Možná trochu rychlejší..
Při spuštění se stále m+usí potvr*zovat. Nespouští se sám. Když naběhne, vyskočí jakési černé okno a /hned se schová. Pak stále QLB kontroler, že nepracuje. Osobně nevím, co to vůbec je. Spo+ust+u programů ne*znám. A klávesnice *zlobí dál. Před *Z /hvě*zdička. Před /h lomítko. Před +u plus. š nejde vůbec. A n+umerická pípá.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu

#15 Příspěvek od JaRon »

ospravedlnujem sa za vstup - jednorazovo zaskocim:
- odinstaluj AVG - je tam zbytocny
- vycisti PC s CureIT https://forum.viry.cz/viewtopic.php?f=29&t=151000
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět