Právě je 19 led 2020 10:00

Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Všechny časy jsou v UTC + 1 hodina


Pravidla fóra


Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz



Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 16 ]  Přejít na stránku 1, 2  Další
Autor Zpráva
 Předmět příspěvku: Prosim o kontrolu
PříspěvekNapsal: 09 led 2020 16:58 
Offline
Návštěvník
Návštěvník

Registrován: 28 črc 2014 18:36
Příspěvky: 14
Zdravím, prosím o kontrolu PC, občas se mi seká google chrome a občas PC. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2020
Ran by PC (administrator) on PC-STOLNI (Gigabyte Technology Co., Ltd. Z68X-UD3P-B3) (09-01-2020 16:51:36)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Pro Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Nitro Software, Inc. -> ) C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
(Nitro Software, Inc. -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro Software, Inc. -> Nitro Software, Inc.) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis International GmbH -> Acronis)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-11-22] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG -> Nero AG)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Run: [Google Update] => C:\Users\PC\AppData\Local\Google\Update\1.3.35.422\GoogleUpdateCore.exe [219592 2019-12-14] (Google LLC -> Google LLC)
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-09-20] (Nero AG -> Nero AG)
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {2920cd84-fd3e-11e9-8086-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {2920cdaf-fd3e-11e9-8086-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {358d9afd-6ade-11e8-803c-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {9614f225-173a-11e9-806b-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02775204-F1C3-4949-B0B8-8FBA7463EFFA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-15] (Adobe Inc. -> Adobe)
Task: {05D3832E-9595-4302-954D-E8DB92A0A61E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {088CD6EB-082E-4386-BCA0-3C6243BA594B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001Core1d2583baaa50420 => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-07-18] (Google Inc -> Google Inc.)
Task: {0DF6D448-FD6B-429F-B1AF-D12205A9AA5C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {16074411-B9B9-4609-A08B-32B99FC54797} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {226C2529-419F-4882-B9F0-3516F43E036C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {249CCB75-3D98-44D8-979F-68A6FF8CF48B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )
Task: {25E9313B-F51A-4455-8A57-5F66E3C815E9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {28F3FED5-BE24-4DC3-A049-5CC47136D328} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {290D399A-CABA-4915-9326-09E75A56A316} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {2D799B7A-A41D-49D3-BA1F-7A375C50024E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {387F7C46-5BAE-41E8-A436-69ADE88C4761} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {42EE0A6D-BCBF-4395-A860-5E824C219B55} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {49993180-11FB-4961-B8B5-DF4EDD4F2571} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001Core => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-07-18] (Google Inc -> Google Inc.)
Task: {4DEDD72B-C747-4FB1-8414-6A1827A469B7} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4FF9CC2D-6584-47BF-909B-7F82EBFC05A9} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [782320 2019-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {597FE07C-B370-48FF-B7BC-D633275509CA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {648313E4-5602-4DAF-A29F-F641FE052C3B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7C96F8CA-4548-4E80-81C0-A81035F34FBC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {85189E59-5C37-4C42-A357-636E8A908FF0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-19] (HP Inc. -> )
Task: {91C60497-6D96-43D4-A233-AD3DC3CB94E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {A2E5CEBE-5484-4AE6-A01D-9D370275CA62} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACC56F38-1175-4121-82BD-C6746CFF9018} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B346BD47-51BD-4C05-B7B3-55CD29CA4BB1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B81014C2-929C-4895-9C45-AD4132F48D84} - System32\Tasks\{66CE6B2C-CE2B-4E51-9196-0D695038B415} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\PC\Desktop\NFS11.exe -d C:\Users\PC\Desktop
Task: {BAD5EB17-78B3-45BB-8929-65619F0A92EA} - System32\Tasks\HPCeeScheduleForPC => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
"C:\Windows\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineVW" was unlocked. <==== ATTENTION
Task: {C66D6CD8-DEAA-46F0-ABC8-7F1729117BEC} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineVW => C:\WINDOWS\SysWOW64\Speech\Engines\Q-1-46-39\FD_1.4.17.96.exe [67896 2019-03-19] () [File not signed] <==== ATTENTION
Task: {CC43F2E9-67C8-4B64-B4E5-7C628AAEF043} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [277880 2019-11-22] (HP Inc. -> HP Inc.)
Task: {D56CE9FB-E587-467A-8CD8-A8F0EE060786} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D75C4118-D85A-43EF-9348-FDB4C6AF376E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001UA => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-07-18] (Google Inc -> Google Inc.)
Task: {DCCAD6A9-A73E-4EDD-BDF5-3D22018212A8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {DE588AB7-C67D-470E-9821-E38B005CC0C9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E17F37FA-0DE1-4A44-9F3C-68E558C4BB16} - System32\Tasks\Core Temp Autostart PC => C:\Program Files\Core Temp\Core Temp.exe [1011592 2019-08-24] (ALCPU -> ALCPU)
Task: {EEF7D7DC-BB2F-4C6E-8690-003BC244563B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001UA1d2583baaa788d1 => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-07-18] (Google Inc -> Google Inc.)
Task: {F3A5EC93-A984-45AC-8A29-9244F16931E2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FAF0BBAE-CFAA-4D6C-AA49-39378A755D99} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001Core.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001UA.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPC.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{859b686b-c2e5-47f5-910c-da7d016e00b5}: [DhcpNameServer] 1.1.1.1 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3850399385-1112106150-548709150-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-3850399385-1112106150-548709150-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [2016-07-22] (Nitro Software, Inc. -> Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-17] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3850399385-1112106150-548709150-1001: @tools.google.com/Google Update;version=3 -> C:\Users\PC\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin HKU\S-1-5-21-3850399385-1112106150-548709150-1001: @tools.google.com/Google Update;version=9 -> C:\Users\PC\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR HomePage: Profile 2 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 2 -> "hxxp://www.seznam.cz/"
CHR Notifications: Profile 2 -> hxxps://3afdi.free-coupons.network; hxxps://answear.cz; hxxps://aukro.cz; hxxps://check-this-out-now.online; hxxps://cz.depositphotos.com; hxxps://fastshare.cz; hxxps://free-coupons.network; hxxps://gomez.cz; hxxps://i-healthy-beauty.com; hxxps://itvid.net; hxxps://notify-monad.com; hxxps://novom.ru; hxxps://octaviaclub.cz; hxxps://repair-guides.com; hxxps://ruclip.com; hxxps://ruvid.net; hxxps://velkoobchod.conrad.cz; hxxps://vevio.cz; hxxps://w1gq6.free-coupons.network; hxxps://watchmygirlfriend.tv; hxxps://www.astratex.cz; hxxps://www.autodoc.cz; hxxps://www.autohotarek.cz; hxxps://www.automobilovedily24.cz; hxxps://www.autoradio.org; hxxps://www.banggood.com; hxxps://www.bezvasport.cz; hxxps://www.cafago.com; hxxps://www.conrad.cz; hxxps://www.dobrestroje.cz; hxxps://www.exasoft.cz; hxxps://www.katalogynabytku.cz; hxxps://www.letgo.cz; hxxps://www.megaknihy.cz; hxxps://www.nabytek-helcel.cz; hxxps://www.penize.cz; hxxps://www.prodejauto.eu; hxxps://www.sevt.cz; hxxps://www.suprdeal.cz; hxxps://www.tomtom.com; hxxps://www.truhlikov.cz; hxxps://www.uni-max.cz
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2020-01-09]
CHR Extension: (Google Exels) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2016-10-14]
CHR Extension: (Tampermonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-06-11]
CHR Extension: (No Name) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkgcomhcmhlbdokplmbpkejkojkmjglg [2016-10-14]
CHR Extension: (ScriptMonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lblbnlfhhblmfconjalikamamlgoobbe [2018-06-11]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-01-09]
CHR Extension: (Tampermonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-06-11]
CHR Extension: (Auto Refresh) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ifooldnmmcmlbdennkpdnlnbgbmfalko [2016-10-15]
CHR Extension: (ScriptMonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lblbnlfhhblmfconjalikamamlgoobbe [2018-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-15]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-15]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-01-09]
CHR Extension: (Adobe Acrobat) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-12-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR Extension: (Tampermonkey) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-06-11]
OPR Extension: (ScriptMonkey) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\lblbnlfhhblmfconjalikamamlgoobbe [2018-06-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd -> Disc Soft Ltd)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [361848 2019-12-06] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-08-19] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG -> Nero AG)
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [327320 2016-07-22] (Nitro Software, Inc. -> Nitro Software, Inc.)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [417944 2016-07-22] (Nitro Software, Inc. -> )
R2 nlsX86cc; C:\WINDOWS\SysWOW64\NLSSRV32.EXE [71832 2016-07-22] (Nitro Software, Inc. -> Nalpeiron Ltd.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG -> Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALSysIO; C:\Users\PC\AppData\Local\Temp\ALSysIO64.sys [47240 2020-01-09] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-07-18] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-07-18] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eusk2par; C:\WINDOWS\system32\Drivers\eusk2par-amd64.sys [42816 2006-12-13] (Eutron -> Eutron)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv; C:\WINDOWS\gdrv.sys [25640 2019-07-08] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-08] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c1a085cc86772d3f\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2016-07-18] (Acronis International GmbH -> Acronis International GmbH)
S3 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [198432 2016-07-18] (Acronis International GmbH -> Acronis International GmbH)
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-09 16:51 - 2020-01-09 16:52 - 000029274 _____ C:\Users\PC\Desktop\FRST.txt
2020-01-09 16:50 - 2020-01-09 16:51 - 000000000 ____D C:\FRST
2020-01-09 16:49 - 2020-01-09 16:49 - 002573312 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2020-01-09 14:46 - 2020-01-09 14:46 - 000000000 ____D C:\Program Files\VideoLAN
2020-01-09 14:32 - 2020-01-09 14:32 - 000000000 ____D C:\Users\PC\AppData\Local\SlimWare Utilities Inc
2020-01-09 14:30 - 2020-01-09 14:30 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2020-01-09 14:30 - 2020-01-09 14:30 - 000000000 ____D C:\Users\PC\AppData\Local\AVAST Software
2020-01-09 14:30 - 2020-01-09 14:30 - 000000000 ____D C:\ProgramData\Documents\Downloaded Installers
2020-01-09 14:26 - 2020-01-09 14:26 - 000002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 10.lnk
2020-01-09 14:26 - 2020-01-09 14:26 - 000002000 _____ C:\Users\Public\Desktop\Nitro Pro 10.lnk
2020-01-09 14:26 - 2020-01-09 14:26 - 000002000 _____ C:\ProgramData\Desktop\Nitro Pro 10.lnk
2020-01-09 14:26 - 2020-01-09 14:26 - 000000000 ____D C:\Program Files\Common Files\Nitro
2020-01-09 14:26 - 2020-01-09 14:26 - 000000000 ____D C:\Program Files (x86)\Nitro
2020-01-09 14:26 - 2016-07-22 17:26 - 000031896 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\nitrolocalmon10.dll
2020-01-09 14:26 - 2016-07-22 17:26 - 000020120 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\nitrolocalui10.dll
2020-01-09 14:17 - 2020-01-09 15:18 - 000000000 ____D C:\ProgramData\AVAST Software
2020-01-09 14:15 - 2020-01-09 14:15 - 000000736 _____ C:\Users\PC\Desktop\PLOCHA.lnk
2020-01-09 14:06 - 2020-01-09 14:14 - 000000000 ____D C:\plocha
2020-01-09 13:42 - 2020-01-09 13:42 - 000000000 ____D C:\Users\PC\AppData\Local\Garmin
2019-12-31 19:22 - 2019-12-31 19:31 - 2592917989 _____ C:\Users\PC\Downloads\Malé ženy ( Little Women 1994 ) CZ dab + tit 1080p BluRay.mkv
2019-12-31 19:04 - 2019-12-31 19:13 - 2218338695 _____ C:\Users\PC\Downloads\NÁVRH (The Proposal) 2009 cz.mkv
2019-12-27 11:04 - 2019-12-27 11:04 - 001178437 _____ C:\Users\PC\Downloads\nabytek_svepomoci_ukazka.pdf
2019-12-17 18:24 - 2019-12-17 18:24 - 000193260 _____ C:\Users\PC\Downloads\Vypis_z_uctu_483899144_z_20191130.pdf
2019-12-17 18:22 - 2019-12-17 18:22 - 000128860 _____ C:\Users\PC\Downloads\Vypis_z_uctu_385074173_z_20191130.pdf
2019-12-17 16:42 - 2019-12-17 16:42 - 000278593 _____ C:\Users\PC\Downloads\top-secret-test-správné-odpovědi.pdf
2019-12-12 17:17 - 2019-12-12 17:17 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-12 17:17 - 2019-12-12 17:17 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-12 17:17 - 2019-12-12 17:17 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-12 17:17 - 2019-12-12 17:17 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-12 17:17 - 2019-12-12 17:17 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-12 17:17 - 2019-12-12 17:17 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-12 17:17 - 2019-12-12 17:17 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-12 17:17 - 2019-12-12 17:17 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-12 17:17 - 2019-12-12 17:17 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-12 17:17 - 2019-12-12 17:17 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-12 17:17 - 2019-12-12 17:17 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-12 17:17 - 2019-12-12 17:17 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-12 17:17 - 2019-12-12 17:17 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-12 17:17 - 2019-12-12 17:17 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-12 17:17 - 2019-12-12 17:17 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-12 17:17 - 2019-12-12 17:17 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-12 17:17 - 2019-12-12 17:17 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-12 17:17 - 2019-12-12 17:17 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-12 17:17 - 2019-12-12 17:17 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-10 20:46 - 2019-12-10 20:46 - 000019508 _____ C:\Users\PC\Downloads\zj V.xlsx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-09 16:45 - 2017-06-15 10:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-09 16:43 - 2019-07-28 21:04 - 000003124 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2020-01-09 16:15 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-09 16:06 - 2019-07-28 21:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-09 16:05 - 2016-07-18 19:43 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-01-09 15:57 - 2019-07-28 21:01 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-09 15:57 - 2019-03-19 12:57 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-09 15:57 - 2019-03-19 12:57 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-09 15:57 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-09 15:52 - 2019-07-28 21:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-09 15:52 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-09 15:34 - 2019-07-28 20:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-09 15:13 - 2017-08-27 08:44 - 000000340 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPC.job
2020-01-09 14:46 - 2016-07-18 19:49 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-01-09 14:46 - 2016-07-18 19:49 - 000000916 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-01-09 14:46 - 2016-07-18 19:49 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2020-01-09 14:26 - 2017-06-28 15:29 - 000000000 ____D C:\Program Files\Nitro
2020-01-09 14:25 - 2017-06-28 15:28 - 000000000 ____D C:\Users\PC\AppData\Roaming\Downloaded Installations
2020-01-09 14:20 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-01-09 14:12 - 2019-11-19 14:29 - 000001144 _____ C:\Users\PC\Desktop\i_view64.exe – zástupce.lnk
2020-01-09 12:35 - 2017-05-08 17:42 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2020-01-08 17:50 - 2019-07-28 21:04 - 000003220 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForPC
2020-01-07 18:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-06 18:10 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-04 20:36 - 2019-07-28 21:04 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2017-06-15 10:34 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-04 20:36 - 2017-06-15 10:34 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-01-04 20:36 - 2017-06-15 10:34 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-01-04 20:36 - 2016-11-04 18:40 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-01-04 20:36 - 2016-11-04 18:40 - 000001443 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2019-12-29 21:17 - 2016-07-19 17:41 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2019-12-20 19:42 - 2016-09-16 06:56 - 000000000 ___RD C:\Users\PC\Documents\Scanned Documents
2019-12-20 11:04 - 2016-07-19 16:36 - 000002446 _____ C:\Users\PC\Desktop\Google Chrome.lnk
2019-12-20 11:04 - 2016-07-18 15:44 - 000002483 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-12-15 08:56 - 2019-07-28 21:04 - 000004648 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-15 08:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-15 08:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-15 08:56 - 2016-07-18 19:42 - 000000000 ____D C:\Users\PC\AppData\Local\Adobe
2019-12-14 08:00 - 2019-07-28 21:04 - 000003758 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001UA1d2583baaa788d1
2019-12-14 08:00 - 2019-07-28 21:04 - 000003490 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001Core1d2583baaa50420
2019-12-13 10:52 - 2019-07-28 20:52 - 000531760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-13 10:52 - 2017-12-10 15:55 - 000000000 ___RD C:\Users\PC\3D Objects
2019-12-13 10:52 - 2016-04-27 08:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-12 22:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-12 22:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-12 22:25 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-12 17:21 - 2016-07-18 15:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 17:19 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-12 17:19 - 2016-07-18 15:44 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-12 17:17 - 2012-01-20 13:28 - 000410830 __RSH C:\bootmgr
2019-12-12 14:17 - 2017-12-10 15:49 - 000000000 ____D C:\Users\PC\AppData\Local\Packages

==================== Files in the root of some directories ========

2018-04-12 00:34 - 2018-04-12 00:34 - 000059904 _____ (Microsoft Corporation) C:\Users\PC\raAiEarnUYw.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000178688 _____ (Microsoft Corporation) C:\Users\PC\YosDAuZEMiO.exe
2019-11-17 19:50 - 2019-11-17 19:50 - 000000209 _____ () C:\Users\PC\AppData\Roaming\PC-STOLNI.MTBF.txt
2019-05-05 11:16 - 2019-11-19 17:46 - 000023552 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-30 15:47 - 2016-07-30 15:47 - 000007605 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2018-06-11 12:04 - 2018-06-11 12:04 - 000000002 _____ () C:\Users\PC\AppData\Local\WMI.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

-------------------------------------------------------------------------------

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2020
Ran by PC (09-01-2020 16:52:30)
Running from C:\Users\PC\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-07-28 20:04:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3850399385-1112106150-548709150-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3850399385-1112106150-548709150-503 - Limited - Disabled)
Guest (S-1-5-21-3850399385-1112106150-548709150-501 - Limited - Disabled)
PC (S-1-5-21-3850399385-1112106150-548709150-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-3850399385-1112106150-548709150-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image 2014 (HKLM-x32\...\{5858B1D6-8056-471C-8A29-6A1765BBC0BE}) (Version: 17.0.4515 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Core Temp 1.15 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15 - ALCPU)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
EA Download Manager (HKLM-x32\...\EA Download Manager) (Version: 6.0.4.124 - Electronic Arts, Inc.)
EA Download Manager UI (HKLM-x32\...\{E17141A6-211D-5854-61D9-69827A430D82}) (Version: 6.0.4 - Electronic Arts) Hidden
EA Download Manager UI (HKLM-x32\...\com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 6.0.4.124 - Electronic Arts)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.3.5 - CEWE Stiftung u Co. KGaA)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - )
HP Support Solutions Framework (HKLM-x32\...\{7C3170E8-E61A-41D9-8547-8E96445EA510}) (Version: 12.14.49.15 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
LEGO STAR WARS The Force Awakens (HKLM-x32\...\LEGO STAR WARS The Force Awakens_is1) (Version: - )
LPGTECH Gas Setting 2.0 (HKLM-x32\...\{9E680F62-635A-49E7-BDFE-1D12A4EF0BAE}_is1) (Version: 2.0 - LPGTECH)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MioMore Desktop 7.50 (HKLM-x32\...\{A2804FE8-4101-48a0-AE1A-575B99014BF4}-Mio-7.50) (Version: 7.50.0112.135 - Mio Technology)
MRP Aktualizační manažer (HKLM-x32\...\MRP NetAgent) (Version: - MRP)
MRP Daňová evidence + sklad (HKLM-x32\...\MRP Danova evidence_is1) (Version: 7.80.906 - MRP)
MRP Základ vizuálního systému (HKLM-x32\...\MRP Zaklad) (Version: - )
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.3.0.0 - Electronic Arts)
Nero 8 (HKLM-x32\...\{6F8A555E-F2E1-415D-AD8A-67C0A7671029}) (Version: 8.10.27 - Nero AG)
Nitro Pro 10 (HKLM\...\{DC4C90A4-1935-4484-AEBD-C35F3F345379}) (Version: 10.5.9.9 - Nitro)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
RC Desk Pilot 0.2.2 (HKLM\...\{DFFD7D4F-6C61-402D-8D16-72B8AC33FE5A}_is1) (Version: - rcdeskpilot.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Webshare uploader (HKLM-x32\...\WebshareDLC) (Version: - Webshare)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3850399385-1112106150-548709150-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3850399385-1112106150-548709150-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\PC\AppData\Local\Google\Chrome\Application\79.0.3945.88\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3850399385-1112106150-548709150-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-09-24] (Nero AG -> Nero AG)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 10\NPShellExtension.dll [2016-07-22] (Nitro Software, Inc. -> Nitro PDF)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\aa4b53adde6bfb3d\Google Chrome.lnk -> C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\56292fd72b436a45\Google Chrome.lnk -> C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

2019-07-28 20:55 - 2018-03-24 00:05 - 000880024 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2019-07-28 20:55 - 2018-03-24 00:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\PC\Downloads\parte.jpeg:3or4kl4x13tuuug3Byamue2s4b [85]
AlternateDataStreams: C:\Users\PC\Downloads\parte.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3850399385-1112106150-548709150-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\img0.jpg
DNS Servers: 1.1.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "NBKeyScan"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{405FA191-FED3-40ED-860E-16967F9B8505}C:\program files (x86)\electronic arts\need for speed rivals\nfs14.exe] => (Block) C:\program files (x86)\electronic arts\need for speed rivals\nfs14.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{74E0A551-D93D-48C0-99EB-08B6D6EE68BE}C:\program files (x86)\electronic arts\need for speed rivals\nfs14.exe] => (Block) C:\program files (x86)\electronic arts\need for speed rivals\nfs14.exe (Electronic Arts) [File not signed]
FirewallRules: [{402E55FA-57DB-414C-AE2B-AF0BCC4A400D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6ACEE46A-4C9D-488F-90D1-2A3B95A3E76C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{CA43811C-A26B-4050-8AB5-747707130AB1}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{858A24BF-03D9-4FC0-AD1B-37C60285207C}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{EBFC0084-699A-4D91-8438-02F21AD3D2BF}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{430EF56C-7890-4D2F-B3DF-EE2EE4E42FB6}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AB4D8942-CF62-4AC8-93BE-CC0809EC4858}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{37C22CEE-8BA7-4053-B7FE-D59ADD68846B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EEF930D8-91B8-4880-8F37-38A639ABE61C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A32650C8-580F-4595-A1B7-A56EEE9309C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

==================== Restore Points =========================

30-12-2019 12:43:03 Naplánovaný kontrolní bod
09-01-2020 14:32:11 Removed Avast Driver Updater

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/09/2020 04:50:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3028,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/09/2020 04:10:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8372,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/09/2020 04:00:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5748,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/09/2020 03:41:24 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8176,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/09/2020 03:33:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7184,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/09/2020 03:25:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5956,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/09/2020 03:06:05 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7404,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/09/2020 02:52:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (376,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (01/09/2020 09:23:30 AM) (Source: DCOM) (EventID: 10000) (User: PC-STOLNI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/08/2020 03:33:46 PM) (Source: DCOM) (EventID: 10000) (User: PC-STOLNI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/08/2020 02:38:05 PM) (Source: DCOM) (EventID: 10000) (User: PC-STOLNI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/07/2020 07:21:31 PM) (Source: DCOM) (EventID: 10000) (User: PC-STOLNI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/07/2020 11:59:52 AM) (Source: DCOM) (EventID: 10000) (User: PC-STOLNI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/06/2020 08:10:28 PM) (Source: DCOM) (EventID: 10000) (User: PC-STOLNI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/05/2020 06:54:22 PM) (Source: DCOM) (EventID: 10000) (User: PC-STOLNI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/04/2020 01:52:11 PM) (Source: DCOM) (EventID: 10000) (User: PC-STOLNI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}


Windows Defender:
===================================
Date: 2020-01-09 12:59:37.537
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {69A6D110-4ABB-4963-AEB7-E6EA6E3BDA20}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-09 12:53:27.101
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B37A1C37-43BA-4F0E-AEE2-96EF4004726A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-08 14:32:07.432
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {AC507DFF-CCDF-47C5-9AA7-DDD94CA0B082}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-31 19:18:15.882
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {DBE4E534-822D-47F2-81EC-08A76E331FCB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-29 21:17:48.421
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Trufip!rts
ID: 2147625179
Závažnost: Vysoké
Kategorie: Trojský kůň
Cesta: file:_C:\Users\PC\AppData\Local\Temp\Rar$EXa12412.6689\Car_Radio_Code_Calculator\Ford Car Radio Decoding Software\FORD SOUND 2000 Series Code Decrypter v2.00.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.307.1359.0, AS: 1.307.1359.0, NIS: 1.307.1359.0
Verze modulu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-09 15:52:43.705
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru vyžaduje ke správnému fungování aktuální modul. Pokud chcete povolit ochranu v reálném čase, je nutné nainstalovat nejnovější aktualizace bezpečnostních informací.

CodeIntegrity:
===================================

Date: 2020-01-09 15:16:36.620
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:36.617
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:36.262
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:36.259
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:27.582
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:27.579
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:26.005
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:25.998
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F7 10/12/2011
Motherboard: Gigabyte Technology Co., Ltd. Z68X-UD3P-B3
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 18%
Total physical RAM: 16367.11 MB
Available physical RAM: 13366.74 MB
Total Virtual: 18799.11 MB
Available Virtual: 15536.03 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.18 GB) (Free:227.01 GB) NTFS ==>[drive with boot components (obtained from BCD)]

\\?\Volume{337783d8-0000-0000-0000-a08b6f000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 337783D8)
Partition 1: (Active) - (Size=446.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=516 MB) - (Type=27)

==================== End of Addition.txt =======================


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 10 led 2020 16:30 
Offline
Moderátor
Moderátor

Registrován: 30 pro 2013 22:29
Příspěvky: 3396
Bydliště: Bratislava
Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 10 led 2020 17:55 
Offline
Návštěvník
Návštěvník

Registrován: 28 črc 2014 18:36
Příspěvky: 14
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-10-2020
# Duration: 00:00:03
# OS: Windows 10 Pro
# Cleaned: 19
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Youtube AdBlock
Deleted C:\Users\PC\AppData\Local\slimware utilities inc
Deleted C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\VIS

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPCeement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAD5EB17-78B3-45BB-8929-65619F0A92EA}
Deleted Preinstalled.HPCeement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAD5EB17-78B3-45BB-8929-65619F0A92EA}
Deleted Preinstalled.HPCeement Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPCeeScheduleForPC
Deleted Preinstalled.HPCeement Task C:\Windows\System32\Tasks\HPCEESCHEDULEFORPC
Deleted Preinstalled.HPCeement Task C:\Windows\Tasks\HPCEESCHEDULEFORPC.JOB
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\PC\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\PC\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{C0ABBA07-B636-47B8-B9E1-BB96D7CD4831}
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Not Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3356 octets] - [10/01/2020 17:53:18]
AdwCleaner[S01].txt - [3417 octets] - [10/01/2020 17:55:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 11 led 2020 23:03 
Offline
Moderátor
Moderátor

Registrován: 30 pro 2013 22:29
Příspěvky: 3396
Bydliště: Bratislava
Poprosim o obidva nove logy z FRST.

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 12 led 2020 12:07 
Offline
Návštěvník
Návštěvník

Registrován: 28 črc 2014 18:36
Příspěvky: 14
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2020
Ran by PC (administrator) on PC-STOLNI (Gigabyte Technology Co., Ltd. Z68X-UD3P-B3) (12-01-2020 12:07:16)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Pro Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis International GmbH -> Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Nitro Software, Inc. -> ) C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
(Nitro Software, Inc. -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro Software, Inc. -> Nitro Software, Inc.) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [518424 2013-07-18] (Acronis International GmbH -> Acronis)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7805824 2013-11-22] (Acronis International GmbH -> Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1102192 2013-10-10] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [1836328 2007-09-20] (Nero AG -> Nero AG)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Run: [Google Update] => C:\Users\PC\AppData\Local\Google\Update\1.3.35.422\GoogleUpdateCore.exe [219592 2019-12-14] (Google LLC -> Google LLC)
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe [202024 2007-09-20] (Nero AG -> Nero AG)
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {2920cd84-fd3e-11e9-8086-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {2920cdaf-fd3e-11e9-8086-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {358d9afd-6ade-11e8-803c-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {9614f225-173a-11e9-806b-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02775204-F1C3-4949-B0B8-8FBA7463EFFA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-15] (Adobe Inc. -> Adobe)
Task: {0315F755-1C08-4558-BA73-56016DBE41C2} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [782320 2019-10-26] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {05D3832E-9595-4302-954D-E8DB92A0A61E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {088CD6EB-082E-4386-BCA0-3C6243BA594B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001Core1d2583baaa50420 => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-07-18] (Google Inc -> Google Inc.)
Task: {0DF6D448-FD6B-429F-B1AF-D12205A9AA5C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {16074411-B9B9-4609-A08B-32B99FC54797} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {226C2529-419F-4882-B9F0-3516F43E036C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {249CCB75-3D98-44D8-979F-68A6FF8CF48B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )
Task: {25E9313B-F51A-4455-8A57-5F66E3C815E9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {28F3FED5-BE24-4DC3-A049-5CC47136D328} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {290D399A-CABA-4915-9326-09E75A56A316} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {2D799B7A-A41D-49D3-BA1F-7A375C50024E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {387F7C46-5BAE-41E8-A436-69ADE88C4761} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {42EE0A6D-BCBF-4395-A860-5E824C219B55} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {49993180-11FB-4961-B8B5-DF4EDD4F2571} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001Core => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-07-18] (Google Inc -> Google Inc.)
Task: {4DEDD72B-C747-4FB1-8414-6A1827A469B7} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {597FE07C-B370-48FF-B7BC-D633275509CA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {648313E4-5602-4DAF-A29F-F641FE052C3B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7C96F8CA-4548-4E80-81C0-A81035F34FBC} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {85189E59-5C37-4C42-A357-636E8A908FF0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {91C60497-6D96-43D4-A233-AD3DC3CB94E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [145272 2019-10-31] (HP Inc. -> HP Inc.)
Task: {A2E5CEBE-5484-4AE6-A01D-9D370275CA62} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ACC56F38-1175-4121-82BD-C6746CFF9018} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B346BD47-51BD-4C05-B7B3-55CD29CA4BB1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B81014C2-929C-4895-9C45-AD4132F48D84} - System32\Tasks\{66CE6B2C-CE2B-4E51-9196-0D695038B415} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\PC\Desktop\NFS11.exe -d C:\Users\PC\Desktop
Task: {C66D6CD8-DEAA-46F0-ABC8-7F1729117BEC} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineVW => C:\WINDOWS\SysWOW64\Speech\Engines\Q-1-46-39\FD_1.4.17.96.exe (Access Denied) <==== ATTENTION
Task: {CC43F2E9-67C8-4B64-B4E5-7C628AAEF043} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {D56CE9FB-E587-467A-8CD8-A8F0EE060786} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D75C4118-D85A-43EF-9348-FDB4C6AF376E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001UA => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-07-18] (Google Inc -> Google Inc.)
Task: {DCCAD6A9-A73E-4EDD-BDF5-3D22018212A8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {DE588AB7-C67D-470E-9821-E38B005CC0C9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E17F37FA-0DE1-4A44-9F3C-68E558C4BB16} - System32\Tasks\Core Temp Autostart PC => C:\Program Files\Core Temp\Core Temp.exe [1011592 2019-08-24] (ALCPU -> ALCPU)
Task: {EEF7D7DC-BB2F-4C6E-8690-003BC244563B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001UA1d2583baaa788d1 => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe [154440 2016-07-18] (Google Inc -> Google Inc.)
Task: {F3A5EC93-A984-45AC-8A29-9244F16931E2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FAF0BBAE-CFAA-4D6C-AA49-39378A755D99} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001Core.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001UA.job => C:\Users\PC\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 1.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{859b686b-c2e5-47f5-910c-da7d016e00b5}: [DhcpNameServer] 1.1.1.1 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3850399385-1112106150-548709150-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
SearchScopes: HKU\S-1-5-21-3850399385-1112106150-548709150-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 10\npnitromozilla.dll [2016-07-22] (Nitro Software, Inc. -> Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-17] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3850399385-1112106150-548709150-1001: @tools.google.com/Google Update;version=3 -> C:\Users\PC\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin HKU\S-1-5-21-3850399385-1112106150-548709150-1001: @tools.google.com/Google Update;version=9 -> C:\Users\PC\AppData\Local\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR HomePage: Profile 2 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 2 -> "hxxp://www.seznam.cz/"
CHR Notifications: Profile 2 -> hxxps://3afdi.free-coupons.network; hxxps://answear.cz; hxxps://aukro.cz; hxxps://check-this-out-now.online; hxxps://cz.depositphotos.com; hxxps://fastshare.cz; hxxps://free-coupons.network; hxxps://gomez.cz; hxxps://i-healthy-beauty.com; hxxps://itvid.net; hxxps://notify-monad.com; hxxps://novom.ru; hxxps://octaviaclub.cz; hxxps://repair-guides.com; hxxps://ruclip.com; hxxps://ruvid.net; hxxps://velkoobchod.conrad.cz; hxxps://vevio.cz; hxxps://w1gq6.free-coupons.network; hxxps://watchmygirlfriend.tv; hxxps://www.astratex.cz; hxxps://www.autodoc.cz; hxxps://www.autohotarek.cz; hxxps://www.automobilovedily24.cz; hxxps://www.autoradio.org; hxxps://www.banggood.com; hxxps://www.bezvasport.cz; hxxps://www.cafago.com; hxxps://www.conrad.cz; hxxps://www.dobrestroje.cz; hxxps://www.exasoft.cz; hxxps://www.katalogynabytku.cz; hxxps://www.letgo.cz; hxxps://www.megaknihy.cz; hxxps://www.nabytek-helcel.cz; hxxps://www.penize.cz; hxxps://www.prodejauto.eu; hxxps://www.sevt.cz; hxxps://www.suprdeal.cz; hxxps://www.tomtom.com; hxxps://www.truhlikov.cz; hxxps://www.uni-max.cz
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2020-01-12]
CHR Extension: (Google Exels) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\chklaanhfefbnpoihckbnefhakgolnmc [2016-10-14]
CHR Extension: (Tampermonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-06-11]
CHR Extension: (No Name) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkgcomhcmhlbdokplmbpkejkojkmjglg [2016-10-14]
CHR Extension: (ScriptMonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lblbnlfhhblmfconjalikamamlgoobbe [2018-06-11]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-01-12]
CHR Extension: (Tampermonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-06-11]
CHR Extension: (Auto Refresh) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ifooldnmmcmlbdennkpdnlnbgbmfalko [2016-10-15]
CHR Extension: (ScriptMonkey) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lblbnlfhhblmfconjalikamamlgoobbe [2018-06-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-15]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-15]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2 [2020-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-12-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-12]
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR Extension: (Tampermonkey) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-06-11]
OPR Extension: (ScriptMonkey) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\lblbnlfhhblmfconjalikamamlgoobbe [2018-06-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\WINDOWS\System32\AppleChargerSrv.exe [31272 2010-04-06] (Giga-Byte Technology -> )
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd -> Disc Soft Ltd)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [361848 2019-12-06] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-08-19] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG -> Nero AG)
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [327320 2016-07-22] (Nitro Software, Inc. -> Nitro Software, Inc.)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [417944 2016-07-22] (Nitro Software, Inc. -> )
R2 nlsX86cc; C:\WINDOWS\SysWOW64\NLSSRV32.EXE [71832 2016-07-22] (Nitro Software, Inc. -> Nalpeiron Ltd.)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG -> Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HPTouchpointAnalyticsService; "C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALSysIO; C:\Users\PC\AppData\Local\Temp\ALSysIO64.sys [47240 2020-01-10] (ALCPU (Arthur Liberman) -> Arthur Liberman) <==== ATTENTION
R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-07-18] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-07-18] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eusk2par; C:\WINDOWS\system32\Drivers\eusk2par-amd64.sys [42816 2006-12-13] (Eutron -> Eutron)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv; C:\WINDOWS\gdrv.sys [25640 2019-07-08] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-08] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c1a085cc86772d3f\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek )
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1120032 2016-07-18] (Acronis International GmbH -> Acronis International GmbH)
S3 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [198432 2016-07-18] (Acronis International GmbH -> Acronis International GmbH)
S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-10 17:52 - 2020-01-10 17:56 - 000000000 ____D C:\AdwCleaner
2020-01-10 17:51 - 2020-01-10 17:51 - 008237744 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_8.0.1.exe
2020-01-10 09:55 - 2020-01-10 09:55 - 000563200 _____ C:\Users\PC\Downloads\158.xls
2020-01-10 09:55 - 2020-01-10 09:55 - 000563200 _____ C:\Users\PC\Downloads\158 (1).xls
2020-01-09 16:52 - 2020-01-12 12:06 - 000020507 _____ C:\Users\PC\Desktop\Addition.txt
2020-01-09 16:51 - 2020-01-12 12:07 - 000027411 _____ C:\Users\PC\Desktop\FRST.txt
2020-01-09 16:50 - 2020-01-12 12:07 - 000000000 ____D C:\FRST
2020-01-09 16:49 - 2020-01-09 16:49 - 002573312 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2020-01-09 14:46 - 2020-01-09 14:46 - 000000000 ____D C:\Program Files\VideoLAN
2020-01-09 14:30 - 2020-01-09 14:30 - 000000000 ____D C:\Users\PC\AppData\Local\AVAST Software
2020-01-09 14:26 - 2020-01-09 14:26 - 000002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 10.lnk
2020-01-09 14:26 - 2020-01-09 14:26 - 000002000 _____ C:\Users\Public\Desktop\Nitro Pro 10.lnk
2020-01-09 14:26 - 2020-01-09 14:26 - 000002000 _____ C:\ProgramData\Desktop\Nitro Pro 10.lnk
2020-01-09 14:26 - 2020-01-09 14:26 - 000000000 ____D C:\Program Files\Common Files\Nitro
2020-01-09 14:26 - 2020-01-09 14:26 - 000000000 ____D C:\Program Files (x86)\Nitro
2020-01-09 14:26 - 2016-07-22 17:26 - 000031896 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\nitrolocalmon10.dll
2020-01-09 14:26 - 2016-07-22 17:26 - 000020120 _____ (Nitro Software, Inc.) C:\WINDOWS\system32\nitrolocalui10.dll
2020-01-09 14:17 - 2020-01-09 15:18 - 000000000 ____D C:\ProgramData\AVAST Software
2020-01-09 14:15 - 2020-01-09 14:15 - 000000736 _____ C:\Users\PC\Desktop\PLOCHA.lnk
2020-01-09 14:06 - 2020-01-09 14:14 - 000000000 ____D C:\plocha
2020-01-09 13:42 - 2020-01-09 13:42 - 000000000 ____D C:\Users\PC\AppData\Local\Garmin
2019-12-31 19:22 - 2019-12-31 19:31 - 2592917989 _____ C:\Users\PC\Downloads\Malé ženy ( Little Women 1994 ) CZ dab + tit 1080p BluRay.mkv
2019-12-31 19:04 - 2019-12-31 19:13 - 2218338695 _____ C:\Users\PC\Downloads\NÁVRH (The Proposal) 2009 cz.mkv
2019-12-27 11:04 - 2019-12-27 11:04 - 001178437 _____ C:\Users\PC\Downloads\nabytek_svepomoci_ukazka.pdf
2019-12-17 18:24 - 2019-12-17 18:24 - 000193260 _____ C:\Users\PC\Downloads\Vypis_z_uctu_483899144_z_20191130.pdf
2019-12-17 18:22 - 2019-12-17 18:22 - 000128860 _____ C:\Users\PC\Downloads\Vypis_z_uctu_385074173_z_20191130.pdf
2019-12-17 16:42 - 2019-12-17 16:42 - 000278593 _____ C:\Users\PC\Downloads\top-secret-test-správné-odpovědi.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-12 12:05 - 2017-06-15 10:34 - 000000000 ____D C:\ProgramData\NVIDIA
2020-01-12 12:03 - 2019-07-28 21:04 - 000003124 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2020-01-12 10:14 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-11 17:54 - 2016-09-16 08:01 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-01-11 09:50 - 2019-07-28 21:01 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-11 09:50 - 2019-03-19 12:57 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-11 09:50 - 2019-03-19 12:57 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-11 09:50 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-10 20:50 - 2019-07-28 21:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-10 20:49 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-01-10 20:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-10 20:33 - 2017-12-10 15:49 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2020-01-10 17:56 - 2017-11-19 09:20 - 000000000 ____D C:\ProgramData\HP
2020-01-10 17:56 - 2017-11-19 09:20 - 000000000 ____D C:\Program Files\HP
2020-01-10 17:56 - 2016-09-16 08:12 - 000000000 ____D C:\Users\PC\AppData\Roaming\Hewlett-Packard
2020-01-10 17:56 - 2016-09-16 07:27 - 000000000 ____D C:\Users\PC\AppData\Local\Hewlett-Packard
2020-01-10 17:56 - 2016-09-16 07:27 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-01-10 09:22 - 2016-07-19 16:36 - 000002446 _____ C:\Users\PC\Desktop\Google Chrome.lnk
2020-01-10 09:22 - 2016-07-18 15:44 - 000002483 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-09 16:06 - 2019-07-28 21:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-09 16:05 - 2016-07-18 19:43 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-01-09 15:34 - 2019-07-28 20:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-09 14:46 - 2016-07-18 19:49 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-01-09 14:46 - 2016-07-18 19:49 - 000000916 _____ C:\ProgramData\Desktop\VLC media player.lnk
2020-01-09 14:46 - 2016-07-18 19:49 - 000000000 ____D C:\Users\PC\AppData\Roaming\vlc
2020-01-09 14:26 - 2017-06-28 15:29 - 000000000 ____D C:\Program Files\Nitro
2020-01-09 14:25 - 2017-06-28 15:28 - 000000000 ____D C:\Users\PC\AppData\Roaming\Downloaded Installations
2020-01-09 14:20 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-01-09 14:12 - 2019-11-19 14:29 - 000001144 _____ C:\Users\PC\Desktop\i_view64.exe – zástupce.lnk
2020-01-09 12:35 - 2017-05-08 17:42 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2020-01-06 18:10 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-04 20:36 - 2019-07-28 21:04 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2019-07-28 21:04 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2020-01-04 20:36 - 2017-06-15 10:34 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-01-04 20:36 - 2017-06-15 10:34 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2020-01-04 20:36 - 2017-06-15 10:34 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2020-01-04 20:36 - 2016-11-04 18:40 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2020-01-04 20:36 - 2016-11-04 18:40 - 000001443 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2019-12-29 21:17 - 2016-07-19 17:41 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2019-12-20 19:42 - 2016-09-16 06:56 - 000000000 ___RD C:\Users\PC\Documents\Scanned Documents
2019-12-15 08:56 - 2019-07-28 21:04 - 000004648 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-15 08:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-15 08:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-15 08:56 - 2016-07-18 19:42 - 000000000 ____D C:\Users\PC\AppData\Local\Adobe
2019-12-14 08:00 - 2019-07-28 21:04 - 000003758 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001UA1d2583baaa788d1
2019-12-14 08:00 - 2019-07-28 21:04 - 000003490 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3850399385-1112106150-548709150-1001Core1d2583baaa50420
2019-12-13 10:52 - 2019-07-28 20:52 - 000531760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-13 10:52 - 2017-12-10 15:55 - 000000000 ___RD C:\Users\PC\3D Objects
2019-12-13 10:52 - 2016-04-27 08:00 - 000000000 __RHD C:\Users\Public\AccountPictures

==================== Files in the root of some directories ========

2018-04-12 00:34 - 2018-04-12 00:34 - 000059904 _____ (Microsoft Corporation) C:\Users\PC\raAiEarnUYw.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000178688 _____ (Microsoft Corporation) C:\Users\PC\YosDAuZEMiO.exe
2019-11-17 19:50 - 2019-11-17 19:50 - 000000209 _____ () C:\Users\PC\AppData\Roaming\PC-STOLNI.MTBF.txt
2019-05-05 11:16 - 2019-11-19 17:46 - 000023552 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-30 15:47 - 2016-07-30 15:47 - 000007605 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2018-06-11 12:04 - 2018-06-11 12:04 - 000000002 _____ () C:\Users\PC\AppData\Local\WMI.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2020
Ran by PC (12-01-2020 12:08:03)
Running from C:\Users\PC\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-07-28 20:04:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3850399385-1112106150-548709150-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3850399385-1112106150-548709150-503 - Limited - Disabled)
Guest (S-1-5-21-3850399385-1112106150-548709150-501 - Limited - Disabled)
PC (S-1-5-21-3850399385-1112106150-548709150-1001 - Administrator - Enabled) => C:\Users\PC
WDAGUtilityAccount (S-1-5-21-3850399385-1112106150-548709150-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image 2014 (HKLM-x32\...\{5858B1D6-8056-471C-8A29-6A1765BBC0BE}) (Version: 17.0.4515 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform)
Core Temp 1.15 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.15 - ALCPU)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
EA Download Manager (HKLM-x32\...\EA Download Manager) (Version: 6.0.4.124 - Electronic Arts, Inc.)
EA Download Manager UI (HKLM-x32\...\{E17141A6-211D-5854-61D9-69827A430D82}) (Version: 6.0.4 - Electronic Arts) Hidden
EA Download Manager UI (HKLM-x32\...\com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 6.0.4.124 - Electronic Arts)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.3.5 - CEWE Stiftung u Co. KGaA)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.309 - )
HP Support Solutions Framework (HKLM-x32\...\{7C3170E8-E61A-41D9-8547-8E96445EA510}) (Version: 12.14.49.15 - HP Inc.)
LEGO STAR WARS The Force Awakens (HKLM-x32\...\LEGO STAR WARS The Force Awakens_is1) (Version: - )
LPGTECH Gas Setting 2.0 (HKLM-x32\...\{9E680F62-635A-49E7-BDFE-1D12A4EF0BAE}_is1) (Version: 2.0 - LPGTECH)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MioMore Desktop 7.50 (HKLM-x32\...\{A2804FE8-4101-48a0-AE1A-575B99014BF4}-Mio-7.50) (Version: 7.50.0112.135 - Mio Technology)
MRP Aktualizační manažer (HKLM-x32\...\MRP NetAgent) (Version: - MRP)
MRP Daňová evidence + sklad (HKLM-x32\...\MRP Danova evidence_is1) (Version: 7.80.906 - MRP)
MRP Základ vizuálního systému (HKLM-x32\...\MRP Zaklad) (Version: - )
MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.3.0.0 - Electronic Arts)
Nero 8 (HKLM-x32\...\{6F8A555E-F2E1-415D-AD8A-67C0A7671029}) (Version: 8.10.27 - Nero AG)
Nitro Pro 10 (HKLM\...\{DC4C90A4-1935-4484-AEBD-C35F3F345379}) (Version: 10.5.9.9 - Nitro)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE) Hidden
ON_OFF Charge 2 B13.1028.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
RC Desk Pilot 0.2.2 (HKLM\...\{DFFD7D4F-6C61-402D-8D16-72B8AC33FE5A}_is1) (Version: - rcdeskpilot.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Webshare uploader (HKLM-x32\...\WebshareDLC) (Version: - Webshare)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-19] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3850399385-1112106150-548709150-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3850399385-1112106150-548709150-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\PC\AppData\Local\Google\Chrome\Application\79.0.3945.117\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3850399385-1112106150-548709150-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PC\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] (Acronis International GmbH -> )
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-09-24] (Nero AG -> Nero AG)
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Nitro\Pro 10\NPShellExtension.dll [2016-07-22] (Nitro Software, Inc. -> Nitro PDF)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2013-10-01] (Acronis International GmbH -> Acronis)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\aa4b53adde6bfb3d\Google Chrome.lnk -> C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\56292fd72b436a45\Google Chrome.lnk -> C:\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

2019-07-28 20:55 - 2018-03-24 00:05 - 000880024 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2019-07-28 20:55 - 2018-03-24 00:05 - 000343728 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\PC\Downloads\parte.jpeg:3or4kl4x13tuuug3Byamue2s4b [85]
AlternateDataStreams: C:\Users\PC\Downloads\parte.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3850399385-1112106150-548709150-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\img0.jpg
DNS Servers: 1.1.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "NBKeyScan"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{405FA191-FED3-40ED-860E-16967F9B8505}C:\program files (x86)\electronic arts\need for speed rivals\nfs14.exe] => (Block) C:\program files (x86)\electronic arts\need for speed rivals\nfs14.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{74E0A551-D93D-48C0-99EB-08B6D6EE68BE}C:\program files (x86)\electronic arts\need for speed rivals\nfs14.exe] => (Block) C:\program files (x86)\electronic arts\need for speed rivals\nfs14.exe (Electronic Arts) [File not signed]
FirewallRules: [{402E55FA-57DB-414C-AE2B-AF0BCC4A400D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6ACEE46A-4C9D-488F-90D1-2A3B95A3E76C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{CA43811C-A26B-4050-8AB5-747707130AB1}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{858A24BF-03D9-4FC0-AD1B-37C60285207C}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{EBFC0084-699A-4D91-8438-02F21AD3D2BF}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{430EF56C-7890-4D2F-B3DF-EE2EE4E42FB6}C:\users\pc\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\pc\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AB4D8942-CF62-4AC8-93BE-CC0809EC4858}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{37C22CEE-8BA7-4053-B7FE-D59ADD68846B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EEF930D8-91B8-4880-8F37-38A639ABE61C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A32650C8-580F-4595-A1B7-A56EEE9309C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

==================== Restore Points =========================

30-12-2019 12:43:03 Naplánovaný kontrolní bod
09-01-2020 14:32:11 Removed Avast Driver Updater

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/12/2020 09:56:01 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3268,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/12/2020 09:14:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7888,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/11/2020 06:45:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9128,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/11/2020 06:01:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9976,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/11/2020 01:52:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6052,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/11/2020 01:40:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3688,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/11/2020 10:00:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5680,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/10/2020 08:40:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6896,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (01/12/2020 10:14:35 AM) (Source: DCOM) (EventID: 10000) (User: PC-STOLNI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/11/2020 07:09:57 PM) (Source: DCOM) (EventID: 10000) (User: PC-STOLNI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/10/2020 08:52:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Touchpoint Analytics neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/10/2020 08:41:52 PM) (Source: DCOM) (EventID: 10000) (User: PC-STOLNI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/10/2020 06:58:25 PM) (Source: DCOM) (EventID: 10000) (User: PC-STOLNI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (01/10/2020 05:59:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba HP Touchpoint Analytics neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/10/2020 05:56:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Acronis Sync Agent Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/10/2020 05:56:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2020-01-09 12:59:37.537
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {69A6D110-4ABB-4963-AEB7-E6EA6E3BDA20}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-09 12:53:27.101
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B37A1C37-43BA-4F0E-AEE2-96EF4004726A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-08 14:32:07.432
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {AC507DFF-CCDF-47C5-9AA7-DDD94CA0B082}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-31 19:18:15.882
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {DBE4E534-822D-47F2-81EC-08A76E331FCB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-29 21:17:48.421
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Trufip!rts
ID: 2147625179
Závažnost: Vysoké
Kategorie: Trojský kůň
Cesta: file:_C:\Users\PC\AppData\Local\Temp\Rar$EXa12412.6689\Car_Radio_Code_Calculator\Ford Car Radio Decoding Software\FORD SOUND 2000 Series Code Decrypter v2.00.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.307.1359.0, AS: 1.307.1359.0, NIS: 1.307.1359.0
Verze modulu: AM: 1.1.16600.7, NIS: 1.1.16600.7

Date: 2020-01-10 20:50:18.938
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru vyžaduje ke správnému fungování aktuální modul. Pokud chcete povolit ochranu v reálném čase, je nutné nainstalovat nejnovější aktualizace bezpečnostních informací.

Date: 2020-01-10 17:57:29.904
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru vyžaduje ke správnému fungování aktuální modul. Pokud chcete povolit ochranu v reálném čase, je nutné nainstalovat nejnovější aktualizace bezpečnostních informací.

Date: 2020-01-09 15:52:43.705
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru vyžaduje ke správnému fungování aktuální modul. Pokud chcete povolit ochranu v reálném čase, je nutné nainstalovat nejnovější aktualizace bezpečnostních informací.

CodeIntegrity:
===================================

Date: 2020-01-09 15:16:36.620
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:36.617
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:36.262
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:36.259
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:27.582
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:27.579
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:26.005
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-09 15:16:25.998
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Users\PC\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F7 10/12/2011
Motherboard: Gigabyte Technology Co., Ltd. Z68X-UD3P-B3
Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 14%
Total physical RAM: 16367.11 MB
Available physical RAM: 14033.13 MB
Total Virtual: 18799.11 MB
Available Virtual: 16428.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.18 GB) (Free:227.07 GB) NTFS ==>[drive with boot components (obtained from BCD)]

\\?\Volume{337783d8-0000-0000-0000-a08b6f000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: 337783D8)
Partition 1: (Active) - (Size=446.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=516 MB) - (Type=27)

==================== End of Addition.txt =======================


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 12 led 2020 20:09 
Offline
Moderátor
Moderátor

Registrován: 30 pro 2013 22:29
Příspěvky: 3396
Bydliště: Bratislava
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
    Kód:
    Start
    CloseProcesses:
    CreateRestorePoint:

    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    VirusTotal: C:\Users\PC\raAiEarnUYw.exe
    VirusTotal: C:\Users\PC\YosDAuZEMiO.exe
    File: C:\Users\PC\raAiEarnUYw.exe
    File: C:\Users\PC\YosDAuZEMiO.exe
    File: C:\WINDOWS\SysWOW64\Speech\Engines\Q-1-46-39\FD_1.4.17.96.exe
    File: C:\Users\PC\AppData\Local\Temp\ALSysIO64.sys
    HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {2920cd84-fd3e-11e9-8086-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {2920cdaf-fd3e-11e9-8086-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {358d9afd-6ade-11e8-803c-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
    HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {9614f225-173a-11e9-806b-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
    Task: {C66D6CD8-DEAA-46F0-ABC8-7F1729117BEC} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineVW => C:\WINDOWS\SysWOW64\Speech\Engines\Q-1-46-39\FD_1.4.17.96.exe (Access Denied) <==== ATTENTION
    Task: {D56CE9FB-E587-467A-8CD8-A8F0EE060786} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    HKU\S-1-5-21-3850399385-1112106150-548709150-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
    S2 HPTouchpointAnalyticsService; "C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe" [X]
    2018-04-12 00:34 - 2018-04-12 00:34 - 000059904 _____ (Microsoft Corporation) C:\Users\PC\raAiEarnUYw.exe
    2018-04-12 00:34 - 2018-04-12 00:34 - 000178688 _____ (Microsoft Corporation) C:\Users\PC\YosDAuZEMiO.exe
    ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
    AlternateDataStreams: C:\Users\PC\Downloads\parte.jpeg:3or4kl4x13tuuug3Byamue2s4b [85]
    AlternateDataStreams: C:\Users\PC\Downloads\parte.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

    Hosts:
    EmptyTemp:
    End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie UTF-8
  • Subor uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 13 led 2020 09:00 
Offline
Návštěvník
Návštěvník

Registrován: 28 črc 2014 18:36
Příspěvky: 14
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-01-2020
Ran by PC (13-01-2020 09:02:21) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
VirusTotal: C:\Users\PC\raAiEarnUYw.exe
VirusTotal: C:\Users\PC\YosDAuZEMiO.exe
File: C:\Users\PC\raAiEarnUYw.exe
File: C:\Users\PC\YosDAuZEMiO.exe
File: C:\WINDOWS\SysWOW64\Speech\Engines\Q-1-46-39\FD_1.4.17.96.exe
File: C:\Users\PC\AppData\Local\Temp\ALSysIO64.sys
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {2920cd84-fd3e-11e9-8086-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {2920cdaf-fd3e-11e9-8086-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {358d9afd-6ade-11e8-803c-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\...\MountPoints2: {9614f225-173a-11e9-806b-1c6f65cec14f} - "E:\HiSuiteDownLoader.exe"
Task: {C66D6CD8-DEAA-46F0-ABC8-7F1729117BEC} - System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineVW => C:\WINDOWS\SysWOW64\Speech\Engines\Q-1-46-39\FD_1.4.17.96.exe (Access Denied) <==== ATTENTION
Task: {D56CE9FB-E587-467A-8CD8-A8F0EE060786} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
S2 HPTouchpointAnalyticsService; "C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe" [X]
2018-04-12 00:34 - 2018-04-12 00:34 - 000059904 _____ (Microsoft Corporation) C:\Users\PC\raAiEarnUYw.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000178688 _____ (Microsoft Corporation) C:\Users\PC\YosDAuZEMiO.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
AlternateDataStreams: C:\Users\PC\Downloads\parte.jpeg:3or4kl4x13tuuug3Byamue2s4b [85]
AlternateDataStreams: C:\Users\PC\Downloads\parte.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 28
Average :
Sum : 13489224
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

VirusTotal: C:\Users\PC\raAiEarnUYw.exe => https://www.virustotal.com/file/b656b13 ... 576505598/
VirusTotal: C:\Users\PC\YosDAuZEMiO.exe => https://www.virustotal.com/file/ffabee8 ... 578476472/

========================= File: C:\Users\PC\raAiEarnUYw.exe ========================

C:\Users\PC\raAiEarnUYw.exe
File not signed
MD5: 12C17B5A5C2A7B97342C362CA467E9A2
Creation and modification date: 2018-04-12 00:34 - 2018-04-12 00:34
Size: 000059904
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: msiexec
Original Name: msiexec.exe
Product: Windows Installer - Unicode
Description: Windows® installer
File Version: 5.0.17134.1 (WinBuild.160101.0800)
Product Version: 5.0.17134.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/b656b13 ... 576505598/

====== End of File: ======


========================= File: C:\Users\PC\YosDAuZEMiO.exe ========================

C:\Users\PC\YosDAuZEMiO.exe
File not signed
MD5: D09F4A346B2289629649A89AA050AB4B
Creation and modification date: 2018-04-12 00:34 - 2018-04-12 00:34
Size: 000178688
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: bitsadmin.exe
Original Name: bitsadmin.exe
Product: Microsoft® Windows® Operating System
Description: BITS administration utility
File Version: 7.8.17134.1 (WinBuild.160101.0800)
Product Version: 7.8.17134.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/ffabee8 ... 578476472/

====== End of File: ======


========================= File: C:\WINDOWS\SysWOW64\Speech\Engines\Q-1-46-39\FD_1.4.17.96.exe ========================

"C:\WINDOWS\SysWOW64\Speech\Engines\Q-1-46-39\FD_1.4.17.96.exe" => not found
====== End of File: ======


========================= File: C:\Users\PC\AppData\Local\Temp\ALSysIO64.sys ========================

C:\Users\PC\AppData\Local\Temp\ALSysIO64.sys
File is digitally signed
MD5: AFC2448B4080F695E76E059A96958CAB
Creation and modification date: 2019-07-28 21:04 - 2020-01-10 20:50
Size: 000047240
Attributes: ----N
Company Name: ALCPU (Arthur Liberman) -> Arthur Liberman
Internal Name: ALSysIO64.sys
Original Name: ALSysIO64.sys
Product: ALSysIO64
Description: ALSysIO64
File Version: 2.0.11.0
Product Version: 2.0.11.0
Copyright: Copyright (C) 2003-2019 Arthur Liberman
VirusTotal: 0

====== End of File: ======

HKU\S-1-5-21-3850399385-1112106150-548709150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2920cd84-fd3e-11e9-8086-1c6f65cec14f} => removed successfully
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2920cdaf-fd3e-11e9-8086-1c6f65cec14f} => removed successfully
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{358d9afd-6ade-11e8-803c-1c6f65cec14f} => removed successfully
HKU\S-1-5-21-3850399385-1112106150-548709150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9614f225-173a-11e9-806b-1c6f65cec14f} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C66D6CD8-DEAA-46F0-ABC8-7F1729117BEC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C66D6CD8-DEAA-46F0-ABC8-7F1729117BEC}" => removed successfully
Could not move "C:\WINDOWS\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineVW" => Scheduled to move on reboot.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Google\GoogleUpdateTaskMachineVW" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D56CE9FB-E587-467A-8CD8-A8F0EE060786}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D56CE9FB-E587-467A-8CD8-A8F0EE060786}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKU\S-1-5-21-3850399385-1112106150-548709150-1001\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
HKLM\System\CurrentControlSet\Services\HPTouchpointAnalyticsService => removed successfully
HPTouchpointAnalyticsService => service removed successfully
C:\Users\PC\raAiEarnUYw.exe => moved successfully
C:\Users\PC\YosDAuZEMiO.exe => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
C:\Users\PC\Downloads\parte.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS removed successfully
C:\Users\PC\Downloads\parte.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14890994 B
Java, Flash, Steam htmlcache => 1066 B
Windows/system/drivers => 190772 B
Edge => 48128 B
Chrome => 378048783 B
Firefox => 0 B
Opera => 144962 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 3102 B
PC => 5825648 B

RecycleBin => 0 B
EmptyTemp: => 390.4 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-01-2020 09:03:25)

C:\WINDOWS\System32\Tasks\Microsoft\Windows\Google\GoogleUpdateTaskMachineVW => Is moved successfully

==== End of Fixlog 09:03:25 ====


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 13 led 2020 22:34 
Offline
Moderátor
Moderátor

Registrován: 30 pro 2013 22:29
Příspěvky: 3396
Bydliště: Bratislava
:arrow: Stiahni TDSSKiller: http://www.bleepingcomputer.com/download/tdsskiller/
  • Uloz na plochu a spusti ako spravca
  • Potvrd licencne podmienky
  • Klikni na Change parameters, oznac moznost "Loaded Modules" a potvrd restart PC kliknutim na Reboot Now
  • Po restartovani PC by sa mal automaticky spustit TDSSKiller
  • Klikni znovu na Change parameters a oznac moznosti "Verify driver digital signature" a "Detect TDLFS file system" a uloz kliknutim na OK
  • Klikni na "Start Scan" a pockaj na dokoncenie skenu
  • V pripade nalezov ponechaj vybrane predvolene moznosti a klikni na "Continue" a v pripade vyzvy potvrd restartovanie PC
  • Na disku C:\ sa vytvori textovy subor (log) s nazvom zacinajucim na "TDSSKiller" - jeho obsah vloz do dalsej odpovede (ak bude suborov viac, posli vsetky z nich)

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 14 led 2020 12:59 
Offline
Návštěvník
Návštěvník

Registrován: 28 črc 2014 18:36
Příspěvky: 14
0 nálezů

12:52:18.0216 0x1344 TDSS rootkit removing tool 3.1.0.28 Apr 9 2019 21:11:46
12:52:21.0903 0x1344 ============================================================
12:52:21.0903 0x1344 Current date / time: 2020/01/14 12:52:21.0903
12:52:21.0903 0x1344 SystemInfo:
12:52:21.0903 0x1344
12:52:21.0903 0x1344 OS Version: 10.0.18362 ServicePack: 0.0
12:52:21.0903 0x1344 Product type: Workstation
12:52:21.0903 0x1344 ComputerName: PC-STOLNI
12:52:21.0903 0x1344 UserName: PC
12:52:21.0903 0x1344 Windows directory: C:\WINDOWS
12:52:21.0903 0x1344 System windows directory: C:\WINDOWS
12:52:21.0903 0x1344 Running under WOW64
12:52:21.0903 0x1344 Processor architecture: Intel x64
12:52:21.0903 0x1344 Number of processors: 4
12:52:21.0903 0x1344 Page size: 0x1000
12:52:21.0903 0x1344 Boot type: Normal boot
12:52:21.0903 0x1344 CodeIntegrityOptions = 0x00000001
12:52:21.0903 0x1344 ============================================================
12:52:21.0934 0x1344 KLMD registered as C:\WINDOWS\system32\drivers\00891259.sys
12:52:21.0934 0x1344 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 18362.1, osProperties = 0x19
12:52:21.0950 0x1344 System UUID: {8680ED32-9641-C25D-DFF0-82AD91BE2B40}
12:52:22.0028 0x1344 Drive \Device\Harddisk0\DR0 - Size: 0x6FC86D6000 ( 447.13 Gb ), SectorSize: 0x200, Cylinders: 0xE401, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:52:22.0028 0x1344 ============================================================
12:52:22.0028 0x1344 \Device\Harddisk0\DR0:
12:52:22.0028 0x1344 MBR partitions:
12:52:22.0028 0x1344 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x37C5C205
12:52:22.0028 0x1344 ============================================================
12:52:22.0028 0x1344 C: <-> \Device\Harddisk0\DR0\Partition1
12:52:22.0028 0x1344 ============================================================
12:52:22.0028 0x1344 Initialize success
12:52:22.0028 0x1344 ============================================================
12:53:29.0825 0x2988 KLMD registered as C:\WINDOWS\system32\drivers\73820673.sys
12:53:30.0359 0x2988 Deinitialize success

2. soubor v příloze


Přílohy:
TDSSKiller.3.1.0.28_14.01.2020_12.54.08_log.rar [129.88 KiB]
2 krát
Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 14 led 2020 18:07 
Offline
Moderátor
Moderátor

Registrován: 30 pro 2013 22:29
Příspěvky: 3396
Bydliště: Bratislava
:arrow: OK. Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?

:arrow: Windows Defender mas vypnuty umyselne? V PC sa podla logu nenachadza ziadny iny antivirus, preto odporucam WinDefender zapnut.

:arrow: V Chrome odporucam skontrolovat zoznam stranok, ktorym bolo povolene posielat notifikacie (Nastavenia -> Rozsirene -> Nastavenia webu -> Upozornenia) a tiez skontrolovat nainstalovane rozsirenia.

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 15 led 2020 14:09 
Offline
Návštěvník
Návštěvník

Registrován: 28 črc 2014 18:36
Příspěvky: 14
Změna nastala k lepšímu. Měl jsem problém, že něco vytěžovalo procesor. Mám nastaveno, aby se podtaktovával a něco ho stále drželo na max taktu. Psali, že to dělá windows defender tak jsem ho deaktivoval, a trochu se to zlepšilo. Zkusil jsem nahrát avast, ale vytěžoval PC víc než defender. Tak jsem ho odinstaloval a napsal raději sem pro pomoc. Takže ho opět aktivuji. Rozšíření v chrome mám smazané krom adobe pdf. Notifikace jsem zablokoval. Děkuji


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 15 led 2020 16:57 
Offline
Moderátor
Moderátor

Registrován: 30 pro 2013 22:29
Příspěvky: 3396
Bydliště: Bratislava
:arrow: OK. Co sa tyka tych rozsireni a notifikacii, nebolo nutne vsetky zmazat, ale islo skor o kontrolu a odstranenie nepouzivanych alebo (uz) nechcenych rozsireni a stranok s povolenymi notifikaciami.

:arrow: Na povolenie Windows Defenderu bude potrebne pouzit editor skupinovej politiky alebo mozes pouzit tento fixlist:

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
    Kód:
    Start
    HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 16 led 2020 09:07 
Offline
Návštěvník
Návštěvník

Registrován: 28 črc 2014 18:36
Příspěvky: 14
Rozšíření jsem kromě výše zmíněného nepoužíval a notifikace jsem zakázal u stránek, které nepoužívám. Ono byl hlavní problém v tom, že PC z 90% používá 63-letý otec a sám kolikrát neví, co povolil.
Defender jsem měl v registrech vytvořený zákaz, tak jsem ho odstranil, ale pro jistotu použil i fixlist.
Restart nevyžadoval a výsledek je tady:

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-01-2020
Ran by PC (16-01-2020 09:05:58) Run:2
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
End
*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully

==== End of Fixlog 09:05:58 ====


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 16 led 2020 16:59 
Offline
Moderátor
Moderátor

Registrován: 30 pro 2013 22:29
Příspěvky: 3396
Bydliště: Bratislava
:arrow: OK. Ak je teda vsetko v poriadku, tak este upraceme po pouzitych nastrojoch:

_________________
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!


Nahoru
 Profil  
 
 Předmět příspěvku: Re: Prosim o kontrolu
PříspěvekNapsal: 16 led 2020 17:39 
Offline
Návštěvník
Návštěvník

Registrován: 28 črc 2014 18:36
Příspěvky: 14
Děkuji, vše v naprostém pořádku.


Nahoru
 Profil  
 
Zobrazit příspěvky za předchozí:  Seřadit podle  
Odeslat nové téma Toto téma je zamknuté. Nemůžete posílat nové příspěvky ani odpovídat na starší.  [ Příspěvků: 16 ]  Přejít na stránku 1, 2  Další

Všechny časy jsou v UTC + 1 hodina


Kdo je online

Uživatelé procházející toto fórum: Žádní registrovaní uživatelé


Nemůžete zakládat nová témata v tomto fóru
Nemůžete odpovídat v tomto fóru
Nemůžete upravovat své příspěvky v tomto fóru
Nemůžete mazat své příspěvky v tomto fóru
Nemůžete přikládat soubory v tomto fóru

Hledat:
Přejít na:  
Založeno na phpBB® Forum Software © phpBB Group
Český překlad – phpBB.cz
Kurz o prevenci před útoky a podvodníky na internetu
Přispějete na provoz fóra?