Prosím o pomoc s velice pomalým PC. HDD má pořád zátěž 99%.
Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2018-02-01 12:35:43
Microsoft Windows 10 Home
System drive C: has 369 GB (62%) free of 592 GB
Total RAM: 3948 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:35:54, on 1.2.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
C:\Program Files\trend micro\admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] C:\Users\admin\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: Acer VCM.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12008 bytes
======Listing Processes======
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
dashost.exe {e1c9e462-25e7-4d2f-95b79b13c8422c70}
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1561_none_7ef6e89821f9a6be\TiWorker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\srtasks.exe ExecuteScopeRestorePoint /WaitForRestorePoint:53
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
sihost.exe
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer10_Logfile.log
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" XGpuTrayIcon"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
AvastUI.exe /nogui
"C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\WINDOWS\System32\Taskmgr.exe" /3
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe"
"C:\WINDOWS\system32\igfxext.exe" -Embedding
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"fontdrvhost.exe"
taskhostw.exe
C:\WINDOWS\System32\sihclient.exe
C:\WINDOWS\system32\msfeedssync.exe sync
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\InstallAgent.exe -Embedding
C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe /c
"C:\Program Files\AVAST Software\SZBrowser\launcher.exe" --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\compattelrunner.exe
C:\WINDOWS\system32\devicecensus.exe
C:\WINDOWS\System32\UNP\UNPCampaignManager.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:XGQBKqlTlUu1R35M.1
C:\Windows\System32\InstallAgentUserBroker.exe -Embedding
C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
"C:\Program Files (x86)\Acer\clear.fi Client\ExtractDeviceIcon.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=63.0.3239.132 --initial-client-data=0x1b4,0x1b8,0x1bc,0x1b0,0x1c0,0x7fffa1165720,0x7fffa1165760,0x7fffa1165738
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=5492 --on-initialized-event-handle=608 --parent-handle=600 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1468,15517360771816186448,380223895025829062,131072 --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4459 --gpu-driver-date=5-19-2016 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x0df4 --service-request-channel-token=9E06AAD620DFFC3EBF22D5BC1DAFF319 --mojo-platform-channel-handle=1476 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1468,15517360771816186448,380223895025829062,131072 --service-pipe-token=DC5F86C04B971F28497B5416FB718BCC --lang=cs --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=DC5F86C04B971F28497B5416FB718BCC --renderer-client-id=6 --mojo-platform-channel-handle=2608 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1468,15517360771816186448,380223895025829062,131072 --service-pipe-token=CD2DADB0FD26A55D208F34C410653D6E --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=CD2DADB0FD26A55D208F34C410653D6E --renderer-client-id=4 --mojo-platform-channel-handle=3912 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1468,15517360771816186448,380223895025829062,131072 --service-pipe-token=B7C674D9D2C5877919EAD5A02DD0A6E4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=B7C674D9D2C5877919EAD5A02DD0A6E4 --renderer-client-id=13 --mojo-platform-channel-handle=6216 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1468,15517360771816186448,380223895025829062,131072 --service-pipe-token=A24327C6B58AD28F559C3A688E4634A7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=A24327C6B58AD28F559C3A688E4634A7 --renderer-client-id=12 --mojo-platform-channel-handle=6664 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1468,15517360771816186448,380223895025829062,131072 --service-pipe-token=DB1F41B60E6B753D69061F18D3E4AD42 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=DB1F41B60E6B753D69061F18D3E4AD42 --renderer-client-id=17 --mojo-platform-channel-handle=5032 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1468,15517360771816186448,380223895025829062,131072 --service-pipe-token=D2519194630C25D6844312E9B1D0681F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=D2519194630C25D6844312E9B1D0681F --renderer-client-id=22 --mojo-platform-channel-handle=8612 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
"C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser_autoupdate.exe" --host --pipeid=oauc_task_piped97c5153f3602eb1fdb77254528dce68 --version=4.58.2552.909 --lang=cs --producttype --requesttype=automatic --downloaddir="C:\Program Files\AVAST Software\SZBrowser\Temp" --operadir="C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0" --installdir="C:\Program Files\AVAST Software\SZBrowser" --profile="C:\Program Files\AVAST Software\SZBrowser\Temp" --nometrics --scheduledtask
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1468,15517360771816186448,380223895025829062,131072 --service-pipe-token=2E9D6E734D856D72EFB31C46AD951A94 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --service-request-channel-token=2E9D6E734D856D72EFB31C46AD951A94 --renderer-client-id=36 --mojo-platform-channel-handle=8280 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 620 624 632 8192 628
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x310
"C:\Users\admin\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001Core.job - C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001UA.job - C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\8fvypf6x.default
prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/?utm_source=ch-to ... paign=home"
prefs.js - "keyword.URL" - "https://www.google.com/search?q={searchTerms}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.137 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 28.0.0.137 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll
C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\8fvypf6x.default\extensions\
toolbar@centrumholdings.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-04-04 43520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-07 3242696]
"Power Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2011-03-28 499304]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2017-03-09 193112]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2017-03-09 420960]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2017-03-09 463960]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-09-28 239856]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\admin\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [2017-11-14 601680]
"OneDrive"=C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-01-30 1554080]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]
"ArcadeMovieService"=C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-05-10 177448]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2017-03-09 460936]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-02-01 12:35:44 ----D---- C:\Program Files\trend micro
2018-02-01 12:35:43 ----D---- C:\rsit
======List of files/folders modified in the last 1 month======
2018-02-01 12:35:49 ----D---- C:\WINDOWS\Prefetch
2018-02-01 12:35:44 ----RD---- C:\Program Files
2018-02-01 12:34:04 ----D---- C:\WINDOWS\Temp
2018-02-01 12:33:40 ----D---- C:\WINDOWS\CbsTemp
2018-02-01 12:26:22 ----D---- C:\WINDOWS\System32
2018-02-01 12:26:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-01 12:24:53 ----D---- C:\WINDOWS\system32\sru
2018-02-01 12:24:02 ----AD---- C:\Program Files (x86)\TeamViewer
2018-01-30 10:00:44 ----D---- C:\ProgramData\clear.fi
2018-01-30 09:52:20 ----D---- C:\WINDOWS\system32\SleepStudy
2018-01-30 09:30:15 ----SHD---- C:\WINDOWS\Installer
2018-01-30 09:30:13 ----SHD---- C:\Config.Msi
2018-01-30 09:29:55 ----AD---- C:\Program Files\rempl
2018-01-30 09:20:05 ----D---- C:\WINDOWS\system32\catroot2
2018-01-30 09:20:03 ----SHD---- C:\System Volume Information
2018-01-30 09:17:59 ----D---- C:\WINDOWS\system32\Tasks
2018-01-30 09:15:18 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2018-01-30 09:09:10 ----D---- C:\ProgramData\NVIDIA
2018-01-25 08:57:24 ----D---- C:\WINDOWS\AppReadiness
2018-01-17 09:42:37 ----D---- C:\WINDOWS\INF
2018-01-10 22:44:56 ----D---- C:\WINDOWS\system32\config
2018-01-10 21:41:48 ----D---- C:\WINDOWS\WinSxS
2018-01-10 21:23:55 ----HD---- C:\Program Files\WindowsApps
2018-01-10 20:34:32 ----AD---- C:\WINDOWS\SysWOW64
2018-01-10 20:34:21 ----D---- C:\WINDOWS\system32\Macromed
2018-01-10 20:34:16 ----D---- C:\WINDOWS\SYSWOW64\Macromed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-09-28 198976]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-09-28 343296]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-09-28 57736]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-09-28 84416]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-09-28 361784]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-100; C:\WINDOWS\system32\drivers\iorate.sys [2016-11-02 48992]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2017-01-17 48696]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-09-28 320528]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-09-28 41832]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-09-28 110376]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-09-28 1016384]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-09-28 590880]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-07-16 88576]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-07-16 8192]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2011-08-05 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2011-08-05 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2011-08-05 62776]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-09-28 147784]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-09-28 199312]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2016-07-16 70144]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2016-07-16 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2016-07-16 78336]
R3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwnx.sys [2016-07-16 4233728]
R3 BTATH_BUS;@oem6.inf,%BTATH_BUS.SVCDESC%;Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2011-08-02 30368]
R3 ETD;@oem22.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-07 525512]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-03-09 5382856]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2016-07-16 121344]
R3 MEIx64;@oem7.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [2017-01-17 14190520]
R3 RSPCIESTOR;@oem9.inf,%Rts5208%;Realtek PCIE CardReader Driver; C:\WINDOWS\system32\DRIVERS\RtsPStor.sys [2015-06-03 374016]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-07-16 105824]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-07-16 101216]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-05 64352]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2016-07-16 58720]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2016-07-16 61792]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-04-28 88416]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2016-07-16 32096]
S1 MpKsl30b7982d;MpKsl30b7982d; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2C4CF1B8-6FA4-43DA-95A5-4C0ED4A52FF1}\MpKsl30b7982d.sys [2018-01-10 58120]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-07-16 18432]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2016-07-16 15360]
S3 aswHdsKe;aswHdsKe; \??\C:\WINDOWS\system32\drivers\aswHdsKe.sys [2017-11-20 121304]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-09-28 47016]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2016-07-16 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-07-16 38912]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-09-10 118272]
S3 dg_ssudbus;@oem71.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-07-16 20480]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-07-16 50016]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2016-10-26 73568]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-07-16 346976]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-07-16 2104160]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2016-07-16 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2016-07-16 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-07-16 64512]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-07-16 176384]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2016-07-16 526176]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-07-16 35840]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2016-07-16 120320]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-07-16 842584]
S3 mvusbews;@oem28.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2009-12-04 20480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2016-07-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2016-07-16 90624]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2016-07-16 928608]
S3 scmdisk0101;@scmdisk0101.inf,%scmdisk0101.SvcDesc%;Microsoft NVDIMM-N disk driver; C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-07-16 123904]
S3 ssudmdm;@oem72.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-09-28 275208]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CDPUserSvc_64e524;CDPUserSvc_64e524; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 CxAudMsg;Conexant Audio Message Service; C:\Windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2011-03-28 799848]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-07 144072]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2009-12-03 126520]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-27 1817088]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-12-29 458176]
R2 OneSyncSvc_64e524;Hostitel synchronizace_64e524; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-09-28 7452288]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-03-16 113704]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-03-09 300128]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-07-16 93184]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-08-25 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2016-05-25 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MessagingService_64e524;Služba zasílání zpráv_64e524; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-31 148080]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2008-10-24 145248]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 PimIndexMaintenanceSvc_64e524;Data kontaktů_64e524; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-04 1312768]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2016-07-16 44496]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2016-07-16 44496]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalé PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pomalé PC
Ahoj 
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Scan (Skenovanie) a pockaj na dokoncenie
- Klikni na Clean (Cistenie) a potvrd kliknutim na OK
- AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
- Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Pomalé PC
# AdwCleaner 7.0.7.0 - Logfile created on Thu Feb 01 15:31:35 2018
# Updated on 2018/18/01 by Malwarebytes
# Database: 01-31-2018.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [1727 B] - [2017/12/16 17:10:39]
C:/AdwCleaner/AdwCleaner[S0].txt - [1641 B] - [2017/12/16 17:9:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########
# Updated on 2018/18/01 by Malwarebytes
# Database: 01-31-2018.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [1727 B] - [2017/12/16 17:10:39]
C:/AdwCleaner/AdwCleaner[S0].txt - [1641 B] - [2017/12/16 17:9:45]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########
Re: Pomalé PC
Poprosim o log z FRST podla tohto navodu (vloz sem obidva logy): https://forum.viry.cz/viewtopic.php?f=13&t=152707 V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Pomalé PC
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by admin (administrator) on ADMIN-PC (01-02-2018 17:23:04)
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Platform: Windows 10 Home Version 1607 14393.1198 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [499304 2011-03-28] (Acer Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-28] (AVAST Software)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-05-10] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-392161629-819489254-3805429688-1001\...\Run: [Google Update] => C:\Users\admin\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-14] (Google Inc.)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll => C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2011-08-05]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{f8a0da2b-477a-4928-8678-82bd80cb23bd}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-392161629-819489254-3805429688-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://centrum.cz/
HKU\S-1-5-21-392161629-819489254-3805429688-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-392161629-819489254-3805429688-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-392161629-819489254-3805429688-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-04-04] (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\8fvypf6x.default [2018-02-01]
FF Homepage: Mozilla\Firefox\Profiles\8fvypf6x.default -> hxxp://www.centrum.cz/?utm_source=ch-toolbar&u ... paign=home
FF Extension: (Lišta Centrum.cz) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\8fvypf6x.default\Extensions\toolbar@centrumholdings.com [2015-04-20] [Legacy] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2011-10-07] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-392161629-819489254-3805429688-1001: @tools.google.com/Google Update;version=3 -> C:\Users\admin\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-392161629-819489254-3805429688-1001: @tools.google.com/Google Update;version=9 -> C:\Users\admin\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxxp://www.bing.com/?pc=U223","hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2018-02-01]
CHR Extension: (Prezentace) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (SEO Profesional Toolbar) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adecfhccdknoobplgempjhbojlbpahhn [2017-01-02]
CHR Extension: (Dokumenty) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22]
CHR Extension: (Vyhledávání Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-22]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-10-16]
CHR Extension: (SEO SERP Workbench) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2017-01-02]
CHR Extension: (Tabulky) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-01]
CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-17]
CHR Extension: (Gestures for Google Chrome™) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk [2017-01-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-16]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-13]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-16]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-28] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-28] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-03-16] (AVAST Software)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [799848 2011-03-28] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-27] (Realsil Microelectronics Inc.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320528 2017-09-28] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-09-28] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343296 2017-09-28] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-09-28] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [121304 2017-11-20] (AVAST Software)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47016 2017-09-28] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-28] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147784 2017-09-28] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-09-28] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-09-28] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1016384 2017-09-28] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [590880 2017-09-28] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [199312 2017-09-28] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361784 2017-09-28] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S1 MpKsl30b7982d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2C4CF1B8-6FA4-43DA-95A5-4C0ED4A52FF1}\MpKsl30b7982d.sys [58120 2018-01-10] () [File not signed]
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2009-12-04] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U4 aspnet_state; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-01 17:23 - 2018-02-01 17:23 - 000019942 _____ C:\Users\admin\Desktop\FRST.txt
2018-02-01 17:22 - 2018-02-01 17:23 - 000000000 ____D C:\FRST
2018-02-01 17:22 - 2018-02-01 17:22 - 000007606 _____ C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2018-02-01 17:20 - 2018-02-01 17:22 - 000112640 _____ (forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher.exe
2018-02-01 17:19 - 2018-02-01 17:20 - 002393088 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2018-02-01 16:28 - 2018-02-01 16:28 - 008206624 _____ (Malwarebytes) C:\Users\admin\Desktop\adwcleaner_7.0.7.0.exe
2018-02-01 12:35 - 2018-02-01 12:36 - 000000000 ____D C:\rsit
2018-02-01 12:35 - 2018-02-01 12:35 - 000000000 ____D C:\Program Files\trend micro
2018-02-01 12:34 - 2018-02-01 12:35 - 001222144 _____ C:\Users\admin\Desktop\RSITx64.exe
2018-01-30 09:18 - 2018-01-30 09:18 - 000000000 ____D C:\Users\admin\AppData\Local\{D2A90ACA-C503-4E3D-8DDA-830807C1B1B0}
2018-01-25 09:18 - 2018-01-25 09:18 - 000106545 _____ C:\Users\admin\Desktop\Zdeňka Davidová.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-01 16:59 - 2016-10-26 18:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-01 16:31 - 2017-12-16 18:07 - 000000000 ____D C:\AdwCleaner
2018-02-01 13:52 - 2016-07-16 12:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-01 13:30 - 2016-07-16 12:47 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-01 13:30 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-01 12:38 - 2011-10-06 21:24 - 000000000 ____D C:\ProgramData\clear.fi
2018-02-01 12:26 - 2016-07-16 23:25 - 001091054 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-01 12:26 - 2016-07-16 23:25 - 000290950 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-01 12:26 - 2016-06-05 13:29 - 002760784 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-01 12:24 - 2015-01-07 09:41 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-01-30 10:09 - 2016-10-26 18:44 - 000000000 ____D C:\Users\admin
2018-01-30 09:29 - 2017-08-13 20:41 - 000000000 ____D C:\Program Files\rempl
2018-01-30 09:18 - 2011-10-06 19:02 - 000000000 ____D C:\Users\admin\AppData\Local\Windows Live
2018-01-30 09:17 - 2017-07-28 06:04 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-392161629-819489254-3805429688-1001
2018-01-30 09:17 - 2016-06-05 20:51 - 000002429 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-30 09:17 - 2016-06-05 20:50 - 000000000 ___RD C:\Users\admin\OneDrive
2018-01-30 09:09 - 2016-10-26 19:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-30 09:09 - 2016-10-26 18:40 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-17 09:42 - 2016-07-16 12:45 - 000000000 ____D C:\WINDOWS\INF
2018-01-10 21:03 - 2014-08-30 05:38 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-10 21:03 - 2014-08-30 05:38 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-10 20:34 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-10 20:34 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-07 20:53 - 2016-07-16 07:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
==================== Files in the root of some directories =======
2012-10-09 17:54 - 2009-08-27 16:50 - 000000701 _____ () C:\Users\admin\AppData\Roaming\init.dll
2012-10-09 17:54 - 2009-09-10 17:01 - 000000701 _____ () C:\Users\admin\AppData\Roaming\sound.dll
2012-10-09 17:54 - 2009-09-11 15:33 - 000000006 _____ () C:\Users\admin\AppData\Roaming\SYSTEM32.dll
2018-02-01 17:22 - 2018-02-01 17:22 - 000007606 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-01 16:41
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Acer) (Fixed) (Total:578.07 GB) (Free:359.43 GB) NTFS
Available physical RAM: 2271.11 MB
Total physical RAM: 3947.86 MB
Percentage of memory in use: 42%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 9EDE18FA)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=578.1 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001Core.job => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001UA.job => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\admin\Desktop" je 19 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Ran by admin (administrator) on ADMIN-PC (01-02-2018 17:23:04)
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Platform: Windows 10 Home Version 1607 14393.1198 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [499304 2011-03-28] (Acer Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-28] (AVAST Software)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-05-10] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-392161629-819489254-3805429688-1001\...\Run: [Google Update] => C:\Users\admin\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-14] (Google Inc.)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll => C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2011-08-05]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{f8a0da2b-477a-4928-8678-82bd80cb23bd}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-392161629-819489254-3805429688-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://centrum.cz/
HKU\S-1-5-21-392161629-819489254-3805429688-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-392161629-819489254-3805429688-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-392161629-819489254-3805429688-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2013-04-04] (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\8fvypf6x.default [2018-02-01]
FF Homepage: Mozilla\Firefox\Profiles\8fvypf6x.default -> hxxp://www.centrum.cz/?utm_source=ch-toolbar&u ... paign=home
FF Extension: (Lišta Centrum.cz) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\8fvypf6x.default\Extensions\toolbar@centrumholdings.com [2015-04-20] [Legacy] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2011-10-07] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-392161629-819489254-3805429688-1001: @tools.google.com/Google Update;version=3 -> C:\Users\admin\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-392161629-819489254-3805429688-1001: @tools.google.com/Google Update;version=9 -> C:\Users\admin\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com","hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP","hxxp://www.bing.com/?pc=U223","hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2018-02-01]
CHR Extension: (Prezentace) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-16]
CHR Extension: (SEO Profesional Toolbar) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adecfhccdknoobplgempjhbojlbpahhn [2017-01-02]
CHR Extension: (Dokumenty) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22]
CHR Extension: (Vyhledávání Google) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-22]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-10-16]
CHR Extension: (SEO SERP Workbench) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2017-01-02]
CHR Extension: (Tabulky) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (AdBlock) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-01]
CHR Extension: (Avast Online Security) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-17]
CHR Extension: (Gestures for Google Chrome™) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk [2017-01-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-16]
CHR Extension: (Gmail) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-13]
CHR Extension: (Chrome Media Router) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-16]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-28] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-28] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-03-16] (AVAST Software)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [799848 2011-03-28] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-27] (Realsil Microelectronics Inc.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320528 2017-09-28] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-09-28] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343296 2017-09-28] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-09-28] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [121304 2017-11-20] (AVAST Software)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47016 2017-09-28] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-28] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147784 2017-09-28] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-09-28] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-09-28] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1016384 2017-09-28] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [590880 2017-09-28] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [199312 2017-09-28] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361784 2017-09-28] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S1 MpKsl30b7982d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2C4CF1B8-6FA4-43DA-95A5-4C0ED4A52FF1}\MpKsl30b7982d.sys [58120 2018-01-10] () [File not signed]
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2009-12-04] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_bdd6ea477d4e2fba\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U4 aspnet_state; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-01 17:23 - 2018-02-01 17:23 - 000019942 _____ C:\Users\admin\Desktop\FRST.txt
2018-02-01 17:22 - 2018-02-01 17:23 - 000000000 ____D C:\FRST
2018-02-01 17:22 - 2018-02-01 17:22 - 000007606 _____ C:\Users\admin\AppData\Local\Resmon.ResmonCfg
2018-02-01 17:20 - 2018-02-01 17:22 - 000112640 _____ (forum.viry.cz) C:\Users\admin\Desktop\FRSTLauncher.exe
2018-02-01 17:19 - 2018-02-01 17:20 - 002393088 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2018-02-01 16:28 - 2018-02-01 16:28 - 008206624 _____ (Malwarebytes) C:\Users\admin\Desktop\adwcleaner_7.0.7.0.exe
2018-02-01 12:35 - 2018-02-01 12:36 - 000000000 ____D C:\rsit
2018-02-01 12:35 - 2018-02-01 12:35 - 000000000 ____D C:\Program Files\trend micro
2018-02-01 12:34 - 2018-02-01 12:35 - 001222144 _____ C:\Users\admin\Desktop\RSITx64.exe
2018-01-30 09:18 - 2018-01-30 09:18 - 000000000 ____D C:\Users\admin\AppData\Local\{D2A90ACA-C503-4E3D-8DDA-830807C1B1B0}
2018-01-25 09:18 - 2018-01-25 09:18 - 000106545 _____ C:\Users\admin\Desktop\Zdeňka Davidová.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-02-01 16:59 - 2016-10-26 18:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-01 16:31 - 2017-12-16 18:07 - 000000000 ____D C:\AdwCleaner
2018-02-01 13:52 - 2016-07-16 12:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-01 13:30 - 2016-07-16 12:47 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-01 13:30 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-01 12:38 - 2011-10-06 21:24 - 000000000 ____D C:\ProgramData\clear.fi
2018-02-01 12:26 - 2016-07-16 23:25 - 001091054 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-01 12:26 - 2016-07-16 23:25 - 000290950 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-01 12:26 - 2016-06-05 13:29 - 002760784 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-01 12:24 - 2015-01-07 09:41 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-01-30 10:09 - 2016-10-26 18:44 - 000000000 ____D C:\Users\admin
2018-01-30 09:29 - 2017-08-13 20:41 - 000000000 ____D C:\Program Files\rempl
2018-01-30 09:18 - 2011-10-06 19:02 - 000000000 ____D C:\Users\admin\AppData\Local\Windows Live
2018-01-30 09:17 - 2017-07-28 06:04 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-392161629-819489254-3805429688-1001
2018-01-30 09:17 - 2016-06-05 20:51 - 000002429 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-01-30 09:17 - 2016-06-05 20:50 - 000000000 ___RD C:\Users\admin\OneDrive
2018-01-30 09:09 - 2016-10-26 19:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-30 09:09 - 2016-10-26 18:40 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-17 09:42 - 2016-07-16 12:45 - 000000000 ____D C:\WINDOWS\INF
2018-01-10 21:03 - 2014-08-30 05:38 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-10 21:03 - 2014-08-30 05:38 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-10 20:34 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-10 20:34 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-07 20:53 - 2016-07-16 07:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
==================== Files in the root of some directories =======
2012-10-09 17:54 - 2009-08-27 16:50 - 000000701 _____ () C:\Users\admin\AppData\Roaming\init.dll
2012-10-09 17:54 - 2009-09-10 17:01 - 000000701 _____ () C:\Users\admin\AppData\Roaming\sound.dll
2012-10-09 17:54 - 2009-09-11 15:33 - 000000006 _____ () C:\Users\admin\AppData\Roaming\SYSTEM32.dll
2018-02-01 17:22 - 2018-02-01 17:22 - 000007606 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-02-01 16:41
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Acer) (Fixed) (Total:578.07 GB) (Free:359.43 GB) NTFS
Available physical RAM: 2271.11 MB
Total physical RAM: 3947.86 MB
Percentage of memory in use: 42%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 9EDE18FA)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=578.1 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001Core.job => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001UA.job => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\admin\Desktop" je 19 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Re: Pomalé PC
Poprosim este o log Addition.txt Otvor Spravcu uloh (Ctrl+Shift+Esc) a pozri, ktory program/proces vytazuje HDD.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Pomalé PC
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by admin (01-02-2018 17:24:15)
Running from C:\Users\admin\Desktop
Windows 10 Home Version 1607 14393.1198 (X64) (2016-10-26 18:16:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
admin (S-1-5-21-392161629-819489254-3805429688-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-392161629-819489254-3805429688-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-392161629-819489254-3805429688-503 - Limited - Disabled)
Guest (S-1-5-21-392161629-819489254-3805429688-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-392161629-819489254-3805429688-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.01.3002 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0630.2011 - Acer Incorporated)
Acer USB Charge Manager (HKLM-x32\...\{F53A49E6-9FB1-4A5A-B1D9-82BA116196B7}) (Version: 1.00.3001 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (HKLM-x32\...\WTA-55cec7b0-31c5-420f-bd14-ca1da64bf635) (Version: 2.2.0.98 - WildTangent) Hidden
Altus Vario 12.0 (HKLM-x32\...\Altus Vario 12.0) (Version: - Altus software s.r.o.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
Backup Manager V3 (HKLM-x32\...\{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-2eaea05d-9e31-412c-9e09-06ef4e57e436) (Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.90 - Atheros Communications)
clear.fi (HKLM-x32\...\{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}) (Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.00 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}) (Version: 9.0.7709 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.00 - CyberLink Corp.)
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (HKLM-x32\...\WTA-575e5e71-322c-42f6-8aa8-ed36f40b0613) (Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FATE (HKLM-x32\...\WTA-724a7787-af4b-43de-92ae-6524d43bb9bc) (Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (HKLM-x32\...\WTA-715a0467-7240-48b2-9e73-727544012753) (Version: 2.2.0.95 - WildTangent) Hidden
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
ChromecastApp (HKU\S-1-5-21-392161629-819489254-3805429688-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Chuzzle Deluxe (HKLM-x32\...\WTA-3429378f-04e2-4898-b491-dae8b027e5da) (Version: 2.2.0.95 - WildTangent) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (HKLM-x32\...\WTA-171873b4-4cf8-42e9-85fe-84c5da1cd620) (Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Jewel Match 3 (HKLM-x32\...\WTA-dc61aa40-b965-4be5-ad08-365974171774) (Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (HKLM-x32\...\WTA-0c8aaad4-f464-4b63-964e-dec28f137a7a) (Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-6e45c75d-1a3a-402b-b3bf-f3f7fb09ccb7) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access Runtime (Czech) 2007 (HKLM-x32\...\{90120000-001C-0405-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-392161629-819489254-3805429688-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 cs)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (HKLM-x32\...\WTA-bcbac6fe-ee09-4c1e-a4a0-eb143b762116) (Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (HKLM\...\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}) (Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker 4 (HKLM-x32\...\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}) (Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.)
newsXpresso (HKLM-x32\...\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
NTI Media Maker 9 (HKLM-x32\...\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NVIDIA Ovladače grafiky 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.3 - Frank Heindörfer, Philip Chinery)
PDFTiger (HKLM-x32\...\PDFTiger_is1) (Version: - )
PDFTiger Kernel (HKLM-x32\...\{DE252510-5687-4C60-A705-C43E19F12C9D}_is1) (Version: - )
PDFTigerDriver (HKLM-x32\...\{AEM384L1-28E3-1232-1233-1JD74JDIEK32}_is1) (Version: - )
Penguins! (HKLM-x32\...\WTA-9e13650c-9b79-4982-a407-50ebc229af8c) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-cb95fbf2-5714-4709-ab8a-e887efc2d851) (Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (HKLM-x32\...\WTA-0b7724cd-f782-4173-9137-e58895dcdd43) (Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
Shredder (HKLM\...\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (HKLM-x32\...\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Slingo Deluxe (HKLM-x32\...\WTA-e11e5866-0656-406f-840e-77d209a0b9b2) (Version: 2.2.0.95 - WildTangent) Hidden
Software602 Form Filler (HKLM-x32\...\{72882900-0AB6-458C-8C36-6AB6FA5CB978}) (Version: 4.50 - Software602 a.s.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Torchlight (HKLM-x32\...\WTA-0452893e-852f-4346-98c4-aee6ee26b5a8) (Version: 2.2.0.97 - WildTangent) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-b282becf-cb37-4218-9033-05d20349c98b) (Version: 2.2.0.97 - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wedding Dash (HKLM-x32\...\WTA-409978eb-274d-4ab4-9c83-ed810a484976) (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
WildTangent Games App (Acer Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.5.14 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zuma Deluxe (HKLM-x32\...\WTA-54e4d8ac-ae43-4ddd-ae27-dee9f8abfab6) (Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-392161629-819489254-3805429688-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-392161629-819489254-3805429688-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-392161629-819489254-3805429688-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-28] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-28] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-28] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-28] (AVAST Software)
ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll [2011-04-02] (Egis Technology Inc. )
ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2011-03-29] (Egis Technology Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-28] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {062136ED-8D93-4C08-A62E-538B018126AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0B1FC05E-ADFD-4CDE-8FED-148E99EA458A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0C8721CC-C5EF-40EB-B896-C1E7D9F5C5D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001UA1d25870fe968896 => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {0F0D181B-399E-438B-8042-64B99D55FB1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1577C86C-DDBB-455E-9F64-53B6F5EEA1FA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {1675C949-52E6-443C-9C10-17E762B4720B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {19A4801F-641F-4555-8FBA-209B1E8C8FA4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {1EF84A12-C54C-412A-A667-2D04B7C7ED1B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {202F5178-9444-44FE-8892-ECEEAF419C5B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {20ED57AD-DFBA-4742-8C07-AFE55D6E0833} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {29EEBBF7-FD9C-41A8-BEC2-3DC7E4F86DD4} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {2BA3420C-F544-493C-8826-0DD69E620E46} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3352A064-8043-48E9-8D48-244A4A7DAE47} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {37483071-79F9-48B1-BD79-0287DAD79AD3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3D3884FA-8A44-4B75-8EAA-6B072BC707A1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-01-07] (AVAST Software)
Task: {494F5370-F5EB-4411-A431-7CBF9D39AAC3} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4BCE2EF2-273A-42CE-81DD-368DA38074D6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5B0BACBF-C9B8-4C8D-BF78-DAD8760476C3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {66A2D6E2-866B-4FF4-AE72-98C6AB96B591} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.)
Task: {69D14A81-25B0-49B2-80B3-84BA814D7BBE} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72FE95FD-4BA8-41AB-AC71-9949AB07F346} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {76335829-E7BD-4506-9094-EB6B9A821C21} - System32\Tasks\SafeZone scheduled Autoupdate 1468824706 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {76432DD4-D0D4-461B-8828-DE09072137E6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7649F167-65CC-47AF-A28D-E92A3CD50029} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {76AC0F89-7ACA-4125-8C3F-AEAD968C3CA7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8035D069-115F-4012-AFA1-2B41DB2AC807} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {81E762F9-BCFD-4804-853F-FB892B43965C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {82D1D672-D8C2-4A36-B07F-4945B90A6FA3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {87EAE57A-2270-4AE1-B7B5-546E8CB65E10} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {885CF75C-08D2-4F69-A00F-B3A1F88CF822} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8A8A6092-B88B-438E-88EE-FB3690EF1B4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8E308F03-85C9-4125-A0BE-0C837B5FABF3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {96F20E05-E532-464B-9C60-840D31EB173E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A97841D0-94A2-44EA-B2F1-00D78EE62AA1} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated)
Task: {ABAC16DF-EEF2-4AE3-AB2E-8FC4D651B483} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {AFB46155-E9FD-42E6-9A21-3410B4FD92D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {B496277D-22B2-4745-B7D9-09CBF729C585} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {B4F98294-7C7B-4E6F-A21C-73BA6CE9AA7B} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink)
Task: {B65FF723-62DB-4798-8B62-BE06A9EEFE19} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BCFC5F09-7C93-4DCE-970E-40D80530D990} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {BDD15393-9530-4B6B-903D-4FF7864FA23E} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-06-06] (Adobe Systems Incorporated)
Task: {BF44BC53-E908-42D0-A159-A28246369E29} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {C8410843-A8C0-4559-A8A4-B9646EE9B506} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {CB840800-5057-4812-ADC1-8CC43BBDD524} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001Core1d25870fe53c68c => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {CF9F707D-2C33-491C-B54B-0AE5C5706353} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-28] (AVAST Software)
Task: {D1F15BBA-A865-4B5C-A500-A378FF4AFBF6} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D8C0B231-44AA-47DE-8844-B231A2BE4FDC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001Core => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {DE2B5331-3E81-4F8E-9161-F042C271D9E4} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {DE53B95E-D8B0-4131-AA00-7C25DE85F8BD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DF46A705-774C-4060-AB07-F67B328DFB4D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001UA => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {E49E11AC-0CC0-46EC-8C48-E60F23A8BF25} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {E5964BB6-C64F-48C0-BEFF-372EF1361CBC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {F4EE0466-5025-497C-A2A1-114618411F04} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F9DB03F2-01B3-49F0-94B2-B153E7D78EEC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {FD4FA759-448E-4772-9667-B2C430DFCAD7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001Core.job => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001UA.job => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2011-10-11 09:15 - 2009-11-20 12:43 - 000405504 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2011-10-11 09:16 - 2009-11-20 12:43 - 000074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2011-10-11 09:15 - 2009-11-20 12:43 - 003092480 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\hpm1210su.dll
2011-10-11 09:15 - 2009-11-20 13:06 - 001038336 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\HPM1210GC.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-25 13:44 - 2017-04-28 01:49 - 002681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-10-26 18:40 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-01-22 00:45 - 2009-01-22 00:45 - 001401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2016-10-26 19:25 - 2016-10-26 19:25 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-28 07:12 - 2017-03-04 07:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-28 07:15 - 2017-03-04 07:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-28 07:15 - 2017-03-04 07:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-28 07:15 - 2017-03-04 07:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-25 13:43 - 2017-04-28 00:36 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-25 13:44 - 2017-04-28 00:37 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2017-03-09 01:16 - 000112264 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-01-03 21:09 - 2018-01-03 21:10 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-03 21:09 - 2018-01-03 21:10 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-03 21:09 - 2018-01-03 21:10 - 024670720 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-03 21:09 - 2018-01-03 21:10 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-03 21:11 - 2018-01-03 21:11 - 026507776 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-01-03 21:11 - 2018-01-03 21:11 - 008370176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-28 07:00 - 2017-09-28 07:00 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-03 21:11 - 2018-01-03 21:11 - 010137600 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\EntPlat.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 000465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 000125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 001081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-05-20 19:13 - 2011-05-20 19:13 - 000206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2017-09-28 20:01 - 2017-09-28 20:01 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-09-28 20:01 - 2017-09-28 20:01 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-09-28 20:02 - 2017-09-28 20:02 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-09-28 20:01 - 2017-09-28 20:01 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-09-28 20:01 - 2017-09-28 20:01 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-09-28 20:01 - 2017-09-28 20:01 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-09-28 20:01 - 2017-09-28 20:06 - 000692408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-02-01 12:24 - 2018-02-01 12:24 - 005779088 _____ () C:\Program Files\AVAST Software\Avast\defs\18020102\algo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2016-06-28 08:25 - 000000838 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-392161629-819489254-3805429688-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E58183FF-C795-41CD-9164-9BB3B25F01BB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0C6C844B-D00A-40BD-82E0-A1574D7C27D3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{12ECE95B-DDE7-4BCA-B99D-836F83BE05B8}] => (Allow) LPort=2869
FirewallRules: [{223143CC-410C-45F1-8500-B90466A2D9C9}] => (Allow) LPort=1900
FirewallRules: [{E5F16643-4A1F-4F56-9B3C-4C5EAABFB568}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{3F32F997-DBFE-4199-A985-71D92BDF96F9}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\VC.exe
FirewallRules: [{F1A44D7C-BF3B-4FBF-9D7A-4DCB4677631A}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
FirewallRules: [{7A2D299C-BC81-4440-BFFC-871D8304E5E7}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{145F8528-0D17-4FB4-B838-B5EE2204DDA6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{AF6104DB-59B2-45D6-B7B9-0BFB663E70AB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{27C234D3-0BC4-4F68-8A2A-48DAC06D0349}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{CD7A30FC-23A0-4A50-838C-BCD5ACFEE323}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{87B3E629-D01D-49BD-9BC0-8DD10A836653}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{70807441-A690-4CE0-8C62-8D27D1FAEB67}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EC51940A-D9E7-4A6C-B825-C63BEFF3EF75}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{F5E2CAE5-1A67-41AE-A7B0-6CEE654CC2CA}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{644F884E-1383-438E-B86C-0DDE40D81B46}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6CA2FFAB-CF10-4947-BFA5-27928EFA385D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5FA244AC-4F00-4C4C-B152-11D643208396}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C05C12E1-BEFE-4059-BA43-DEFA5A77330C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0733DD9A-FBD2-48B9-AB86-BAE3522C8FF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CD47CBE1-7ABD-4FE3-AE0E-A16E63F7FC04}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DF364120-4D5C-4BC1-889F-F3895845DB78}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{DEB10E08-F5C4-4459-AC01-675A9D1490A8}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{E96C4F13-1886-4A5C-A514-2CA7F70B018A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
06-12-2017 21:00:31 Windows Update
13-12-2017 23:25:28 Naplánovaný kontrolní bod
27-12-2017 18:45:42 Windows Update
27-12-2017 18:47:02 Windows Update
31-12-2017 15:37:35 Windows Update
05-01-2018 21:41:14 Windows Update
05-01-2018 21:42:19 Windows Update
30-01-2018 09:16:31 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/01/2018 04:26:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: admin-PC)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (02/01/2018 03:14:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: admin-PC)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (02/01/2018 12:46:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (01/30/2018 09:52:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: admin-PC)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (01/30/2018 09:52:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: admin-PC)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (01/30/2018 09:52:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: admin-PC)
Description: Aplikace Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen se nespustila ve stanovenou dobu.
Error: (01/30/2018 09:18:39 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (01/25/2018 09:10:24 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (01/25/2018 08:52:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: admin-PC)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (01/10/2018 08:53:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
System errors:
=============
Error: (02/01/2018 03:14:26 PM) (Source: DCOM) (EventID: 10010) (User: admin-PC)
Description: Server App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/01/2018 12:24:29 PM) (Source: DCOM) (EventID: 10016) (User: admin-PC)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli admin-PC\admin (SID: S-1-5-21-392161629-819489254-3805429688-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/01/2018 12:24:11 PM) (Source: DCOM) (EventID: 10016) (User: admin-PC)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli admin-PC\admin (SID: S-1-5-21-392161629-819489254-3805429688-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/01/2018 12:22:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/30/2018 10:09:01 AM) (Source: DCOM) (EventID: 10010) (User: admin-PC)
Description: Server {D63B10C5-BB46-4990-A94F-E40B9D520160} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/30/2018 09:52:37 AM) (Source: DCOM) (EventID: 10010) (User: admin-PC)
Description: Server App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/30/2018 09:30:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (01/30/2018 09:30:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (01/30/2018 09:30:12 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (01/30/2018 09:30:12 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
CodeIntegrity:
===================================
Date: 2018-01-01 15:08:19.796
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-08 23:23:00.854
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:23:00.654
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:23:00.598
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:23:00.494
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:23:00.399
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:23:00.359
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:22:56.534
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:22:53.643
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:00:40.197
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Percentage of memory in use: 42%
Total physical RAM: 3947.86 MB
Available physical RAM: 2271.11 MB
Total Virtual: 7915.86 MB
Available Virtual: 5909.71 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:578.07 GB) (Free:359.43 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 9EDE18FA)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=578.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by admin (01-02-2018 17:24:15)
Running from C:\Users\admin\Desktop
Windows 10 Home Version 1607 14393.1198 (X64) (2016-10-26 18:16:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
admin (S-1-5-21-392161629-819489254-3805429688-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-392161629-819489254-3805429688-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-392161629-819489254-3805429688-503 - Limited - Disabled)
Guest (S-1-5-21-392161629-819489254-3805429688-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-392161629-819489254-3805429688-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.01.3002 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0630.2011 - Acer Incorporated)
Acer USB Charge Manager (HKLM-x32\...\{F53A49E6-9FB1-4A5A-B1D9-82BA116196B7}) (Version: 1.00.3001 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (HKLM-x32\...\WTA-55cec7b0-31c5-420f-bd14-ca1da64bf635) (Version: 2.2.0.98 - WildTangent) Hidden
Altus Vario 12.0 (HKLM-x32\...\Altus Vario 12.0) (Version: - Altus software s.r.o.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
Backup Manager V3 (HKLM-x32\...\{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation) Hidden
Bejeweled 2 Deluxe (HKLM-x32\...\WTA-2eaea05d-9e31-412c-9e09-06ef4e57e436) (Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.90 - Atheros Communications)
clear.fi (HKLM-x32\...\{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}) (Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.00 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}) (Version: 9.0.7709 - CyberLink Corp.) Hidden
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.00 - CyberLink Corp.)
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Crazy Chicken Kart 2 (HKLM-x32\...\WTA-575e5e71-322c-42f6-8aa8-ed36f40b0613) (Version: 2.2.0.97 - WildTangent) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FATE (HKLM-x32\...\WTA-724a7787-af4b-43de-92ae-6524d43bb9bc) (Version: 2.2.0.97 - WildTangent) Hidden
Final Drive: Nitro (HKLM-x32\...\WTA-715a0467-7240-48b2-9e73-727544012753) (Version: 2.2.0.95 - WildTangent) Hidden
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
Fotogalerija Windows Live (HKLM-x32\...\{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (HKLM-x32\...\{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (HKLM-x32\...\{4736B0ED-F6A1-48EC-A1B7-C053027648F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
ChromecastApp (HKU\S-1-5-21-392161629-819489254-3805429688-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Chuzzle Deluxe (HKLM-x32\...\WTA-3429378f-04e2-4898-b491-dae8b027e5da) (Version: 2.2.0.95 - WildTangent) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Insaniquarium Deluxe (HKLM-x32\...\WTA-171873b4-4cf8-42e9-85fe-84c5da1cd620) (Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Jewel Match 3 (HKLM-x32\...\WTA-dc61aa40-b965-4be5-ad08-365974171774) (Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (HKLM-x32\...\WTA-0c8aaad4-f464-4b63-964e-dec28f137a7a) (Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-6e45c75d-1a3a-402b-b3bf-f3f7fb09ccb7) (Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access Runtime (Czech) 2007 (HKLM-x32\...\{90120000-001C-0405-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-392161629-819489254-3805429688-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 cs)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (HKLM-x32\...\WTA-bcbac6fe-ee09-4c1e-a4a0-eb143b762116) (Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (HKLM\...\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}) (Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker 4 (HKLM-x32\...\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}) (Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.)
newsXpresso (HKLM-x32\...\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.) Hidden
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
NTI Media Maker 9 (HKLM-x32\...\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
NVIDIA Ovladače grafiky 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.3 - Frank Heindörfer, Philip Chinery)
PDFTiger (HKLM-x32\...\PDFTiger_is1) (Version: - )
PDFTiger Kernel (HKLM-x32\...\{DE252510-5687-4C60-A705-C43E19F12C9D}_is1) (Version: - )
PDFTigerDriver (HKLM-x32\...\{AEM384L1-28E3-1232-1233-1JD74JDIEK32}_is1) (Version: - )
Penguins! (HKLM-x32\...\WTA-9e13650c-9b79-4982-a407-50ebc229af8c) (Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-cb95fbf2-5714-4709-ab8a-e887efc2d851) (Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (HKLM-x32\...\WTA-0b7724cd-f782-4173-9137-e58895dcdd43) (Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (HKLM-x32\...\{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
Shredder (HKLM\...\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (HKLM-x32\...\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}) (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Slingo Deluxe (HKLM-x32\...\WTA-e11e5866-0656-406f-840e-77d209a0b9b2) (Version: 2.2.0.95 - WildTangent) Hidden
Software602 Form Filler (HKLM-x32\...\{72882900-0AB6-458C-8C36-6AB6FA5CB978}) (Version: 4.50 - Software602 a.s.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Torchlight (HKLM-x32\...\WTA-0452893e-852f-4346-98c4-aee6ee26b5a8) (Version: 2.2.0.97 - WildTangent) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-b282becf-cb37-4218-9033-05d20349c98b) (Version: 2.2.0.97 - WildTangent) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Wedding Dash (HKLM-x32\...\WTA-409978eb-274d-4ab4-9c83-ed810a484976) (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3503 - Acer Incorporated)
WildTangent Games App (Acer Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.5.14 - WildTangent) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zuma Deluxe (HKLM-x32\...\WTA-54e4d8ac-ae43-4ddd-ae27-dee9f8abfab6) (Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (HKLM-x32\...\{CE929F09-3853-4180-BD90-30764BFF7136}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-392161629-819489254-3805429688-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-392161629-819489254-3805429688-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-392161629-819489254-3805429688-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-28] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-28] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-28] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-28] (AVAST Software)
ContextMenuHandlers3: [MWLIVShellExt] -> {B1B294FE-EC1E-4fef-AF68-D34CE3E38157} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\MWLIVShellExt.dll [2011-04-02] (Egis Technology Inc. )
ContextMenuHandlers3: [ShredderContextMenu] -> {521065F1-DE6C-4E46-BBCB-89B0D0BE860D} => C:\Program Files (x86)\EgisTec Shredder\x64\ShredderContextMenu.dll [2011-03-29] (Egis Technology Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-28] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {062136ED-8D93-4C08-A62E-538B018126AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0B1FC05E-ADFD-4CDE-8FED-148E99EA458A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0C8721CC-C5EF-40EB-B896-C1E7D9F5C5D9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001UA1d25870fe968896 => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {0F0D181B-399E-438B-8042-64B99D55FB1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1577C86C-DDBB-455E-9F64-53B6F5EEA1FA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {1675C949-52E6-443C-9C10-17E762B4720B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {19A4801F-641F-4555-8FBA-209B1E8C8FA4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {1EF84A12-C54C-412A-A667-2D04B7C7ED1B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {202F5178-9444-44FE-8892-ECEEAF419C5B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {20ED57AD-DFBA-4742-8C07-AFE55D6E0833} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {29EEBBF7-FD9C-41A8-BEC2-3DC7E4F86DD4} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {2BA3420C-F544-493C-8826-0DD69E620E46} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {3352A064-8043-48E9-8D48-244A4A7DAE47} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {37483071-79F9-48B1-BD79-0287DAD79AD3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {3D3884FA-8A44-4B75-8EAA-6B072BC707A1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [2018-01-07] (AVAST Software)
Task: {494F5370-F5EB-4411-A431-7CBF9D39AAC3} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4BCE2EF2-273A-42CE-81DD-368DA38074D6} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5B0BACBF-C9B8-4C8D-BF78-DAD8760476C3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {66A2D6E2-866B-4FF4-AE72-98C6AB96B591} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.)
Task: {69D14A81-25B0-49B2-80B3-84BA814D7BBE} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72FE95FD-4BA8-41AB-AC71-9949AB07F346} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {76335829-E7BD-4506-9094-EB6B9A821C21} - System32\Tasks\SafeZone scheduled Autoupdate 1468824706 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {76432DD4-D0D4-461B-8828-DE09072137E6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7649F167-65CC-47AF-A28D-E92A3CD50029} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {76AC0F89-7ACA-4125-8C3F-AEAD968C3CA7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8035D069-115F-4012-AFA1-2B41DB2AC807} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {81E762F9-BCFD-4804-853F-FB892B43965C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {82D1D672-D8C2-4A36-B07F-4945B90A6FA3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {87EAE57A-2270-4AE1-B7B5-546E8CB65E10} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {885CF75C-08D2-4F69-A00F-B3A1F88CF822} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8A8A6092-B88B-438E-88EE-FB3690EF1B4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8E308F03-85C9-4125-A0BE-0C837B5FABF3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {96F20E05-E532-464B-9C60-840D31EB173E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A97841D0-94A2-44EA-B2F1-00D78EE62AA1} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated)
Task: {ABAC16DF-EEF2-4AE3-AB2E-8FC4D651B483} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {AFB46155-E9FD-42E6-9A21-3410B4FD92D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {B496277D-22B2-4745-B7D9-09CBF729C585} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {B4F98294-7C7B-4E6F-A21C-73BA6CE9AA7B} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink)
Task: {B65FF723-62DB-4798-8B62-BE06A9EEFE19} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BCFC5F09-7C93-4DCE-970E-40D80530D990} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {BDD15393-9530-4B6B-903D-4FF7864FA23E} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-06-06] (Adobe Systems Incorporated)
Task: {BF44BC53-E908-42D0-A159-A28246369E29} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {C8410843-A8C0-4559-A8A4-B9646EE9B506} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {CB840800-5057-4812-ADC1-8CC43BBDD524} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001Core1d25870fe53c68c => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {CF9F707D-2C33-491C-B54B-0AE5C5706353} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-28] (AVAST Software)
Task: {D1F15BBA-A865-4B5C-A500-A378FF4AFBF6} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D8C0B231-44AA-47DE-8844-B231A2BE4FDC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001Core => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {DE2B5331-3E81-4F8E-9161-F042C271D9E4} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {DE53B95E-D8B0-4131-AA00-7C25DE85F8BD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DF46A705-774C-4060-AB07-F67B328DFB4D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001UA => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {E49E11AC-0CC0-46EC-8C48-E60F23A8BF25} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {E5964BB6-C64F-48C0-BEFF-372EF1361CBC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {F4EE0466-5025-497C-A2A1-114618411F04} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F9DB03F2-01B3-49F0-94B2-B153E7D78EEC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {FD4FA759-448E-4772-9667-B2C430DFCAD7} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001Core.job => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-392161629-819489254-3805429688-1001UA.job => C:\Users\admin\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2011-10-11 09:15 - 2009-11-20 12:43 - 000405504 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2011-10-11 09:16 - 2009-11-20 12:43 - 000074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2011-10-11 09:15 - 2009-11-20 12:43 - 003092480 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\hpm1210su.dll
2011-10-11 09:15 - 2009-11-20 13:06 - 001038336 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\HPM1210GC.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-25 13:44 - 2017-04-28 01:49 - 002681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-10-26 18:40 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2009-01-22 00:45 - 2009-01-22 00:45 - 001401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2016-10-26 19:25 - 2016-10-26 19:25 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-28 07:12 - 2017-03-04 07:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-28 07:15 - 2017-03-04 07:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-28 07:15 - 2017-03-04 07:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-28 07:15 - 2017-03-04 07:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-25 13:43 - 2017-04-28 00:36 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-25 13:44 - 2017-04-28 00:37 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2017-03-09 01:16 - 000112264 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-01-03 21:09 - 2018-01-03 21:10 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-03 21:09 - 2018-01-03 21:10 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-03 21:09 - 2018-01-03 21:10 - 024670720 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-03 21:09 - 2018-01-03 21:10 - 002550272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-03 21:11 - 2018-01-03 21:11 - 026507776 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-01-03 21:11 - 2018-01-03 21:11 - 008370176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-28 07:00 - 2017-09-28 07:00 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-01-03 21:11 - 2018-01-03 21:11 - 010137600 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\EntPlat.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 000465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 000125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 001081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-05-20 19:13 - 2011-05-20 19:13 - 000206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2017-09-28 20:01 - 2017-09-28 20:01 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-09-28 20:01 - 2017-09-28 20:01 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-09-28 20:02 - 2017-09-28 20:02 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-09-28 20:01 - 2017-09-28 20:01 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-09-28 20:01 - 2017-09-28 20:01 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-09-28 20:01 - 2017-09-28 20:01 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-09-28 20:01 - 2017-09-28 20:06 - 000692408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2018-02-01 12:24 - 2018-02-01 12:24 - 005779088 _____ () C:\Program Files\AVAST Software\Avast\defs\18020102\algo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2016-06-28 08:25 - 000000838 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-392161629-819489254-3805429688-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{E58183FF-C795-41CD-9164-9BB3B25F01BB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0C6C844B-D00A-40BD-82E0-A1574D7C27D3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{12ECE95B-DDE7-4BCA-B99D-836F83BE05B8}] => (Allow) LPort=2869
FirewallRules: [{223143CC-410C-45F1-8500-B90466A2D9C9}] => (Allow) LPort=1900
FirewallRules: [{E5F16643-4A1F-4F56-9B3C-4C5EAABFB568}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{3F32F997-DBFE-4199-A985-71D92BDF96F9}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\VC.exe
FirewallRules: [{F1A44D7C-BF3B-4FBF-9D7A-4DCB4677631A}] => (Allow) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
FirewallRules: [{7A2D299C-BC81-4440-BFFC-871D8304E5E7}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{145F8528-0D17-4FB4-B838-B5EE2204DDA6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{AF6104DB-59B2-45D6-B7B9-0BFB663E70AB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{27C234D3-0BC4-4F68-8A2A-48DAC06D0349}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{CD7A30FC-23A0-4A50-838C-BCD5ACFEE323}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{87B3E629-D01D-49BD-9BC0-8DD10A836653}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{70807441-A690-4CE0-8C62-8D27D1FAEB67}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EC51940A-D9E7-4A6C-B825-C63BEFF3EF75}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{F5E2CAE5-1A67-41AE-A7B0-6CEE654CC2CA}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe
FirewallRules: [{644F884E-1383-438E-B86C-0DDE40D81B46}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6CA2FFAB-CF10-4947-BFA5-27928EFA385D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5FA244AC-4F00-4C4C-B152-11D643208396}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C05C12E1-BEFE-4059-BA43-DEFA5A77330C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0733DD9A-FBD2-48B9-AB86-BAE3522C8FF5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CD47CBE1-7ABD-4FE3-AE0E-A16E63F7FC04}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{DF364120-4D5C-4BC1-889F-F3895845DB78}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{DEB10E08-F5C4-4459-AC01-675A9D1490A8}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{E96C4F13-1886-4A5C-A514-2CA7F70B018A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
06-12-2017 21:00:31 Windows Update
13-12-2017 23:25:28 Naplánovaný kontrolní bod
27-12-2017 18:45:42 Windows Update
27-12-2017 18:47:02 Windows Update
31-12-2017 15:37:35 Windows Update
05-01-2018 21:41:14 Windows Update
05-01-2018 21:42:19 Windows Update
30-01-2018 09:16:31 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/01/2018 04:26:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: admin-PC)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2147023170. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (02/01/2018 03:14:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: admin-PC)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (02/01/2018 12:46:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (01/30/2018 09:52:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: admin-PC)
Description: Aplikaci Microsoft.Windows.Photos_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (01/30/2018 09:52:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: admin-PC)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (01/30/2018 09:52:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: admin-PC)
Description: Aplikace Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen se nespustila ve stanovenou dobu.
Error: (01/30/2018 09:18:39 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (01/25/2018 09:10:24 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
Error: (01/25/2018 08:52:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: admin-PC)
Description: Aplikaci Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (01/10/2018 08:53:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
System errors:
=============
Error: (02/01/2018 03:14:26 PM) (Source: DCOM) (EventID: 10010) (User: admin-PC)
Description: Server App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (02/01/2018 12:24:29 PM) (Source: DCOM) (EventID: 10016) (User: admin-PC)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli admin-PC\admin (SID: S-1-5-21-392161629-819489254-3805429688-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/01/2018 12:24:11 PM) (Source: DCOM) (EventID: 10016) (User: admin-PC)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
a APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
uživateli admin-PC\admin (SID: S-1-5-21-392161629-819489254-3805429688-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/01/2018 12:22:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (01/30/2018 10:09:01 AM) (Source: DCOM) (EventID: 10010) (User: admin-PC)
Description: Server {D63B10C5-BB46-4990-A94F-E40B9D520160} se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/30/2018 09:52:37 AM) (Source: DCOM) (EventID: 10010) (User: admin-PC)
Description: Server App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (01/30/2018 09:30:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (01/30/2018 09:30:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (01/30/2018 09:30:12 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
Error: (01/30/2018 09:30:12 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou:
Nesprávná funkce.
CodeIntegrity:
===================================
Date: 2018-01-01 15:08:19.796
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-06-08 23:23:00.854
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:23:00.654
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:23:00.598
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:23:00.494
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:23:00.399
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:23:00.359
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:22:56.534
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:22:53.643
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-06-08 23:00:40.197
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2330M CPU @ 2.20GHz
Percentage of memory in use: 42%
Total physical RAM: 3947.86 MB
Available physical RAM: 2271.11 MB
Total Virtual: 7915.86 MB
Available Virtual: 5909.71 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:578.07 GB) (Free:359.43 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 9EDE18FA)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=578.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Re: Pomalé PC
vypadá to že zátěž HDD už zmizela
Re: Pomalé PC
System nebol od 05/2017 aktualizovany. Otvor Start -> Nastavenia -> Aktualizacia a zabezpecenie -> Vyhladat aktualizacie a nechaj system aktualizovat a restartovat. Je tiez dost mozne, ze to vytazenie sposobili prave aktualizacie. Inak log vyzera OK, len precistime par zbytocnosti. Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint. HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-392161629-819489254-3805429688-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com SearchScopes: HKU\S-1-5-21-392161629-819489254-3805429688-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-392161629-819489254-3805429688-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> U4 aspnet_state; no ImagePath CustomCLSID: HKU\S-1-5-21-392161629-819489254-3805429688-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File Task: {062136ED-8D93-4C08-A62E-538B018126AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {0F0D181B-399E-438B-8042-64B99D55FB1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {1577C86C-DDBB-455E-9F64-53B6F5EEA1FA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {29EEBBF7-FD9C-41A8-BEC2-3DC7E4F86DD4} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION Task: {3352A064-8043-48E9-8D48-244A4A7DAE47} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {37483071-79F9-48B1-BD79-0287DAD79AD3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {5B0BACBF-C9B8-4C8D-BF78-DAD8760476C3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {72FE95FD-4BA8-41AB-AC71-9949AB07F346} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {76432DD4-D0D4-461B-8828-DE09072137E6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {76AC0F89-7ACA-4125-8C3F-AEAD968C3CA7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {82D1D672-D8C2-4A36-B07F-4945B90A6FA3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {B496277D-22B2-4745-B7D9-09CBF729C585} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION Task: {C8410843-A8C0-4559-A8A4-B9646EE9B506} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {DE53B95E-D8B0-4131-AA00-7C25DE85F8BD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {E49E11AC-0CC0-46EC-8C48-E60F23A8BF25} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Pomalé PC
konečně se mi podařilo ho aktualizovat
Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by admin (02-02-2018 15:17:24) Run:1
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-392161629-819489254-3805429688-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKU\S-1-5-21-392161629-819489254-3805429688-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-392161629-819489254-3805429688-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U4 aspnet_state; no ImagePath
CustomCLSID: HKU\S-1-5-21-392161629-819489254-3805429688-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
Task: {062136ED-8D93-4C08-A62E-538B018126AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0F0D181B-399E-438B-8042-64B99D55FB1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1577C86C-DDBB-455E-9F64-53B6F5EEA1FA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {29EEBBF7-FD9C-41A8-BEC2-3DC7E4F86DD4} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {3352A064-8043-48E9-8D48-244A4A7DAE47} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {37483071-79F9-48B1-BD79-0287DAD79AD3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5B0BACBF-C9B8-4C8D-BF78-DAD8760476C3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {72FE95FD-4BA8-41AB-AC71-9949AB07F346} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {76432DD4-D0D4-461B-8828-DE09072137E6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {76AC0F89-7ACA-4125-8C3F-AEAD968C3CA7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {82D1D672-D8C2-4A36-B07F-4945B90A6FA3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B496277D-22B2-4745-B7D9-09CBF729C585} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {C8410843-A8C0-4559-A8A4-B9646EE9B506} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {DE53B95E-D8B0-4131-AA00-7C25DE85F8BD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E49E11AC-0CC0-46EC-8C48-E60F23A8BF25} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
CreateRestorePoint. => Error: No automatic fix found for this entry.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-392161629-819489254-3805429688-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-392161629-819489254-3805429688-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-392161629-819489254-3805429688-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
"HKLM\System\CurrentControlSet\Services\aspnet_state" => removed successfully
aspnet_state => service removed successfully
"HKU\S-1-5-21-392161629-819489254-3805429688-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{062136ED-8D93-4C08-A62E-538B018126AC} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{062136ED-8D93-4C08-A62E-538B018126AC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F0D181B-399E-438B-8042-64B99D55FB1B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F0D181B-399E-438B-8042-64B99D55FB1B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1577C86C-DDBB-455E-9F64-53B6F5EEA1FA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1577C86C-DDBB-455E-9F64-53B6F5EEA1FA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29EEBBF7-FD9C-41A8-BEC2-3DC7E4F86DD4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29EEBBF7-FD9C-41A8-BEC2-3DC7E4F86DD4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3352A064-8043-48E9-8D48-244A4A7DAE47}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3352A064-8043-48E9-8D48-244A4A7DAE47}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37483071-79F9-48B1-BD79-0287DAD79AD3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37483071-79F9-48B1-BD79-0287DAD79AD3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B0BACBF-C9B8-4C8D-BF78-DAD8760476C3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B0BACBF-C9B8-4C8D-BF78-DAD8760476C3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72FE95FD-4BA8-41AB-AC71-9949AB07F346}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72FE95FD-4BA8-41AB-AC71-9949AB07F346}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76432DD4-D0D4-461B-8828-DE09072137E6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76432DD4-D0D4-461B-8828-DE09072137E6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76AC0F89-7ACA-4125-8C3F-AEAD968C3CA7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76AC0F89-7ACA-4125-8C3F-AEAD968C3CA7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82D1D672-D8C2-4A36-B07F-4945B90A6FA3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82D1D672-D8C2-4A36-B07F-4945B90A6FA3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B496277D-22B2-4745-B7D9-09CBF729C585}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B496277D-22B2-4745-B7D9-09CBF729C585}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C8410843-A8C0-4559-A8A4-B9646EE9B506}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8410843-A8C0-4559-A8A4-B9646EE9B506}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE53B95E-D8B0-4131-AA00-7C25DE85F8BD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE53B95E-D8B0-4131-AA00-7C25DE85F8BD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E49E11AC-0CC0-46EC-8C48-E60F23A8BF25}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E49E11AC-0CC0-46EC-8C48-E60F23A8BF25}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27064536 B
Java, Flash, Steam htmlcache => 1179 B
Windows/system/drivers => 1217296 B
Edge => 10823 B
Chrome => 81524555 B
Firefox => 124948819 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
admin => 14145802 B
RecycleBin => 4597143006 B
EmptyTemp: => 4.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:18:43 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by admin (02-02-2018 15:17:24) Run:1
Running from C:\Users\admin\Desktop
Loaded Profiles: admin (Available Profiles: admin)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-392161629-819489254-3805429688-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKU\S-1-5-21-392161629-819489254-3805429688-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-392161629-819489254-3805429688-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
U4 aspnet_state; no ImagePath
CustomCLSID: HKU\S-1-5-21-392161629-819489254-3805429688-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\admin\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
Task: {062136ED-8D93-4C08-A62E-538B018126AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0F0D181B-399E-438B-8042-64B99D55FB1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1577C86C-DDBB-455E-9F64-53B6F5EEA1FA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {29EEBBF7-FD9C-41A8-BEC2-3DC7E4F86DD4} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {3352A064-8043-48E9-8D48-244A4A7DAE47} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {37483071-79F9-48B1-BD79-0287DAD79AD3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5B0BACBF-C9B8-4C8D-BF78-DAD8760476C3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {72FE95FD-4BA8-41AB-AC71-9949AB07F346} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {76432DD4-D0D4-461B-8828-DE09072137E6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {76AC0F89-7ACA-4125-8C3F-AEAD968C3CA7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {82D1D672-D8C2-4A36-B07F-4945B90A6FA3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B496277D-22B2-4745-B7D9-09CBF729C585} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {C8410843-A8C0-4559-A8A4-B9646EE9B506} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {DE53B95E-D8B0-4131-AA00-7C25DE85F8BD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E49E11AC-0CC0-46EC-8C48-E60F23A8BF25} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
CreateRestorePoint. => Error: No automatic fix found for this entry.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-392161629-819489254-3805429688-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-392161629-819489254-3805429688-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-392161629-819489254-3805429688-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
"HKLM\System\CurrentControlSet\Services\aspnet_state" => removed successfully
aspnet_state => service removed successfully
"HKU\S-1-5-21-392161629-819489254-3805429688-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{062136ED-8D93-4C08-A62E-538B018126AC} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{062136ED-8D93-4C08-A62E-538B018126AC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F0D181B-399E-438B-8042-64B99D55FB1B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F0D181B-399E-438B-8042-64B99D55FB1B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1577C86C-DDBB-455E-9F64-53B6F5EEA1FA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1577C86C-DDBB-455E-9F64-53B6F5EEA1FA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29EEBBF7-FD9C-41A8-BEC2-3DC7E4F86DD4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29EEBBF7-FD9C-41A8-BEC2-3DC7E4F86DD4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3352A064-8043-48E9-8D48-244A4A7DAE47}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3352A064-8043-48E9-8D48-244A4A7DAE47}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37483071-79F9-48B1-BD79-0287DAD79AD3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37483071-79F9-48B1-BD79-0287DAD79AD3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B0BACBF-C9B8-4C8D-BF78-DAD8760476C3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B0BACBF-C9B8-4C8D-BF78-DAD8760476C3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72FE95FD-4BA8-41AB-AC71-9949AB07F346}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72FE95FD-4BA8-41AB-AC71-9949AB07F346}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76432DD4-D0D4-461B-8828-DE09072137E6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76432DD4-D0D4-461B-8828-DE09072137E6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76AC0F89-7ACA-4125-8C3F-AEAD968C3CA7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76AC0F89-7ACA-4125-8C3F-AEAD968C3CA7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{82D1D672-D8C2-4A36-B07F-4945B90A6FA3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82D1D672-D8C2-4A36-B07F-4945B90A6FA3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B496277D-22B2-4745-B7D9-09CBF729C585}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B496277D-22B2-4745-B7D9-09CBF729C585}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C8410843-A8C0-4559-A8A4-B9646EE9B506}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8410843-A8C0-4559-A8A4-B9646EE9B506}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE53B95E-D8B0-4131-AA00-7C25DE85F8BD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE53B95E-D8B0-4131-AA00-7C25DE85F8BD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E49E11AC-0CC0-46EC-8C48-E60F23A8BF25}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E49E11AC-0CC0-46EC-8C48-E60F23A8BF25}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27064536 B
Java, Flash, Steam htmlcache => 1179 B
Windows/system/drivers => 1217296 B
Edge => 10823 B
Chrome => 81524555 B
Firefox => 124948819 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
admin => 14145802 B
RecycleBin => 4597143006 B
EmptyTemp: => 4.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:18:43 ====
Re: Pomalé PC
Log vyzera OK. Su este nejake problemy s PC? Upraceme po pouzitych nastrojoch:
- Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
- Uloz na plochu a spusti
- Nechaj oznacenu moznost "Remove disinfection tools"
- Klikni na "Run"
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Pomalé PC
Vypadá to že je vše OK.
Děkuji moc
Děkuji moc
Re: Pomalé PC
Nie je zaco, rad som pomohol
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Přispějete na provoz fóra?